Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu glibc vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2019-9192
In the GNU C Library (aka glibc or libc6) up to and including 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that t...
Gnu Glibc
4 Github repositories
187
VMScore
CVE-2011-5320
scanf and related functions in glibc prior to 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.
Gnu Glibc
668
VMScore
CVE-2014-9984
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
Gnu Glibc
357
VMScore
CVE-2010-4756
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an F...
Gnu Glibc
2 Github repositories
383
VMScore
CVE-2017-15671
The glob function in glob.c in the GNU C Library (aka glibc or libc6) prior to 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
Gnu Glibc
605
VMScore
CVE-2015-8982
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Gnu Glibc
383
VMScore
CVE-2015-8984
The fnmatch function in the GNU C Library (aka glibc or libc6) prior to 2.22 might allow context-dependent malicious users to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
Gnu Glibc
385
VMScore
CVE-2015-8985
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent malicious users to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
Gnu Glibc
187
VMScore
CVE-2006-7254
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
Gnu Glibc
383
VMScore
CVE-2017-12133
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) prior to 2.26 allows remote malicious users to have unspecified impact via vectors related to error path.
Gnu Glibc
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »