Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) prior to 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow malicious users to access a dangling pointer in an application whose developer was unaware of a doc...
Gnu Glibc
1 Github repository
5.9
CVSSv3
CVE-2017-12133
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) prior to 2.26 allows remote malicious users to have unspecified impact via vectors related to error path.
Gnu Glibc
5.9
CVSSv3
CVE-2017-15671
The glob function in glob.c in the GNU C Library (aka glibc or libc6) prior to 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
Gnu Glibc
NA
CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and previous versions, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual bo...
Gnu Glibc
7.8
CVSSv3
CVE-2019-6488
The string component in the GNU C Library (aka glibc or libc6) up to and including 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, ...
Gnu Glibc
8.1
CVSSv3
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
8.1
CVSSv3
CVE-2015-8983
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) prior to 2.22 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to comput...
Gnu Glibc
5.9
CVSSv3
CVE-2015-8984
The fnmatch function in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
Gnu Glibc
5.9
CVSSv3
CVE-2015-8985
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent malicious users to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
Gnu Glibc
5.5
CVSSv3
CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE:...
Gnu Glibc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »