Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Glibc
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 144 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-06-01 | CVE-2016-1234 | Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. | Fedora, Glibc, Leap, Opensuse | 7.5 | ||
| 2016-06-01 | CVE-2016-3075 | Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. | Ubuntu_linux, Fedora, Glibc, Opensuse | 7.5 | ||
| 2016-06-10 | CVE-2016-4429 | Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. | Ubuntu_linux, Glibc, Leap, Opensuse | 5.9 | ||
| 2016-10-07 | CVE-2016-6323 | The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation. | Fedora, Glibc, Opensuse | 7.5 | ||
| 2017-03-02 | CVE-2016-10228 | The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. | Glibc | 5.9 | ||
| 2017-03-15 | CVE-2015-8982 | Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | Glibc | 8.1 | ||
| 2017-03-20 | CVE-2015-8983 | Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. | Glibc | 8.1 | ||
| 2017-03-20 | CVE-2015-8984 | The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read. | Glibc | 5.9 | ||
| 2017-06-12 | CVE-2014-9984 | nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. | Glibc | 9.8 | ||
| 2017-09-07 | CVE-2017-12133 | Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path. | Glibc | 5.9 |