Vulnerabilities (CVE)

Vendor filter

Gnu Subscribe

Product filter

Glibc Subscribe

Filter

112 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-4332 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2017-07-01 4.3
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3)...
CVE-2013-4237 1 Gnu 1 Glibc 2017-07-01 6.8
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2)...
CVE-2013-2207 2 Fedoraproject, Gnu 2 Glibc, Fedora 2017-07-01 2.6
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
CVE-2013-1914 1 Gnu 1 Glibc 2017-07-01 5.0
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that...
CVE-2012-6656 3 Debian, Canonical, Gnu 3 Debian Linux, Ubuntu Linux, Glibc 2017-07-01 5.0
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data...
CVE-2012-4424 1 Gnu 1 Glibc 2017-07-01 5.1
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that...
CVE-2012-3480 1 Gnu 1 Glibc 2017-07-01 4.6
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash)...
CVE-2017-8804 1 Gnu 1 Glibc 2017-05-16 7.8
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an...
CVE-2015-8984 1 Gnu 1 Glibc 2017-03-22 4.3
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
CVE-2015-8983 1 Gnu 1 Glibc 2017-03-22 6.8
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via...
CVE-2015-8982 1 Gnu 1 Glibc 2017-03-17 6.8
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a...
CVE-2016-10228 1 Gnu 1 Glibc 2017-03-04 4.3
The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
CVE-2016-5417 1 Gnu 1 Glibc 2017-02-17 5.0
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial...
CVE-2014-5119 1 Gnu 1 Glibc 2017-01-07 7.5
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment...
CVE-2014-6040 1 Gnu 1 Glibc 2017-01-03 5.0
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3)...
CVE-2011-1089 1 Gnu 1 Glibc 2016-12-07 3.3
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as...
CVE-2010-0015 1 Gnu 1 Glibc 2016-12-07 7.5
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted...
CVE-2015-1781 2 Suse, Gnu 4 Linux Enterprise Server, Glibc, Linux Enterprise Desktop and 1 more 2016-12-06 6.8
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS...
CVE-2015-1473 2 Canonical, Gnu 2 Ubuntu Linux, Glibc 2016-11-28 6.4
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent...
CVE-2014-0475 1 Gnu 1 Glibc 2016-11-28 6.8
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2)...