Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Gnu Glibc -
1 Github repository
5.3
CVSSv3
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Gnu Glibc -
5.5
CVSSv3
CVE-2015-20109
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE:...
Gnu Glibc
5.5
CVSSv3
CVE-2019-7309
In the GNU C Library (aka glibc or libc6) up to and including 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
Gnu Glibc
9.8
CVSSv3
CVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 up to and including 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of ...
Gnu Glibc
9.8
CVSSv3
CVE-2018-6551
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requ...
Gnu Glibc
5.9
CVSSv3
CVE-2017-12133
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) prior to 2.26 allows remote malicious users to have unspecified impact via vectors related to error path.
Gnu Glibc
5.9
CVSSv3
CVE-2016-10228
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and previous versions, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, lead...
Gnu Glibc
NA
CVE-2010-4756
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an F...
Gnu Glibc
2 Github repositories
7.5
CVSSv3
CVE-2019-9192
In the GNU C Library (aka glibc or libc6) up to and including 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that t...
Gnu Glibc
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »