25 matches found
Astra Linux – Vulnerability in glibc
A use-after-free vulnerability introduced in the glibc upstream version 2.14 was identified in the way the tilde expansion was performed. Directory paths that contained a tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a special...
Advisory ROSA-SA-2026-3301
Component: libconfuse 3.3 Operating System: ROSA-CHROME Unaffected versions: = libconfuse-3.3-3 Affected versions: libconfuse-3.3-3 CVE-ID: CVE-2022-40320 BDU-ID: 2022-05795 CVE-Crit: LOW CVE-DESC.: The vulnerability in the cfgtildeexpand function of the configuration file parser library libConfu...
EUVD-2020-12583
Malware in sbrugna...
CLSA-2023-1685380447 Fix CVE(s): CVE-2023-2610
SECURITY UPDATE: Crash when expanding "" in substitute causes very long text - debian/patches/CVE-2023-2610.patch: Limit the text length to MAXCOL - CVE-2023-2610...
K49921213: glibc vulnerability CVE-2020-1752
Security Advisory Description A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit thi...
SUSE CVE-2006-4262
Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...
SUSE CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
CVE-2022-40320
cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read...
SUSE SLES12 Security Update : glibc (SUSE-SU-2022:1123-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1123-1 advisory. - A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directo...
glibc: use-after-free in glob() function when expanding ~user
A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processe...
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that when processed by the glob function would potentially lead to arbitrary code execution. This was fixed in version 2.32.
...
Ubuntu 16.04 LTS / 18.04 LTS : GNU C Library vulnerabilities (USN-4416-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4416-1 advisory. Florian Weimer discovered that the GNU C Library incorrectly handled certain memory operations. A remote attacker could use this issue to cau...
EulerOS Virtualization 3.0.6.0 : glibc (EulerOS-SA-2020-1712)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The GNU C Library aka glibc or libc6 before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit...
EulerOS 2.0 SP5 : glibc (EulerOS-SA-2020-1599)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory path...
DEBIAN-CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
UBUNTU-CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially...
glibc: Buffer overflow in glob with GLOB_TILDE
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...