Max CVSS 10.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-4332 4.3
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially
02-02-2023 - 20:15 09-10-2013 - 22:55
CVE-2010-3856 7.2
CVE-2010-3856 glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
02-02-2023 - 17:17 07-01-2011 - 19:00
CVE-2014-5119 7.5
An off-by-one heap-based buffer overflow flaw was found in glibc's internal __gconv_translit_find() function. An attacker able to make an application call the iconv_open() function with a specially crafted argument could possibly use this flaw to exe
02-02-2023 - 16:16 29-08-2014 - 16:55
CVE-2012-3480 4.6
CVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
02-02-2023 - 16:15 25-08-2012 - 10:29
CVE-2012-0864 6.8
CVE-2012-0864 glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow
02-02-2023 - 15:15 02-05-2013 - 14:55
CVE-2010-3847 6.9
CVE-2010-3847 glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs
02-02-2023 - 14:15 07-01-2011 - 19:00
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
05-07-2022 - 18:42 28-01-2015 - 19:59
CVE-2013-1914 5.0
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that trigg
01-09-2021 - 18:15 29-04-2013 - 22:55
CVE-2017-1000366 7.2
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t
15-10-2020 - 13:28 19-06-2017 - 16:29
CVE-2012-6686 5.0
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4357. Reason: This candidate is a duplicate of CVE-2013-4357. Notes: All CVE users should reference CVE-2013-4357 instead of this candidate. All references and descriptions in this c
07-02-2020 - 21:15 07-02-2020 - 21:15
CVE-2012-3406 6.8
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers
22-04-2019 - 17:48 10-02-2014 - 18:15
CVE-2011-1659 5.0
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted p
09-10-2018 - 19:31 08-04-2011 - 15:17
CVE-2013-7424 5.1
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demon
28-11-2016 - 19:10 26-08-2015 - 19:59
CVE-2011-4609 5.0
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
03-05-2013 - 04:00 02-05-2013 - 14:55
Back to Top Mark selected
Back to Top