Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glibc vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2010-0015
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote malicious users to obtain the encrypted passwords of NIS accounts by callin...
Gnu Glibc 2.10.2
Gnu Glibc 2.7
668
VMScore
CVE-2003-0689
The getgrouplist function in GNU libc (glibc) 2.2.4 and previous versions allows malicious users to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
Redhat Enterprise Linux 2.1
668
VMScore
CVE-2003-0028
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote malicious users to execute arbitrary code via certain integer values i...
Gnu Glibc 2.1.1
Gnu Glibc 2.1.2
Gnu Glibc 2.3
Gnu Glibc 2.3.1
Mit Kerberos 5 1.2.5
Mit Kerberos 5 1.2.6
Openafs Openafs 1.0.4a
Openafs Openafs 1.1
Openafs Openafs 1.2.3
Openafs Openafs 1.2.4
Sgi Irix 6.5.1
Sgi Irix 6.5.10
Sgi Irix 6.5.12f
Sgi Irix 6.5.12m
Sgi Irix 6.5.13
Sgi Irix 6.5.15f
Sgi Irix 6.5.15m
Sgi Irix 6.5.18
Sgi Irix 6.5.18f
Gnu Glibc 2.1.3
Gnu Glibc 2.2
Gnu Glibc 2.2.1
668
VMScore
CVE-2002-0684
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and previous versions, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnet...
Isc Bind 4.9.8
Gnu Glibc
668
VMScore
CVE-2000-0335
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local malicious user to spoof DNS query results.
Gnu Glibc 2.1
Gnu Glibc 2.1.2
Gnu Glibc 2.1.3
Isc Bind 8.2
Isc Bind 8.2.1
Gnu Glibc 2.0
Gnu Glibc 2.1.1
Isc Bind 8.2.2
642
VMScore
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
642
VMScore
CVE-2010-0296
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and previous versions, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corrup...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
641
VMScore
CVE-2007-3508
Integer overflow in the process_envvars function in elf/rtld.c in glibc prior to 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitab...
Gentoo Glibc
641
VMScore
CVE-2000-1207
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-20...
Redhat Linux
632
VMScore
CVE-2019-25013
The iconv feature in the GNU C Library (aka glibc or libc6) up to and including 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
Gnu Glibc
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
Broadcom Fabric Operating System -
Netapp A250 Firmware -
Netapp 500f Firmware -
Debian Debian Linux 10.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »