16996 matches found
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
GNU C Library Security Bypass Vulnerability
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A security vulnerability exists in glibc in the GNU C Library. An attacker can exploit this vulnerability to bypass ASLR...
GNU C Library Information Disclosure Vulnerability
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A security vulnerability exists in glibc in the GNU C Library. An attacker can exploit the vulnerability to guess the heap address of the pthreadcreated thread...
GNU C Library libld Remote Code Execution Vulnerability
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A security vulnerability exists in libld in the GNU C Library. An attacker can exploit the vulnerability to elevate privileges...
GNU C Library Buffer Overflow Vulnerability (CNVD-2019-23063)
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A buffer overflow vulnerability exists in nptl in the GNU C Library. The vulnerability arises from a networked system or product performing operations in memory without properly validating data...
UBUNTU-CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c...
The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu systems, related to the use of memory after it is freed, allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu stems from the use of memory after it is freed during the disconnection of a node from the previously created network or between two nodes. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
CVE-2019-1010023
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...
CVE-2019-1010023
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...
DEBIAN-CVE-2019-1010023
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...
CVE-2019-1010024
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat...
DEBIAN-CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...
CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...
CVE-2019-1010025
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability...
DEBIAN-CVE-2019-1010022
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this ...