16957 matches found
glibc 安全漏洞
glibc GNU C Library is a C standard library implemented by a GNU project of the GNU community. A security vulnerability exists in glibc, which stems from a lack of entropy...
CVE-2025-0395
A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...
AZL-55965 CVE-2025-0395 affecting package glibc for versions less than 2.38-11
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
AZL-55937 CVE-2025-0395 affecting package glibc for versions less than 2.35-9
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
UBUNTU-CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
Summary (CVE-2025-0395) : The GNU C Library (glibc) versions 2.13 to 2.40 contain a buffer overflow in the assert() failure path where the failure message and size information are not allocated sufficiently, potentially overflowing the heap if the message size aligns to a page boundary. Connected...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
CVE-2025-0395
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
GNU C Library 安全漏洞
The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that stems from not allocating enough space for assertion failure message strings and size information when the assert...
CVE-2024-57360
https://www.gnu.org/software/binutils/ nm =2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: nm --without-symbol-version function...
CVE-2024-57360
CVE-2024-57360 affects GNU Binutils up to version 2.43, specifically the nm --without-symbol-version function, with Incorrect Access Control allowing local exploitation. The issue is documented across multiple advisories (EulerOS/binutils entries and related NASL notes) and is tied to a local att...
CVE-2024-57360
https://www.gnu.org/software/binutils/ nm =2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: nm --without-symbol-version function...
OESA-2025-1042 gcc security update
The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code. Security Fixes: DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in...
PT-2025-3866
Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.13 through 2.40 Description The issue is related to the assert function in the GNU C Library, which fails to allocate sufficient space for the assertion failure message string and size information. This may lead to a...
ABB Cylon Aspect 3.08.02 uploadDb.php Remote Code Execution Vulnerability
ABB Cylon Aspect version 3.08.02 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the contents of an uploaded .db file, which is passed to the copyFile.sh script. Although the filename is sanitized, the...
CVE-2024-56738
A flaw was found in GRUB2. Affected versions of GRUB2 do not use a constant-time algorithm for grubcryptomemcmp, which can allow side-channel attacks...