Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2014-4043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows...

7.5CVSS6.9AI score0.03922EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 4 : glibc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glibc: posixspawnfileactionsaddopen fails to copy the path argument CVE-2014-4043 - glibc: heap/stack gap...

9.8CVSS8.4AI score0.08747EPSS
Exploits42References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.35 views

RHEL 7 : glibc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary...

7CVSS9AI score0.0767EPSS
Exploits8References19
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.37 views

K15546: glibc vulnerability CVE-2014-4043

Security Advisory Description Description posixspawnfileactionsaddopen in glibc prior to version 2.20 fails to copy the path argument. The result of not copying is that programs can easily trigger use-after-free bugs, or other situations where the path is mutated. Impact None. No F5 products are...

7.5CVSS7.1AI score0.03922EPSS
Exploits3
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.22 views

Slackware: Security Advisory (SSA:2014-296-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.18099EPSS
Exploits13References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2014:0920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03922EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2015:0170-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.06564EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2015:0167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.06564EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.63 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1667)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.03922EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-2030)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.0627EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1721)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.03922EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/08/17 12:0 a.m.36 views

openSUSE Security Update : glibc (openSUSE-2015-544)

glibc was updated to fix one security issue. This security issue was fixed : - CVE-2014-4043: The posixspawnfileactionsaddopen function in glibc did not copy its path argument in accordance with the POSIX specification, which allowed context-dependent attackers to trigger use-after-free...

7.5CVSS7AI score0.03922EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.35 views

SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0167-1)

glibc has been updated to fix a security issue and two bugs : Security issue fixed : - Copy filename argument in posixspawnfileactionsaddopen CVE-2014-4043 Bugs fixed : - don't touch user-controlled stdio locks in forked child bsc864081, GLIBC BZ 12847 - Fix infinite loop in checkpf bsc909053,...

7.5CVSS7.3AI score0.06564EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.38 views

SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)

glibc has been updated to fix security issues : - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Fixed a stack overflow during hosts parsing CVE-2013-4357 - Copy filename argument in posixspawnfileactionsaddop...

7.5CVSS7.3AI score0.06564EPSS
Exploits6References13
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.80 views

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS1.9AI score0.07688EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2015/02/24 12:0 a.m.247 views

Debian DSA-3169-1 : eglibc - security update

Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library : - CVE-2012-3406 The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not 'properly restrict the use of' the alloca function when allocating...

7.8CVSS8AI score0.07688EPSS
Exploits5References20
Debian
Debian
added 2015/02/23 6:8 a.m.82 views

[SECURITY] [DSA 3169-1] eglibc security update

---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS9.8AI score0.07688EPSS
Exploits5
OpenVAS
OpenVAS
added 2015/02/23 12:0 a.m.51 views

Debian Security Advisory DSA 3169-1 (eglibc - security update)

Several vulnerabilities have been fixed in eglibc, Debian OpenVAS Vulnerability Test $Id: deb3169.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3169-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

7.8CVSS0.3AI score0.07688EPSS
Exploits5References1
OSV
OSV
added 2014/10/06 11:55 p.m.5 views

CVE-2014-4043

The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities...

7.5AI score
Exploits0References16
CVE
CVE
added 2014/10/06 11:0 p.m.128 views

CVE-2014-4043

CVE-2014-4043 affects the GNU C Library (glibc) prior to 2.20. The posix_spawn_file_actions_addopen function does not copy its path argument as required by POSIX, enabling context-dependent attackers to trigger use-after-free vulnerabilities. Multiple connected advisories (EulerOS SA, Nessus summ...

7.5CVSS6.4AI score0.03922EPSS
Exploits3References16Affected Software1
Rows per page
Query Builder