Lucene search
K

12 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/20 8:37 p.m.6 views

CVE-2026-5358

REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that the NIS+ cold start cache...

5.6AI score0.0004EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of the ungetwc function on character sets with...

7.5CVSS5.8AI score0.00345EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/20 9:31 p.m.6 views

EUVD-2026-13798

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 7:59 p.m.13 views

CVE-2026-4438

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/20 7:59 p.m.29 views

CVE-2026-4438

The CVE-2026-4438 issue affects the GNU C Library (glibc) gethostbyaddr/gethostbyaddr_r when NSSwitch DNS backend is configured; versions 2.34–2.43 may return invalid DNS hostnames. Impact per sources is a DNS-spec violation; no exploitation details are provided in the documents. A patched versio...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/20 7:59 p.m.35 views

CVE-2026-4437

CVE-2026-4437 concerns glibc’s DNS response parsing. According to the initial document, calling gethostbyaddr/gethostbyaddr_r with a configured nsswitch.conf DNS backend in GNU C Library versions 2.34–2.43 can yield a crafted DNS response that violates the DNS specification, causing the applicati...

7.5CVSS5.8AI score0.00292EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/02/10 6:15 p.m.6 views

AZL-56567 CVE-2025-1152 affecting package gcc 13.2.0-7

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

3.7CVSS4.5AI score0.00564EPSS
Exploits1References1
OSV
OSV
added 2025/02/10 5:15 p.m.11 views

AZL-56693 CVE-2025-1150 affecting package gdb 13.2-6

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfdmalloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high...

3.1CVSS4.7AI score0.0056EPSS
Exploits1References1
OSV
OSV
added 2025/02/10 3:15 p.m.7 views

AZL-56627 CVE-2025-1149 affecting package binutils 2.37-20

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

3.1CVSS4.6AI score0.00531EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-19365 · Baicells · Baicells Nova 233 +2

Name of the Vulnerable Software and Affected Versions: Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 Description: The issue concerns hardcoded credentials in the firmware of the affected devices. These credentials are easily discoverable a...

10CVSS9.2AI score0.01557EPSS
Exploits0References5
CNVD
CNVD
added 2017/10/23 12:0 a.m.2 views

XnView Classic for Windows Buffer Overflow Vulnerability (CNVD-2017-32297)

XnView Classic for Windows is an image viewing software for Windows developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphic and video files. A buffer overflow vulnerability exists in version 2.43 of XnView Classic for...

7.8CVSS7.8AI score0.00767EPSS
Exploits0References1
OSV
OSV
added 2017/10/22 7:29 p.m.5 views

CVE-2017-15801

XnView Classic for Windows Version 2.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dll file that is mishandled during an attempt to render the DLL icon, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS5.8AI score0.00767EPSS
Exploits0References1
Rows per page
Query Builder