Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-3998
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
Gnu Glibc
Netapp Ontap Select Deploy Administration Utility -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2021-3999
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to pote...
Gnu Glibc
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp E-series Performance Analyzer -
Netapp Nfs Plug-in
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
1 Github repository
9.8
CVSSv3
CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) up to and including 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of ser...
Gnu Glibc
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Debian Debian Linux 10.0
1 Github repository
9.8
CVSSv3
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) up to and including 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of se...
Gnu Glibc
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Debian Debian Linux 10.0
1 Github repository
7.5
CVSSv3
CVE-2021-43396
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use ...
Gnu Glibc 2.34
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
7.5
CVSSv3
CVE-2021-38604
In librt in the GNU C Library (aka glibc) up to and including 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
Gnu Glibc
Fedoraproject Fedora 35
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
9.1
CVSSv3
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) up to and including 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This oc...
Gnu Glibc
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Debian Debian Linux 10.0
2 Github repositories
9.8
CVSSv3
CVE-2021-33574
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (applicat...
Gnu Glibc 2.33
Gnu Glibc 2.32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Debian Debian Linux 10.0
3 Github repositories
5.3
CVSSv3
CVE-2021-3470
A heap overflow issue was found in Redis in versions prior to 5.0.10, prior to 6.0.9 and prior to 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast...
Redislabs Redis
Redislabs Redis 6.2.0
5.5
CVSSv3
CVE-2020-27618
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and previous versions, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in appl...
Gnu Glibc
Netapp Ontap Select Deploy Administration Utility -
Netapp A250 Firmware -
Netapp 500f Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »