| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-0235 | 10.0 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
|
14-02-2024 - 01:17 | 28-01-2015 - 19:59 | |
| CVE-2014-7817 | 4.6 |
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
|
13-02-2023 - 00:42 | 24-11-2014 - 15:59 | |
| CVE-2014-5119 | 7.5 |
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment vari
|
13-02-2023 - 00:42 | 29-08-2014 - 16:55 | |
| CVE-2014-0475 | 6.8 |
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG
|
28-11-2016 - 19:10 | 29-07-2014 - 14:55 |