Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libidn vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-2059
The stringprep_utf8_to_ucs4 function in libin prior to 1.31, as used in jabberd2, allows context-dependent malicious users to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.
Gnu Libidn
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Fedoraproject Fedora 21
Fedoraproject Fedora 22
5
CVSSv2
CVE-2016-6261
The idna_to_ascii_4i function in lib/idna.c in libidn prior to 1.33 allows context-dependent malicious users to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
Opensuse Leap 42.1
Gnu Libidn
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv2
CVE-2017-14062
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 prior to 2.0.4 allows remote malicious users to cause a denial of service or possibly have unspecified other impact.
Gnu Libidn2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2012-3404
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent malicious users to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a de...
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Canonical Ubuntu Linux 8.04
Gnu Glibc 2.12
5
CVSSv2
CVE-2012-3405
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent malicious users to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a de...
Gnu Glibc 2.14
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
6.8
CVSSv2
CVE-2012-3406
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent malicious users to bypass the...
Redhat Enterprise Linux 5
Redhat Enterprise Linux 6.0
Redhat Enterprise Virtualization 3.0
Gnu Glibc 2.5
Gnu Glibc 2.12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
7.5
CVSSv2
CVE-2014-4043
The posix_spawn_file_actions_addopen function in glibc prior to 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent malicious users to trigger use-after-free vulnerabilities.
Gnu Glibc
Opensuse Opensuse 13.1
1 Github repository
7.8
CVSSv2
CVE-2014-9402
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) prior to 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote malicious users to cause a denial of service (infinite loop) by sending a positive answer while a network...
Gnu Glibc
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started