Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc 2.13 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
7.5
CVSSv2
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
7.5
CVSSv2
CVE-2012-4412
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overf...
Gnu Glibc 2.12.2
Gnu Glibc 2.12.1
Gnu Glibc 2.1.2
Gnu Glibc 2.1.1.6
Gnu Glibc 2.0.2
Gnu Glibc 2.0.1
Gnu Glibc 2.15
Gnu Glibc 2.14.1
Gnu Glibc 2.11.1
Gnu Glibc 2.11
Gnu Glibc 2.10.1
Gnu Glibc 2.0.6
Gnu Glibc 2.0.5
Gnu Glibc
Gnu Glibc 2.16
Gnu Glibc 2.11.3
Gnu Glibc 2.11.2
Gnu Glibc 2.1.1
Gnu Glibc 2.1
Gnu Glibc 2.0
Gnu Glibc 2.14
Gnu Glibc 2.13
1 EDB exploit
6.9
CVSSv2
CVE-2009-5064
ldd in the GNU C Library (aka glibc or libc6) 2.13 and previous versions allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is j...
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
Gnu Glibc 2.1
Gnu Glibc
Gnu Glibc 1.09.1
Gnu Glibc 2.0.1
Gnu Glibc 1.09
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 1.03
Gnu Glibc 1.08
6.8
CVSSv2
CVE-2011-2702
Integer signedness error in Glibc prior to 2.13 and eglibc prior to 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent malicious users to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) me...
Gnu Glibc 2.12.1
Gnu Glibc
Gnu Glibc 2.12
Gnu Eglibc
1 EDB exploit
6.8
CVSSv2
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent malicious users to bypass the...
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Gnu Glibc 2.5
Gnu Glibc 2.12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
6.8
CVSSv2
CVE-2009-5029
Integer overflow in the __tzfile_read function in glibc prior to 2.15 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.0
Gnu Glibc 2.13
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1
Gnu Glibc 2.1.9
Gnu Glibc 2.0.1
Gnu Glibc 2.0.4
Gnu Glibc 2.0.2
Gnu Glibc 2.1.3
Gnu Glibc
1 EDB exploit
6.2
CVSSv2
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) prior to 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses t...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
5.1
CVSSv2
CVE-2012-4424
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and previous versions allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure...
Gnu Glibc 2.15
Gnu Glibc 2.14.1
Gnu Glibc 2.14
Gnu Glibc 2.11
Gnu Glibc 2.10.1
Gnu Glibc 2.0.6
Gnu Glibc 2.0.5
Gnu Glibc 2.13
Gnu Glibc 2.12.2
Gnu Glibc 2.1.9
Gnu Glibc 2.1.3
Gnu Glibc 2.0.4
Gnu Glibc 2.0.3
Gnu Glibc 2.12.1
Gnu Glibc 2.11.3
Gnu Glibc 2.1.2
Gnu Glibc 2.1.1.6
Gnu Glibc 2.0.2
Gnu Glibc 2.0.1
Gnu Glibc
Gnu Glibc 2.16
Gnu Glibc 2.11.2
5.1
CVSSv2
CVE-2013-4788
The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and previous versions, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent malicious users to control execution flow ...
Gnu Glibc
Gnu Glibc 2.11.3
Gnu Glibc 2.11.2
Gnu Glibc 2.1.1.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.1
Gnu Glibc 2.0
Gnu Glibc 2.14.1
Gnu Glibc 2.14
Gnu Glibc 2.10.1
Gnu Glibc 2.1.9
Gnu Glibc 2.0.5
Gnu Glibc 2.0.4
Gnu Glibc 2.13
Gnu Glibc 2.12.2
Gnu Glibc 2.12.1
Gnu Glibc 2.1.3
Gnu Glibc 2.1.2
Gnu Glibc 2.0.3
Gnu Glibc 2.0.2
Gnu Glibc 2.16
Gnu Glibc 2.15
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »