83 matches found
CVE-2021-27419
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
EUVD-2016-3308
Malware in sbrugna...
EUVD-2021-14173
Malware in sbrugna...
EUVD-2016-3309
Malware in sbrugna...
EUVD-2022-52246
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-27419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memor...
Linux Distros Unpatched Vulnerability : CVE-2022-30295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a...
Linux Distros Unpatched Vulnerability : CVE-2021-43523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo,...
Linux Distros Unpatched Vulnerability : CVE-2022-29503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to...
CVE-2022-30295
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2...
CVE-2022-29503 affecting package uclibc-ng for versions less than 1.0.43-1
CVE-2022-29503 affecting package uclibc-ng for versions less than 1.0.43-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-29503 affecting package uclibc-ng 1.0.41-1
CVE-2022-29503 affecting package uclibc-ng 1.0.41-1. An upgraded version of the package is available that resolves this issue...
CBL Mariner 2.0 Security Update: uclibc-ng (CVE-2022-30295)
The version of uclibc-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-30295 advisory. - uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to...
CBL Mariner 2.0 Security Update: uclibc-ng (CVE-2021-43523)
The version of uclibc-ng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43523 advisory. - In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned ...
SUSE CVE-2016-6264
Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent attackers to cause a denial of service crash via a negative length value to the memset function...
SUSE CVE-2021-27419
uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
SUSE CVE-2022-30295
uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2...
AZL-27304 CVE-2022-29503 affecting package uclibc-ng for versions less than 1.0.43-1
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability...
DEBIAN-CVE-2022-29503
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability...
CVE-2022-29503
CVE-2022-29503 describes a memory corruption vulnerability in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40 . The issue arises from thread allocation, allowing an attacker to trigger memory corruption by creating threads. Affected components are the libpthread/...