14 matches found
EUVD-2015-8839
Malware in sbrugna...
EUVD-2010-0327
Malware in sbrugna...
CVE-2024-42358
PDFio is a simple C library for reading and writing PDF files. There is a denial of service DOS vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability...
Ubuntu 16.04 LTS : GNU C Library vulnerability (USN-7259-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7259-2 advisory. USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Tenable has extracted the preceding...
SUSE CVE-2019-9028
An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions in inflate.c when called from ReadNextCell in mat5.c...
Vulnerability of the al__cpLocation stream function in libpthread, LinuxThreads libraries uClibC and uClibC-ng, allowing a hacker to execute arbitrary code
The vulnerabilities of the alcpLocation function in the libpthread library, as well as those in the linuxthreads library and uClibC and uClibC-ng libraries, are related to the possibility of memory corruption. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code by...
CVE-2022-39046
An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap...
Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability
Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2022-23218 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the svcunixcreate function ...
DEBIAN-CVE-2021-43396
In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor states "t...
CVE-2020-27618
The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...
DEBIAN-CVE-2019-14872
The dtoar function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference...
UBUNTU-CVE-2019-7309
In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled...
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a 'stack extension attack,' a related issue to...
Debian Security Advisory DSA 2976-1 (eglibc - security update)
Stephane Chazelas discovered that the GNU C library, glibc, processed '..' path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings. OpenVAS...