Lucene search
K

147 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:18 a.m.7 views

CVE-2019-14875

In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in ca...

6.5CVSS6.7AI score0.01294EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.13 views

CVE-2019-14874

In the i2b function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in case of...

6.5CVSS6.7AI score0.01331EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.8 views

CVE-2019-14876

In the lshift function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access to b1 will trigger a null pointer dereference bug in case...

6.5CVSS6.7AI score0.01331EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.5 views

CVE-2019-14873

In the multadd function of the newlib libc library, prior to versions 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. This will trigger a null pointer dereference bug in case of a memory...

6.5CVSS6.7AI score0.01299EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.9 views

CVE-2019-14871

The REENTCHECK macro see newlib/libc/include/sys/reent.h as used by REENTCHECKTM, REENTCHECKMISC, REENTCHECKMP and other newlib macros in versions prior to 3.3.0, does not check for memory allocation problems when the DEBUG flag is unset as is the case in production firmware builds...

6.5CVSS7AI score0.01008EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-3420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nanomemalign,...

9.8CVSS8.4AI score0.02103EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-30949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function. CVE-2024-30949 Note that Nessus...

9.8CVSS8.7AI score0.00762EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/08/21 2:41 a.m.5 views

SUSE CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS8AI score0.00762EPSS
Exploits0References3
OSV
OSV
added 2024/08/20 3:15 p.m.13 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS7.7AI score
Exploits0References3
NVD
NVD
added 2024/08/20 3:15 p.m.34 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS0.00762EPSS
Exploits0References3
OSV
OSV
added 2024/08/20 3:15 p.m.3 views

DEBIAN-CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS9.1AI score0.00762EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/20 3:15 p.m.20 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS7.5AI score0.00762EPSS
Exploits0References5
OSV
OSV
added 2024/08/20 3:15 p.m.3 views

UBUNTU-CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS6.2AI score0.00762EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/08/20 12:0 a.m.19 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

7.8AI score0.00762EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/20 12:0 a.m.23 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

0.00762EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.4 views

Newlib 安全漏洞

Newlib is a C language library from the Sourceware organization primarily for embedded systems. A security vulnerability exists in Newlib version 4.3.0, which stems from an arbitrary code execution vulnerability in the gettimeofday method...

9.8CVSS9.4AI score0.00762EPSS
Exploits0References5
CVE
CVE
added 2024/08/20 12:0 a.m.69 views

CVE-2024-30949

CVE-2024-30949 concerns an issue in the GNU C library replacement newlib version 4.3.0 where the time unit scaling in the function _gettimeofday may allow an attacker to execute arbitrary code. The connected sources consistently describe the vulnerability and its impact as arbitrary code executio...

9.8CVSS7.5AI score0.00762EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/08/20 12:0 a.m.14 views

CVE-2024-30949

An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the gettimeofday function...

9.8CVSS9.1AI score0.00762EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.6 views

PT-2024-23685 · Newlib +1 · Newlib +1

Name of the Vulnerable Software and Affected Versions: newlib version 4.3.0 Description: An issue in the gettimeofday function allows an attacker to execute arbitrary code via the time unit scaling. Recommendations: For newlib version 4.3.0, at the moment, there is no information about a newer...

9.8CVSS7.5AI score0.00762EPSS
Exploits0References16
OSV
OSV
added 2024/06/15 12:0 a.m.12 views

OPENSUSE-SU-2024:11086-1 newlib-4.1.0-2.2 on GA media

These are all security issues fixed in the newlib-4.1.0-2.2 package on the GA media of openSUSE Tumbleweed...

9.8CVSS9.5AI score0.02103EPSS
Exploits0References1
Rows per page
Query Builder