Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-0235 | 10.0 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
|
14-02-2024 - 01:17 | 28-01-2015 - 19:59 | |
CVE-2010-3856 | 7.2 |
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain
|
20-07-2023 - 18:15 | 07-01-2011 - 19:00 | |
CVE-2013-4332 | 4.3 |
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_mema
|
13-02-2023 - 04:46 | 09-10-2013 - 22:55 | |
CVE-2013-1914 | 5.0 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that trigg
|
13-02-2023 - 04:41 | 29-04-2013 - 22:55 | |
CVE-2010-3847 | 6.9 |
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted d
|
13-02-2023 - 04:26 | 07-01-2011 - 19:00 | |
CVE-2012-3480 | 4.6 |
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and
|
13-02-2023 - 03:28 | 25-08-2012 - 10:29 | |
CVE-2012-0864 | 6.8 |
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory v
|
13-02-2023 - 03:28 | 02-05-2013 - 14:55 | |
CVE-2014-5119 | 7.5 |
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment vari
|
13-02-2023 - 00:42 | 29-08-2014 - 16:55 | |
CVE-2017-1000366 | 7.2 |
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t
|
15-10-2020 - 13:28 | 19-06-2017 - 16:29 | |
CVE-2012-6686 | 5.0 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4357. Reason: This candidate is a duplicate of CVE-2013-4357. Notes: All CVE users should reference CVE-2013-4357 instead of this candidate. All references and descriptions in this c
|
07-02-2020 - 21:15 | 07-02-2020 - 21:15 | |
CVE-2012-3406 | 6.8 |
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers
|
22-04-2019 - 17:48 | 10-02-2014 - 18:15 | |
CVE-2011-1659 | 5.0 |
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted p
|
09-10-2018 - 19:31 | 08-04-2011 - 15:17 | |
CVE-2013-7424 | 5.1 |
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demon
|
28-11-2016 - 19:10 | 26-08-2015 - 19:59 | |
CVE-2011-4609 | 5.0 |
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
|
03-05-2013 - 04:00 | 02-05-2013 - 14:55 |