Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) prior to 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
Gnu Glibc
5.3
CVSSv3
CVE-2023-6780
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size t...
Gnu Glibc
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.3
CVSSv3
CVE-2022-39046
An issue exists in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.
Gnu Glibc 2.36
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp Ontap Select Deploy Administration Utility -
5.3
CVSSv3
CVE-2021-3470
A heap overflow issue was found in Redis in versions prior to 5.0.10, prior to 6.0.9 and prior to 6.2.0 when using a heap allocator other than jemalloc or glibc's malloc, leading to potential out of bound write or process crash. Effectively this flaw does not affect the vast...
Redislabs Redis
Redislabs Redis 6.2.0
5.3
CVSSv3
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
Gnu Glibc -
1 Github repository
5.3
CVSSv3
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Gnu Glibc -
5.3
CVSSv3
CVE-2018-20852
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python prior to 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has ...
Python Python
5.3
CVSSv3
CVE-2016-10739
In the GNU C Library (aka glibc or libc6) up to and including 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a ...
Gnu Glibc
Opensuse Leap 15.0
4 Github repositories
4.8
CVSSv3
CVE-2020-29562
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Gnu Glibc
Fedoraproject Fedora 32
Netapp E-series Santricity Os Controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »