Lucene search
K

230 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-36908

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00389EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/10/02 6:11 a.m.5 views

Gvariant deserialisation does not match spec for non-normal data

...

5.5CVSS7AI score0.00389EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0064: glib2 (ALINUX3-SA-2024:0064)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-29499: A flaw was found in GLib...

7.5CVSS6.8AI score0.00768EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.16 views

Amazon Linux 2 : glib2 (ALAS-2025-2767)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2767 advisory. GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading ...

7.8CVSS7.2AI score0.0078EPSS
Exploits0References12
Microsoft CVE
Microsoft CVE
added 2025/02/25 8:0 a.m.4 views

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.

...

7.5CVSS7AI score0.0078EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/02/25 8:0 a.m.3 views

Gvariant offset table entry size is not checked in is_normal()

...

7.5CVSS6.7AI score0.00768EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/02/25 8:0 a.m.4 views

A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.

...

7.8CVSS6.6AI score0.00399EPSS
Exploits0
Amazon
Amazon
added 2025/02/25 12:0 a.m.5 views

Important: glib2

Issue Overview: GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading to denial of service. CVE-2023-29499 GLib's GVariant deserialization prior to GLib 2.74.4 is vulnerable to a slowdown issue where a crafted GVariant can cause...

7.8CVSS7.5AI score0.0078EPSS
Exploits0
Amazon
Amazon
added 2025/02/25 12:0 a.m.22 views

Important: glib2

Issue Overview: GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading to denial of service. CVE-2023-29499 GLib's GVariant deserialization prior to GLib 2.74.4 is vulnerable to a slowdown issue where a crafted GVariant can cause...

7.8CVSS7.1AI score0.0078EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.2 views

PT-2025-50314

Name of the Vulnerable Software and Affected Versions GLib versions affected versions not specified Description A flaw exists in GLib Gnome Lib that allows a remote attacker to cause heap corruption. This can lead to a denial of service or potential code execution through a buffer-underflow in th...

9.8CVSS7.3AI score0.00754EPSS
Exploits0References129
OSV
OSV
added 2024/08/01 3:38 p.m.5 views

CLSA-2024-1722525083 glib2: Fix of 3 CVEs

CVE-2023-29499: Fix GVariant offset table entry size which is not checked in isnormal - CVE-2023-32611: Fix an issue where gvariantbyteswap can take a long time with some non-normal inputs - CVE-2023-32665: Fix GVariant deserialisation which does not match spec for non-normal data - Enable...

7.5CVSS6.6AI score0.00768EPSS
Exploits0References1
Redos
Redos
added 2024/05/06 12:0 a.m.42 views

ROS-20240506-02

A vulnerability in the Glib library is related to GVariant deserialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of Glib library function gbytearraynewtake is related to buffer copying without checking the the size of the input data...

7.8CVSS7.3AI score0.0408EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/04/30 10:20 a.m.3 views

glib: Timeout in fuzz_variant_text

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

7.5CVSS6.8AI score0.0078EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/30 10:20 a.m.41 views

Low: Red Hat Security Advisory: mingw-glib2 security update

An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS6.7AI score0.0078EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/30 10:20 a.m.2 views

glib: GVariant deserialisation does not match spec for non-normal data

A flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service...

5.5CVSS7.2AI score0.00389EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 10:20 a.m.3 views

glib: GVariant offset table entry size is not checked in is_normal()

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...

7.5CVSS6.8AI score0.00768EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 10:20 a.m.4 views

glib: g_variant_byteswap() can take a long time with some non-normal inputs

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service...

5.5CVSS7.2AI score0.00376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.33 views

RHEL 9 : mingw-glib2 (RHSA-2024:2528)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2528 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...

7.5CVSS6.9AI score0.0078EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/11/27 12:0 a.m.34 views

GLSA-202311-18 : GLib: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-18 GLib: Multiple Vulnerabilities - A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service. CVE-2023-29499 - A flaw was found in GLi...

7.5CVSS6.7AI score0.00768EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2023/11/27 12:0 a.m.33 views

GLib: Multiple Vulnerabilities

Background GLib is a library providing a number of GNOME's core objects and functions. Description Multiple vulnerabilities have been discovered in GLib. Please review the referenced CVEs for details. Impact GVariant deserialization is vulnerable to an exponential blowup issue where a crafted...

7.5CVSS7.6AI score0.00768EPSS
Exploits0
Rows per page
Query Builder