Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2007-3508
Integer overflow in the process_envvars function in elf/rtld.c in glibc prior to 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitab...
Gentoo Glibc
446
VMScore
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Gnu Glibc -
187
VMScore
CVE-2011-5320
scanf and related functions in glibc prior to 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.
Gnu Glibc
668
VMScore
CVE-2005-3590
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing malicious users to corrupt memory.
Gnu Glibc
409
VMScore
CVE-2019-6488
The string component in the GNU C Library (aka glibc or libc6) up to and including 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, ...
Gnu Glibc
NA
CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE:...
Gnu Glibc
668
VMScore
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) prior to 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow malicious users to access a dangling pointer in an application whose developer was unaware of a doc...
Gnu Glibc
1 Github repository
383
VMScore
CVE-2017-15671
The glob function in glob.c in the GNU C Library (aka glibc or libc6) prior to 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
Gnu Glibc
605
VMScore
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
605
VMScore
CVE-2015-8983
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) prior to 2.22 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to comput...
Gnu Glibc
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »