pkg:Debian/glibc
共 176 筆 CVECRITICAL22HIGH55MEDIUM32LOW2
✅ 檢查你的版本
所有已知漏洞
- from 0, < 2.31-13+deb11u7
- from 0, < 2.31-13+deb11u7
- CRITICAL9.8CVE-2026-5450Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format…from 0
- CRITICAL9.8CVE-2022-23219The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname ar…from 0, < 2.31-13+deb11u3
- CRITICAL9.8CVE-2022-23218The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path arg…from 0, < 2.31-13+deb11u3
- CRITICAL9.8CVE-2021-33574The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.from 0, < 2.31-13+deb11u3
- CRITICAL9.8CVE-1999-0199manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion o…from 0, < 2.2-1
- from 0
- CRITICAL9.8CVE-2005-3590The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointe…from 0, < 2.3.5-3
- CRITICAL9.8CVE-2019-9169In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attem…from 0, < 2.28-9
- CRITICAL9.8CVE-2018-11236stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realp…from 0, < 2.27-4
- CRITICAL9.8CVE-2017-18269An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or…from 0, < 2.27-3
- CRITICAL9.8CVE-2018-6551The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386…from 0, < 2.27-1
- CRITICAL9.8CVE-2018-6485An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and ea…from 0, < 2.27-1
- CRITICAL9.8CVE-2017-15804The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user name…from 0, < 2.25-3
- CRITICAL9.8CVE-2017-15670The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob functio…from 0, < 2.25-3
- CRITICAL9.8CVE-2014-9984nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processin…from 0, < 2.19-14
- CRITICAL9.8CVE-2015-8779Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attacker…from 0, < 2.21-7
- CRITICAL9.8CVE-2015-8778Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (app…from 0, < 2.21-8
- from 0, < 2.23-1
- from 0, < 2.2.5-11.1
- from 0, < 2.2.5-13
- CRITICAL9.1CVE-2021-35942The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) w…from 0, < 2.31-13
- CRITICAL9.1CVE-2015-8776The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service…from 0, < 2.21-7
- HIGH8.8CVE-2019-1010023GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file.from 0
- HIGH8.4CVE-2026-0861Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.…from 0
- HIGH8.4CVE-2016-2856pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and be…from 0, < 2.21-1
- from 0, < 2.31-13+deb11u10
- from 0, < 2.28-10+deb10u4
- from 0, < 2.31-13+deb11u10
- HIGH8.1CVE-2020-6096An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000.from 0, < 2.31-2
- HIGH8.1CVE-2015-8983Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-…from 0, < 2.21-1
- HIGH8.1CVE-2015-8982Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause…from 0, < 2.21-1
- from 0, < 2.19-18+deb8u3
- from 0, < 2.21-8
- from 0, < 2.31-13+deb11u13
- from 0, < 2.31-13+deb11u13
- from 0, < 2.36-9+deb12u4
- from 0, < 2.36-9+deb12u4
- from 0, < 2.31-13+deb11u4
- HIGH7.8CVE-2019-6488The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to…from 0, < 2.28-6
- HIGH7.8CVE-2018-11237An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyon…from 0, < 2.27-4
- HIGH7.8CVE-2017-1000408A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable.from 0, < 2.25-5
- HIGH7.8CVE-2018-1000001In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffe…from 0, < 2.26-4
- HIGH7.8CVE-2017-16997elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged…from 0, < 2.25-6
- from 0, < 2.19-18+deb8u10
- from 0, < 2.24-12
- HIGH7.5CVE-2026-5928Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and…from 0
- HIGH7.5CVE-2026-4046The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the I…from 0
- HIGH7.5CVE-2026-4437Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library vers…from 0, < 2.36-9+deb12u14
- HIGH7.5CVE-2025-15281Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to…from 0
- HIGH7.5CVE-2026-0915Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries fo…from 0
- HIGH7.5CVE-2023-6779An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library.from 0, < 2.36-9+deb12u4
- from 0, < 2.37-11
- from 0, < 2.33-4
- HIGH7.5CVE-2021-43396In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character vi…from 0, < 2.31-13+deb11u3
- HIGH7.5CVE-2021-3326The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3…from 0, < 2.31-10
- HIGH7.5CVE-2020-29573sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input…from 0, < 2.23-1
- HIGH7.5CVE-2019-9192In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demon…from 0
- HIGH7.5CVE-2018-20796In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demon…from 0
- HIGH7.5CVE-2009-5155In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to c…from 0, < 2.28-1
- HIGH7.5CVE-2018-19591In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation…from 0, < 2.28-1
- HIGH7.5CVE-2015-5180res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process cras…from 0, < 2.24-9
- HIGH7.5CVE-2016-5417Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2…from 0, < 2.22-4
- HIGH7.5CVE-2016-6323The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on…from 0, < 2.24-1
- HIGH7.5CVE-2016-3706Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows rem…from 0, < 2.22-8
- HIGH7.5CVE-2016-3075Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows cont…from 0, < 2.22-6
- from 0, < 2.22-8
- HIGH7.4CVE-2024-33602nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory w…from 0, < 2.31-13+deb11u10
- HIGH7.3CVE-2026-5435The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-suppli…from 0
- HIGH7.3CVE-2024-33601nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc o…from 0, < 2.31-13+deb11u10
- from 0, < 2.31-13+deb11u9
- from 0, < 2.31-13+deb11u9
- from 0, < 2.28-10+deb10u3
- HIGH7.0CVE-2020-1752A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out.from 0, < 2.30-3
- HIGH7.0CVE-2020-1751An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC.from 0, < 2.30-3
- HIGH7.0CVE-2017-1000409A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable.from 0, < 2.25-5
- MEDIUM6.5CVE-2026-6238The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA conten…from 0
- from 0, < 2.36-9+deb12u3
- MEDIUM6.2CVE-2026-3904Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under h…from 0, < 2.36-9
- from 0, < 2.31-13+deb11u12
- from 0, < 2.31-13+deb11u12
- from 0, < 2.15
- MEDIUM5.9CVE-2024-33600nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup respon…from 0, < 2.31-13+deb11u10
- from 0
- from 0
- MEDIUM5.9CVE-2019-25013The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR…from 0, < 2.31-9
- MEDIUM5.9CVE-2017-15671The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocat…from 0, < 2.25-3
- MEDIUM5.9CVE-2017-12133Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows…from 0, < 2.24-15
- MEDIUM5.9CVE-2017-12132The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP r…from 0, < 2.25-1
- MEDIUM5.9CVE-2015-8985The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (asse…from 0, < 2.28-1
- MEDIUM5.9CVE-2015-8984The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of ser…from 0, < 2.21-1
- from 0, < 2.31-3
- from 0, < 2.28-10+deb10u2
- from 0, < 2.22-10
- MEDIUM5.6CVE-2025-5745The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 t…from 0, < 2.41-9
- MEDIUM5.6CVE-2025-5702The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to…from 0, < 2.41-9
- MEDIUM5.5CVE-2015-20109end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to…from 0, < 2.22-1
- MEDIUM5.5CVE-2020-27618The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM136…from 0, < 2.31-5
- MEDIUM5.5CVE-2020-10029The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long d…from 0, < 2.30-1
- MEDIUM5.5CVE-2006-7254The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the dae…from 0, < 2.5-1
- MEDIUM5.5CVE-2019-7309In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicatin…from 0, < 2.28-6
- MEDIUM5.5CVE-2015-8777The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-gua…from 0, < 2.21-1
- MEDIUM5.4CVE-2026-4438Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library vers…from 0, < 2.36-9+deb12u14
- MEDIUM5.3CVE-2023-6780An integer overflow was found in the __vsyslog_internal function of the glibc library.from 0, < 2.36-9+deb12u4
- from 0
- from 0
- MEDIUM5.3CVE-2016-10739In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 a…from 0, < 2.28-6
- MEDIUM4.8CVE-2020-29562The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character,…from 0, < 2.31-7
- LOW3.3CVE-2019-19126On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable dur…from 0, < 2.29-8
- LOW2.5CVE-2021-27645The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lo…from 0, < 2.31-10
- —CVE-2026-5358The obsolete nis_local_principal function in the GNU C Library version 2.43 and older may overflow a buffer in the data section, which coul…from 0
- —CVE-2025-8058The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails.from 0
- —CVE-2015-5277The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might…from 0, < 2.21-1
- from 0, < 2.19-20
- —CVE-2013-7424The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to…from 0, < 2.15-1
- —CVE-2015-1473The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size du…from 0, < 2.19-15
- —CVE-2015-1472The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size du…from 0, < 2.19-15
- from 0, < 2.21-1
- from 0, < 2.19-14
- —CVE-2013-7423The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which…from 0, < 2.19-1
- from 0, < 2.18-1
- —CVE-2014-6040GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a…from 0, < 2.19-12
- from 0, < 2.17-1
- —CVE-2014-7817The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to ex…from 0, < 2.19-14
- —CVE-2014-4043The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specificati…from 0, < 2.19-2
- from 0, < 2.19-10
- from 0, < 2.19-6
- from 0, < 2.19-14
- —CVE-2012-3405The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a…from 0, < 2.13-35
- —CVE-2012-3404The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a…from 0, < 2.13-35
- —CVE-2013-4458Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earli…from 0, < 2.18-1
- —CVE-2013-4332Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers…from 0, < 2.17-93
- —CVE-2013-4237sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial o…from 0, < 2.17-94
- —CVE-2013-2207pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to c…from 0, < 2.21-1
- —CVE-2012-4424Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attac…from 0, < 2.17-94
- —CVE-2012-4412Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cau…from 0, < 2.17-94
- —CVE-2013-4788The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initia…from 0, < 2.17-94
- —CVE-2009-5029Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash)…from 0, < 2.13-24
- —CVE-2013-1914Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earli…from 0, < 2.17-2
- —CVE-2013-0242Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, all…from 0, < 2.17-2
- —CVE-2012-3480Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in…from 0, < 2.13-36
- —CVE-2011-1095locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local…from 0, < 2.13-16
- —CVE-2011-1089The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to wr…from 0, < 2.13-8
- —CVE-2011-1659Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause…from 0, < 2.13-8
- —CVE-2011-1071The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary cod…from 0, < 2.11.2-12
- —CVE-2009-5064ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file lin…from 0, < 2.10.1-7
- —CVE-2010-4756The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and m…from 0
- —CVE-2010-4052Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through…from 0, < 2.19-4
- —CVE-2010-4051The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent at…from 0, < 2.19-4
- —CVE-2010-3856ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT env…from 0, < 2.11.2-8
- from 0, < 2.11.2-8
- from 0, < 2.7-18lenny6
- from 0, < 2.7-18lenny7
- —CVE-2010-0830Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.…from 0, < 2.11-1
- —CVE-2010-0296The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs,…from 0, < 2.11-1
- —CVE-2009-4881Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6)…from 0, < 2.11.1-1
- —CVE-2009-4880Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-depende…from 0, < 2.11.1-1
- from 0, < 2.3.6.ds1-13etch10
- from 0, < 2.10.2-4
- from 0, < 2.11-1
- from 0, < 2.7-18lenny4
- —CVE-2008-1367gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and…from 0, < 2.7-8
- —CVE-2008-0122Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEA…from 0, < 2.2-1
- —CVE-2007-4840PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_…from 0, < 2.7-1
- —CVE-2007-3508Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code vi…from 0, < 2.6-2
- from 0, < 2.2.5-11.8
- from 0, < 2.3.2.ds1-19
- —CVE-2004-1382The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a d…from 0, < 2.3.2.ds1-19
- —CVE-2004-1453GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a…from 0, < 2.3.5
- —CVE-2003-0689The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and exec…from 0, < 2.2.5
- from 0, < 2.2.5-11.5
- from 0, < 2.3.1-16
- —CVE-2002-1146The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximu…from 0, < 2.3
- —CVE-2002-0684Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2…from 0, < 2.2.5-8
- —CVE-2002-0651Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to…from 0, < 2.2.5-8