Lucene search
K

64 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : glibc-2.17-326.3.0.1.el7.AXS7 (AXSA:2024-8594:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8594:08 advisory. CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 CVE-2021-35942: wordexp - handle overflow in positional parameter number CVE-2022-23218:...

9.8CVSS8.2AI score0.04729EPSS
Exploits3References5
Oracle linux
Oracle linux
added 2024/06/19 12:0 a.m.101 views

glibc security update

2.17-326.0.9.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0.9 - OraBug 35517820 Reworked previous patch for OraBug 35318841 and removed free of stack allocations. Reviewed-by: Jose E. Marchesi June-20-2023...

7.5CVSS6.8AI score0.8833EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2024/06/19 12:0 a.m.37 views

Oracle Linux 7 : glibc (ELSA-2024-12444)

"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12444 advisory. 2.17-326.0.9.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: June-22-2023 Cupertino Miranda - 2.17-326.0....

9.8CVSS7.2AI score0.8833EPSS
Exploits19References6
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/01 5:42 p.m.45 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...

9.1CVSS9.5AI score0.02678EPSS
Exploits2Affected Software1
Cloud Foundry
Cloud Foundry
added 2023/05/18 12:0 a.m.45 views

USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library ...

9.8CVSS8.9AI score0.05223EPSS
Exploits5Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 3:45 p.m.44 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in GNU glibc (CVE-2021-3999)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in GNU glibc, due to improper bounds checking by the getcwd function. CVE-2021-3999. The GNU glibc component is included as part of the Base OS image that is used by Watson Speech Services...

7.8CVSS8.8AI score0.0072EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 9:59 p.m.34 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library CVE-2021-3999. This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below for details on how...

7.8CVSS8.9AI score0.0072EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/11/14 12:0 a.m.33 views

NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2022-0085)

The remote NewStart CGSL host, running version MAIN 6.02, has glibc packages installed that are affected by multiple vulnerabilities: - The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE...

9.8CVSS7.9AI score0.04729EPSS
Exploits5References19
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/28 7:52 p.m.56 views

Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities

Summary IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities. These components have been updated in the latest release and the vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest...

9.8CVSS9.9AI score0.51733EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.50 views

EulerOS 2.0 SP3 : glibc (EulerOS-SA-2022-2608)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...

9.8CVSS8.5AI score0.04729EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.34 views

Amazon Linux 2 : glibc (ALAS-2022-1857)

The version of glibc installed on the remote host is prior to 2.26-61. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1857 advisory. A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the...

7.8CVSS8AI score0.0072EPSS
Exploits1References3
Amazon
Amazon
added 2022/10/21 12:0 a.m.72 views

Medium: glibc

Issue Overview: A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potential...

7.8CVSS8.3AI score0.0072EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2560)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.04729EPSS
Exploits3References2
CBLMariner
CBLMariner
added 2022/09/17 5:56 a.m.17 views

CVE-2021-3999 affecting package glibc 2.28-23

CVE-2021-3999 affecting package glibc 2.28-23. A patched version of the package is available...

7.8CVSS9.8AI score0.0072EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-5310-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.04729EPSS
Exploits3References2
OSV
OSV
added 2022/08/24 4:15 p.m.39 views

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

7.8CVSS8.3AI score0.0072EPSS
Exploits1References8
CVE
CVE
added 2022/08/24 12:0 a.m.386 views

CVE-2021-3999

CVE-2021-3999 is a glibc vulnerability: an off-by-one buffer overflow/underflow in getcwd() can corrupt memory when the destination buffer size is 1, enabling a local attacker in a setuid context to potentially escalate privileges. The connected advisories confirm this is a real issue across mult...

7.8CVSS9.2AI score0.0072EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/08/15 12:0 a.m.265 views

GLSA-202208-24 : GNU C Library: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-24 GNU C Library: Multiple Vulnerabilities - The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted patter...

9.8CVSS8.1AI score0.04729EPSS
Exploits5References11
OpenVAS
OpenVAS
added 2022/08/01 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS9.1AI score0.0072EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/26 2:35 p.m.68 views

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-23218 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based...

9.8CVSS9.5AI score0.34174EPSS
Exploits10Affected Software1
Rows per page
Query Builder