| Max CVSS | 10.0 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-5064 | 6.9 |
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor s
|
07-08-2024 - 08:16 | 30-03-2011 - 22:55 | |
| CVE-2015-0235 | 10.0 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
|
14-02-2024 - 01:17 | 28-01-2015 - 19:59 | |
| CVE-2011-1071 | 5.1 |
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka
|
13-02-2023 - 03:23 | 08-04-2011 - 15:17 | |
| CVE-2010-0296 | 7.2 |
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of
|
13-02-2023 - 02:21 | 01-06-2010 - 20:30 | |
| CVE-2009-5029 | 6.8 |
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
|
13-02-2023 - 02:20 | 02-05-2013 - 14:55 | |
| CVE-2011-1095 | 6.2 |
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that e
|
13-02-2023 - 00:15 | 10-04-2011 - 02:55 | |
| CVE-2011-1659 | 5.0 |
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted p
|
09-10-2018 - 19:31 | 08-04-2011 - 15:17 | |
| CVE-2010-0830 | 5.1 |
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary
|
17-08-2017 - 01:32 | 01-06-2010 - 20:30 | |
| CVE-2011-1089 | 3.3 |
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonst
|
07-12-2016 - 18:15 | 10-04-2011 - 02:55 | |
| CVE-2011-4609 | 5.0 |
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
|
03-05-2013 - 04:00 | 02-05-2013 - 14:55 |