Lucene search
K

202 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.4 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libc6-dev-mipsn32 package of the Debian GNU/Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.8AI score0.18795EPSS
Exploits4References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.3 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libc6-dev-mips64 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.8AI score0.18795EPSS
Exploits4References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libc6-dev-i386 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.8AI score0.18795EPSS
Exploits4References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libc6-dbg package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.8AI score0.18795EPSS
Exploits4References11Affected Software1
UbuntuCve
UbuntuCve
added 2016/06/10 12:0 a.m.38 views

CVE-2016-3706

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library aka glibc or libc6 allows remote attackers to cause a denial of service crash via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for...

7.5CVSS7.3AI score0.05926EPSS
Exploits0References3
CVE
CVE
added 2016/04/19 9:0 p.m.171 views

CVE-2015-8776

The CVE-2015-8776 issue affects the GNU C Library (glibc) strftime() function. The vulnerability, present in glibc versions before 2.23, allows context-dependent attackers to cause a denial of service (application crash) and, in some disclosures, potentially obtain sensitive information via out-o...

9.1CVSS8.5AI score0.04613EPSS
Exploits0References19Affected Software6
CVE
CVE
added 2016/04/19 9:0 p.m.146 views

CVE-2015-8779

CVE-2015-8779 affects the GNU C Library (glibc). The vulnerability is a stack-based buffer overflow in the catopen() function when handling long catalog names, which can cause an application crash (DoS) or potentially allow arbitrary code execution. Affected products include glibc releases prior ...

9.8CVSS9.2AI score0.05966EPSS
Exploits1References22Affected Software6
CVE
CVE
added 2016/04/19 9:0 p.m.143 views

CVE-2015-8778

CVE-2015-8778 affects the GNU C Library (glibc) prior to 2.23, where an integer/size argument in hcreate_r can trigger an out-of-bounds heap access, potentially causing denial of service or arbitrary code execution. Connected advisories detail that multiple products (notably glibc-containing pack...

9.8CVSS9.1AI score0.05515EPSS
Exploits1References22Affected Software1
CVE
CVE
added 2016/04/19 9:0 p.m.156 views

CVE-2014-9761

The CVE-2014-9761 issue affects the GNU C Library (glibc) prior to 2.23. It involves stack-based buffer overflows in the nan, nanf, and nanl functions caused by long arguments, which could lead to denial of service or potentially arbitrary code execution. Mitigation in the provided documents reco...

9.8CVSS9AI score0.05506EPSS
Exploits2References22Affected Software6
NVD
NVD
added 2016/02/18 9:59 p.m.22 views

CVE-2015-7547

Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...

8.1CVSS8.3AI score0.89557EPSS
Exploits17References75
Prion
Prion
added 2016/01/20 5:59 a.m.33 views

Null pointer dereference

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...

2.1CVSS6.4AI score0.0057EPSS
Exploits1References15Affected Software1
CVE
CVE
added 2016/01/20 2:0 a.m.168 views

CVE-2015-8777

CVE-2015-8777 is a local, environment-variable–driven bypass of the glibc pointer-guarding mechanism. The flaw exists in the GNU C Library (glibc) prior to version 2.23, where the LD_POINTER_GUARD environment variable was not ignored for privileged executions, allowing a local attacker to bypass ...

5.5CVSS6.6AI score0.0057EPSS
Exploits1References15Affected Software1
UbuntuCve
UbuntuCve
added 2015/12/31 12:0 a.m.30 views

CVE-2015-8982

Integer overflow in the strxfrm function in the GNU C Library aka glibc or libc6 before 2.21 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow...

8.1CVSS7.9AI score0.03797EPSS
Exploits0References5
CVE
CVE
added 2015/12/17 7:0 p.m.110 views

CVE-2015-5277

CVE-2015-5277 affects the GNU C Library (glibc) NSS get_contents backend in nss_files, where a long line in the NSS files database can trigger heap corruption and enable local privilege escalation. Engines in connected advisories confirm this vulnerability existed in glibc prior to version 2.20 a...

7.2CVSS7.9AI score0.00588EPSS
Exploits1References13Affected Software4
Tenable Nessus
Tenable Nessus
added 2015/11/30 12:0 a.m.50 views

Debian DLA-350-1 : eglibc security update

The strxfrm function is vulnerable to integer overflows when computing memory allocation sizes similar to CVE-2012-4412. Furthermore since it fallbacks to use alloca when malloc fails, it is vulnerable to stack-based buffer overflows similar to CVE-2012-4424. Those issues have been fixed in Debia...

7.5CVSS7.9AI score0.16665EPSS
Exploits3References2
OSV
OSV
added 2015/11/26 12:0 a.m.31 views

DLA-350-1 eglibc - security update

Bulletin has no description...

7.7AI score
Exploits0
OSV
OSV
added 2015/09/27 12:0 a.m.52 views

DLA-316-1 eglibc - security update

Bulletin has no description...

8.1CVSS7.5AI score0.05609EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libc6-sparcv9 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.03067EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/04/08 10:0 a.m.125 views

CVE-2015-1472

CVE-2015-1472 affects the GNU C Library (glibc) prior to 2.21. The ADDW macro in stdio-common/vfscanf.c can miscalculate allocation size, leading to buffer overflows in wide-character handling during wscanf, enabling context-dependent denial of service and potentially other impact. Affected compo...

7.5CVSS7.8AI score0.04688EPSS
Exploits2References14Affected Software1
NVD
NVD
added 2015/03/27 2:59 p.m.16 views

CVE-2014-8121

DBLOOKUP in nssfiles/files-XXX.c in the Name Service Switch NSS in GNU C Library aka glibc or libc6 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service infinite loop by performing a look-up on a database while iterating over it,...

5CVSS8.2AI score0.05609EPSS
Exploits1References10
Rows per page
Query Builder