Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and previous versions, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual bo...
Gnu Glibc
NA
CVE-2010-4756
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an F...
Gnu Glibc
2 Github repositories
9.8
CVSSv3
CVE-2005-3590
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing malicious users to corrupt memory.
Gnu Glibc
5.9
CVSSv3
CVE-2016-10228
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and previous versions, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, lead...
Gnu Glibc
5.5
CVSSv3
CVE-2019-7309
In the GNU C Library (aka glibc or libc6) up to and including 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
Gnu Glibc
9.8
CVSSv3
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) prior to 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow malicious users to access a dangling pointer in an application whose developer was unaware of a doc...
Gnu Glibc
1 Github repository
8.8
CVSSv3
CVE-2019-1010023
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute co...
Gnu Glibc -
1 Github repository
5.3
CVSSv3
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Gnu Glibc -
5.9
CVSSv3
CVE-2017-12133
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) prior to 2.26 allows remote malicious users to have unspecified impact via vectors related to error path.
Gnu Glibc
8.1
CVSSv3
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »