Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
5.9
CVSSv3
CVE-2015-8984
The fnmatch function in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
Gnu Glibc
5.9
CVSSv3
CVE-2015-8985
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent malicious users to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
Gnu Glibc
7.5
CVSSv3
CVE-2019-9192
In the GNU C Library (aka glibc or libc6) up to and including 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that t...
Gnu Glibc
4 Github repositories
5.5
CVSSv3
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) prior to 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
Gnu Glibc
9.8
CVSSv3
CVE-2017-18269
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 up to and including 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of ...
Gnu Glibc
NA
CVE-2012-0864
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent malicious users to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arg...
Gnu Glibc 2.14
NA
CVE-2013-0242
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and previous versions, allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
Gnu Glibc 2.17
NA
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as ...
Gnu Glibc 2.1.1
1 EDB exploit
9.8
CVSSv3
CVE-2023-25139
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated strin...
Gnu Glibc 2.37
8 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »