Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc 2.2.5 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote malicious users to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services suc...
Openbsd Openbsd 3.1
Sun Sunos 5.7
Sun Sunos 5.8
Sun Sunos 5.5.1
Sun Solaris 2.6
Sun Solaris 9.0
Freebsd Freebsd
Microsoft Windows Nt 4.0
Microsoft Windows Xp -
Microsoft Windows 2000 -
NA
CVE-2011-1089
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and previous versions does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from...
Gnu Glibc 1.03
Gnu Glibc 1.02
Gnu Glibc 1.09
Gnu Glibc 1.08
Gnu Glibc 2.0.5
Gnu Glibc 2.0.4
Gnu Glibc 2.0.3
Gnu Glibc 2.0.2
Gnu Glibc 2.0.1
Gnu Glibc 2.1.2
Gnu Glibc 2.1.3
Gnu Glibc 2.1.3.10
Gnu Glibc 2.1.9
Gnu Glibc 2.11.3
Gnu Glibc 2.11.2
Gnu Glibc 2.12.2
Gnu Glibc
Gnu Glibc 2.3.5
Gnu Glibc 2.8
Gnu Glibc 2.9
Gnu Glibc 2.10
Gnu Glibc 2.2.4
NA
CVE-2011-1095
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) prior to 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses t...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
NA
CVE-2011-1071
The GNU C Library (aka glibc or libc6) prior to 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent malicious users to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extensi...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
1 EDB exploit
NA
CVE-2011-1659
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and previous versions allows context-dependent malicious users to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argumen...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
NA
CVE-2011-1658
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and previous versions expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or...
Gnu Glibc 1.00
Gnu Glibc 1.08
Gnu Glibc 1.07
Gnu Glibc 2.10.1
Gnu Glibc 2.1
Gnu Glibc 2.0.1
Gnu Glibc 2.0
Gnu Glibc 2.3.1
Gnu Glibc 2.3.10
Gnu Glibc 2.2
Gnu Glibc 2.2.1
Gnu Glibc 2.5
Gnu Glibc 2.5.1
Gnu Glibc
Gnu Glibc 1.04
Gnu Glibc 1.03
Gnu Glibc 2.3.5
Gnu Glibc 2.8
Gnu Glibc 2.0.5
Gnu Glibc 2.0.4
Gnu Glibc 2.2.3
Gnu Glibc 2.2.4
NA
CVE-2010-3847
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) up to and including 2.11.2, and 2.12.x up to and including 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
4 EDB exploits
1 Github repository
NA
CVE-2010-3856
ld.so in the GNU C Library (aka glibc or libc6) prior to 2.11.3, and 2.12.x prior to 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging ...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 1.00
Gnu Glibc 1.06
Gnu Glibc 2.1.1
Gnu Glibc 1.02
Gnu Glibc 2.0.3
Gnu Glibc 1.07
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.12.0
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 1.04
Gnu Glibc 1.01
3 EDB exploits
NA
CVE-2010-0830
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 up to and including 2.11.1, when the --verify option is used, allows user-assisted remote malicious users to execute arbitrary code via a c...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.11
Gnu Glibc 2.0.5
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.10.1
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
Gnu Glibc 2.0.1
NA
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and previous versions allow context-dependent malicious users to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstra...
Gnu Glibc 2.2.2
Gnu Glibc 2.9
Gnu Glibc 2.7
Gnu Glibc 2.1.2
Gnu Glibc 2.0.5
Gnu Glibc
Gnu Glibc 2.2.5
Gnu Glibc 2.0.6
Gnu Glibc 2.1.1
Gnu Glibc 2.0.3
Gnu Glibc 2.3.1
Gnu Glibc 2.3
Gnu Glibc 2.0
Gnu Glibc 2.1.1.6
Gnu Glibc 2.3.10
Gnu Glibc 2.4
Gnu Glibc 2.1
Gnu Glibc 2.3.4
Gnu Glibc 2.1.9
Gnu Glibc 2.3.3
Gnu Glibc 2.6.1
Gnu Glibc 2.0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »