169 matches found
CVE-2025-15281
CVE-2025-15281 concerns the GNU C Library (glibc). The issue arises when wordexp is used with WRDE_REUSE together with WRDE_APPEND, which can cause we_wordv to be returned with uninitialized memory. On subsequent wordfree calls this memory state may trigger a process abort. The CVE is reflected i...
CVE-2025-15281
Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...
GNU C Library security vulnerabilities
The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions 2.0 through 2.42 of the GNU C Library contained security vulnerabilities; these vulnerabilities stemmed from the possibility of returning uninitialized memory when...
MiracleLinux 7 : glibc-2.17-326.3.0.1.el7.AXS7 (AXSA:2024-8594:08)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8594:08 advisory. CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 CVE-2021-35942: wordexp - handle overflow in positional parameter number CVE-2022-23218:...
CVE-2023-25607
An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 throug...
EUVD-2021-22577
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-35942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an...
PT-2026-3558
Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.0 through 2.42 Description Using the wordexp function with WRDE REUSE and WRDE APPEND together in the GNU C Library can lead to the function returning uninitialized memory in the we wordv member. Subsequent calls to...
The vulnerability of the wordexp() function in the tinygltf library, a programming language, allows attackers to execute arbitrary code.
The vulnerability of the wordexp function in the tinygltf programming language library is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted commands...
CLSA-2024-1720027216 glibc: Fix of 4 CVEs
CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 - CVE-2021-35942: wordexp - handle overflow in positional parameter number - CVE-2022-23218: Buffer overflow in sunrpc svcunixcreate - CVE-2022-23219: Buffer overflow in sunrpc clntcreate for "unix"...
RHEL 5 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: noexec bypass via wordexp CVE-2016-7076 - sudo before 1.8.12 does not ensure that the TZ environmen...
RHEL 5 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sudo: noexec bypass via wordexp CVE-2016-7076 - sudo: symbolic link attack in SELinux-enabled sudoedit...
CVE-2023-25607
An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 throug...
CVE-2023-25607
An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 throug...
Debian: Security Advisory (DLA-97-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K98121587: glibc vulnerability CVE-2021-35942
Security Advisory Description The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs...
SUSE CVE-2014-7817
The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$..."...
SUSE CVE-2016-7076
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to...
SUSE CVE-2021-35942
The wordexp function in the GNU C Library aka glibc through 2.33 may crash or read arbitrary memory in parseparam in posix/wordexp.c when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but...
Ubuntu 16.04 ESM : GNU C Library vulnerabilities (USN-5699-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5699-1 advisory. Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could...