CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Cvelist•added 2014/08/29 5:0 p.m.•23 views

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

8.1AI score0.18099EPSS

Exploits4References22

Debian CVE•added 2014/08/29 5:0 p.m.•33 views

CVE-2014-5119

7.5CVSS9.7AI score0.18099EPSS

Exploits4

Prion•added 2014/08/29 4:55 p.m.•30 views

Code injection

7.5CVSS7.8AI score0.18099EPSS

Exploits4References22Affected Software2

Tenable Nessus•added 2014/08/29 12:0 a.m.•32 views

Fedora 20 : glibc-2.18-14.fc20 (2014-9824)

Locale names, including those obtained from environment variables LANG and the LC variables, are more tightly checked for proper syntax. setlocale will now fail with EINVAL for locale names that are overly long, contain slashes without starting with a slash, or contain '..' path components...

7.5CVSS8.1AI score0.18099EPSS

Exploits4References5

Debian•added 2014/08/27 5:51 a.m.•30 views

[SECURITY] [DSA 3012-1] eglibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3012-1 [email protected] http://www.debian.org/security/ Florian Weimer August 27, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.8AI score0.18099EPSS

Exploits4

OpenVAS•added 2014/08/27 12:0 a.m.•35 views

Debian Security Advisory DSA 3012-1 (eglibc - security update)

Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve...

7.5CVSS0.5AI score0.18099EPSS

Exploits4References1