Lucene search
K

27 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:53 p.m.39 views

K16366: GNU C Library (glibc) vulnerability CVE-2015-1472

Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...

7.5CVSS7.8AI score0.04688EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2015-0072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04688EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.50 views

Security Bulletin: Vulnerabilities in GNU C Library Affect Power Hardware Management Console (CVE-2013-7423, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472)

Summary GNU C Library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2013-7423 DESCRIPTION:The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors,...

7.8CVSS8.8AI score0.07688EPSS
Exploits5
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2015:0551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.6AI score0.94859EPSS
Exploits48References51
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2015:0439-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.94859EPSS
Exploits44References44
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.16665EPSS
Exploits10References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:10 a.m.23 views

Security Bulletin: Multiple vulnerabilities in GNU C Library (glibc), OpenSSL and NTP affect IBM Flex System Chassis Management Module (CMM)

Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex System Chassis Management Module. IBM Flex System Chassis Management Module has addressed the CVEs listed below. Vulnerability Details Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex...

7.8CVSS1AI score0.44503EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:55 a.m.32 views

Security Bulletin: IBM BladeCenter Advanced Management Module is affected by glibc vulnerabilities (CVE-2015-1472, CVE-2013-7423, CVE-2014-7817, and CVE-2014-9402)

Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details: CVE-ID: CVE-2013-7423 Description: GNU glibc could allow a...

7.8CVSS0.8AI score0.07688EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.34 views

Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119)

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...

7.5CVSS8.3AI score0.05808EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2015/12/15 12:0 a.m.41 views

Amazon Linux: Security Advisory (ALAS-2015-617)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.05808EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/12/02 12:0 a.m.53 views

CentOS 7 : glibc (CESA-2015:2199)

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS8.2AI score0.05808EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.39 views

RedHat Update for glibc RHSA-2015:2199-07

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9AI score0.05808EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2015/11/19 3:4 a.m.41 views

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS7.4AI score0.05808EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2015/05/20 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1)

glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library aka glibc 2.21 did not enforce the WRDENOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input...

7.8CVSS7.8AI score0.07688EPSS
Exploits5References17
NVD
NVD
added 2015/04/08 10:59 a.m.22 views

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...

7.5CVSS9.6AI score0.04688EPSS
Exploits2References14
OSV
OSV
added 2015/04/08 10:59 a.m.9 views

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...

7.8AI score
Exploits0References14
CVE
CVE
added 2015/04/08 10:0 a.m.125 views

CVE-2015-1472

CVE-2015-1472 affects the GNU C Library (glibc) prior to 2.21. The ADDW macro in stdio-common/vfscanf.c can miscalculate allocation size, leading to buffer overflows in wide-character handling during wscanf, enabling context-dependent denial of service and potentially other impact. Affected compo...

7.5CVSS7.8AI score0.04688EPSS
Exploits2References14Affected Software1
Debian CVE
Debian CVE
added 2015/04/08 10:0 a.m.25 views

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...

7.5CVSS8.2AI score0.04688EPSS
Exploits2
F5 Networks
F5 Networks
added 2015/04/03 12:0 a.m.33 views

SOL16366 - GNU C Library (glibc) vulnerability CVE-2015-1472

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

7.5CVSS2.6AI score0.04688EPSS
Exploits2References4
securityvulns
securityvulns
added 2015/03/07 12:0 a.m.80 views

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

7.8CVSS1.9AI score0.07688EPSS
Exploits5
Rows per page
Query Builder