Lucene search
K

1992 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/30 5:16 p.m.6 views

CVE-2026-4046

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 5:16 p.m.3 views

CVE-2026-4046 iconv crash due to assertion failure with untrusted input

The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...

5.8AI score0.00357EPSS
Exploits1References3
CVE
CVE
added 2026/03/30 5:16 p.m.219 views

CVE-2026-4046

The CVE-2026-4046 issue affects the iconv() function in glibc up to version 2.43, where input conversion from IBM1390/IBM1399 can trigger an assertion failure and cause remote crashes. Affected component: GNU C Library (glibc). Underlying cause: assertion failure during character-set conversion. ...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the iconv function, which could crash due to assertion...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-006302)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006302 advisory. When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size...

6.2CVSS6.9AI score0.00349EPSS
Exploits0References4
OSV
OSV
added 2026/03/24 6:3 a.m.9 views

RLSA-2026:4772 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

5.9CVSS5.8AI score0.00564EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/24 12:28 a.m.5 views

SUSE CVE-2026-4437

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

4.7CVSS5.9AI score0.00292EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/03/23 7:3 a.m.4 views

CVE-2026-4437

A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...

7.5CVSS5.6AI score0.00292EPSS
Exploits1References4
Rosalinux
Rosalinux
added 2026/03/22 9:33 p.m.6 views

Advisory ROSA-SA-2026-3251

software: glibc 2.33 AXIS: ROSA-CHROME unaffected versions = glibc-2.33-11.git5f08d1.5 affected versions glibc-2.33-11.git5f08d1.5 CVE-ID: CVE-2026-0915 BDU-ID: 2026-02104 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library system library...

8.4CVSS5.9AI score0.00564EPSS
Exploits1
EUVD
EUVD
added 2026/03/20 9:31 p.m.6 views

EUVD-2026-13796

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

5.8AI score0.00292EPSS
Exploits1References2
NVD
NVD
added 2026/03/20 8:16 p.m.4 views

CVE-2026-4437

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

7.5CVSS0.00292EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/20 8:16 p.m.3 views

CVE-2026-4437

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...

7.5CVSS5.9AI score0.00292EPSS
Exploits1References3
OSV
OSV
added 2026/03/20 8:16 p.m.2 views

UBUNTU-CVE-2026-4438

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/20 7:59 p.m.2 views

CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames

Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...

5.8AI score0.00189EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contain security vulnerabilities. These vulnerabilities arise from the gethostbyaddr or gethostbyaddrr functions potentially...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contained security vulnerabilities. These vulnerabilities occurred because the gethostbyaddr or gethostbyaddrr functions might...

7.5CVSS5.8AI score0.00292EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-4437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2....

7.5CVSS5.8AI score0.00292EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2026/03/19 12:0 a.m.12 views

glibc security update

2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi Oracle history: February-24-2026 Cupertino Miranda - 2.28-251.0.4.27 - Fixed orabug 38834066 stpcpy MTE support Reviewed-by: Jose E. Marchesi December-8-2025 Cupertino Miranda - 2.28-251.0.3.27 - Forward port of Oracle...

7.5CVSS5.8AI score0.00564EPSS
Exploits0
OSV
OSV
added 2026/03/18 9:58 a.m.8 views

CLSA-2026-1773827924 glibc: Fix of CVE-2025-15281

CVE-2025-15281: fix process crash in wordexp when attempting to reuse and append to previous expansion results due to uninitialized memory access...

7.5CVSS7.1AI score0.00286EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/03/17 5:20 p.m.14 views

glibc: glibc: Information disclosure via zero-valued network query

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

7.5CVSS5.8AI score0.00564EPSS
Exploits0References5
Rows per page
Query Builder