|Max CVSS||7.8||Min CVSS||4.6||Total Count||3|
|ID||CVSS||Summary||Last (major) update||Published|
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
|02-01-2017 - 21:59||24-11-2014 - 10:59|
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow)
|14-10-2016 - 22:00||08-04-2015 - 06:59|
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive
|10-06-2016 - 17:24||24-02-2015 - 10:59|