Lucene search
K

211 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3289

The gfilecopy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link 777, which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory...

7.8CVSS6.6AI score0.00359EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.2 views

SUSE CVE-2018-16428

In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference...

4CVSS9.3AI score0.04693EPSS
Exploits1References45
BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.7 views

The vulnerability of the g_file_replace() function in the Glib library, which allows operation under a non-root account, enables an attacker to compromise data integrity.

The vulnerability of the gfilereplace function in the Glib library is related to the ability to operate under a user account without root privileges. Exploiting this vulnerability could allow an attacker to compromise data integrity...

5.3CVSS6.6AI score0.02622EPSS
Exploits1References9Affected Software4
OSV
OSV
added 2021/11/02 12:59 a.m.1 views

UBUNTU-CVE-2021-3800

A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition...

5.5CVSS6.7AI score0.00531EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/06/17 10:11 a.m.3 views

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/02 4:50 p.m.3 views

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/02 3:2 p.m.4 views

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/01 11:27 a.m.6 views

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/06/01 10:59 a.m.3 views

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References4
OSV
OSV
added 2021/05/06 11:2 a.m.4 views

OESA-2021-1164 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: An issue was discovered in GNOME GLib...

5.3CVSS7.1AI score0.02622EPSS
Exploits1References2
OSV
OSV
added 2021/03/11 10:15 p.m.6 views

AZL-6439 CVE-2021-28153 affecting package glib for versions less than 2.60.1-5

An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is...

5.3CVSS6.7AI score0.02622EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2021/02/18 3:38 p.m.69 views

CVE-2021-27219

An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...

9.8CVSS7.8AI score0.02993EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.4 views

The vulnerability of the g_byte_array_new_take() function in the Glib library allows a hacker to execute arbitrary code.

The vulnerability of the gbytearraynewtake function in the Glib library relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS7.2AI score0.04193EPSS
Exploits0References10Affected Software4
OSV
OSV
added 2021/02/15 5:15 p.m.5 views

AZL-6438 CVE-2021-27219 affecting package glib for versions less than 2.60.1-5

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption...

7.5CVSS7.2AI score0.02993EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/02/04 12:0 a.m.4 views

PT-2021-1988 · Glib +10 · Glib +10

Name of the Vulnerable Software and Affected Versions: GLib versions prior to 2.66.7 GLib versions 2.67.x prior to 2.67.4 Description: The issue is related to the function g byte array new take in the GLib library, which is associated with the copying of a buffer without checking the size of the...

10CVSS7.2AI score0.04193EPSS
Exploits2References89
OSV
OSV
added 2020/12/14 11:15 p.m.3 views

AZL-6435 CVE-2020-35457 affecting package glib for versions less than 2.60.1-5

GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of...

7.8CVSS7.1AI score0.00567EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.4 views

Vulnerability of the functions g_file_make_directory_with_parents and g_file_replace_contents in the Glib library, which allows attackers to escalate their privileges and gain access to files.

The vulnerability of the gfilemakedirectorywithparents and gfilereplacecontents functions in the Glib library is related to improper handling of permissions. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain access to files...

7.8CVSS7.2AI score0.03211EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2019/12/22 12:0 a.m.4 views

The vulnerability of the file_copy_fallback() function in the Glib library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the filecopyfallback function in the Glib library is related to incorrect handling of permissions. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

10CVSS6.5AI score0.02602EPSS
Exploits0References13Affected Software7
OSV
OSV
added 2019/08/06 11:59 a.m.1 views

USN-4049-4 glib2.0 regression

USN-4049-1 fixed a vulnerability in GLib. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibl...

7.5CVSS7.1AI score0.03211EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/07/11 12:0 a.m.4 views

The vulnerability of the g_markup_parse_context_parse function in the Glib library allows a hacker to trigger a service failure.

The vulnerability of the gmarkupparsecontextparse function gmarkup.c, method utf8str in the Glib library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS5.7AI score0.03532EPSS
Exploits1References11Affected Software5
Rows per page
Query Builder