CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/07 12:0 a.m.•14 views

PT-2026-47171

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev name results in command injection. It is possible to initiate the attack...

7.5CVSS7.1AI score0.01572EPSS

Exploits1References6

CNNVD•added 2026/06/07 12:0 a.m.•6 views

GL.iNet GL-MT3000 命令注入漏洞

GL.iNet GL-MT3000 is a portable travel router from the company GL.iNet, which supports Wi-Fi 6 and VPN functions. Version 4.4.5 of GL.iNet GL-MT3000 has a command injection vulnerability. This vulnerability stems from an incorrect operation of the parameter devname in the function dlopen within t...

7.5CVSS7.3AI score0.01572EPSS

Exploits1References6

Tenable Nessus•added 2026/01/29 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-005215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005215 advisory. Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library...

7.8CVSS5.9AI score0.00392EPSS

Exploits1References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : glibc-2.28-251.el8_10.22 (AXSA:2025-10009:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10009:07 advisory. glibc: static setuid binary dlopen may incorrectly search LDLIBRARYPATH CVE-2025-4802 Tenable has extracted the preceding description block directly from th...

7.8CVSS7.6AI score0.00392EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•5 views

MiracleLinux 9 : glibc-2.34-168.el9_6.19 (AXSA:2025-10672:12)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10672:12 advisory. glibc: static setuid binary dlopen may incorrectly search LDLIBRARYPATH CVE-2025-4802 Tenable has extracted the preceding description block directly from th...

7.8CVSS7AI score0.00392EPSS

Tenable Nessus•added 2025/10/07 12:0 a.m.•3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: glibc (UTSA-2025-177646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-177646 advisory. Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library...

7.8CVSS7AI score0.00392EPSS

Exploits1References4

OSV•added 2025/10/04 12:11 a.m.•5 views

RLSA-2025:8655 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

7CVSS7.2AI score0.00392EPSS

OSV•added 2025/09/26 1:15 p.m.•4 views

CLSA-2025-1758892548 glibc: Fix of CVE-2025-4802

CVE-2025-4802: prevent untrusted LDLIBRARYPATH from loading dynamically shared libraries in statically compiled binaries that call dlopen...

7.8CVSS7.3AI score0.00392EPSS

OSV•added 2025/09/12 6:0 p.m.•3 views

CLSA-2025-1757700003 glibc: Fix of CVE-2025-4802

CVE-2025-4802: prevent untrusted LDLIBRARYPATH from loading dynamically shared libraries in statically compiled binaries that call dlopen...

7.8CVSS7.3AI score0.00392EPSS

OSV•added 2025/09/12 3:21 p.m.•3 views

CLSA-2025-1757690477 glibc: Fix of CVE-2025-4802

CVE-2025-4802: prevent untrusted LDLIBRARYPATH from loading dynamically shared libraries in statically compiled binaries that call dlopen...

7.8CVSS7.3AI score0.00392EPSS

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

EulerOS 2.0 SP9 : glibc (EulerOS-SA-2025-2123)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

EulerOS 2.0 SP9 : glibc (EulerOS-SA-2025-2124)

Microsoft CVE•added 2025/09/04 7:2 a.m.•2 views

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

...

8.4CVSS7AI score0.00392EPSS

Exploits1

Tenable Nessus•added 2025/08/14 12:0 a.m.•2 views

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2025-1951)

Tenable Nessus•added 2025/08/14 12:0 a.m.•3 views

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2025-1925)

OpenVAS•added 2025/08/12 12:0 a.m.•3 views

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1951)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.00392EPSS