| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-0235 | 10.0 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
|
14-02-2024 - 01:17 | 28-01-2015 - 19:59 | |
| CVE-2013-4458 | 5.0 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that trigg
|
13-02-2023 - 04:46 | 12-12-2013 - 18:55 | |
| CVE-2013-4237 | 6.8 |
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS
|
13-02-2023 - 04:45 | 09-10-2013 - 22:55 | |
| CVE-2015-1781 | 6.8 |
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS respo
|
13-02-2023 - 00:46 | 28-09-2015 - 20:59 | |
| CVE-2014-7817 | 4.6 |
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
|
13-02-2023 - 00:42 | 24-11-2014 - 15:59 | |
| CVE-2014-6040 | 5.0 |
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937,
|
13-02-2023 - 00:42 | 05-12-2014 - 16:59 | |
| CVE-2015-7547 | 6.8 |
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrar
|
12-02-2023 - 23:15 | 18-02-2016 - 21:59 | |
| CVE-2013-7423 | 5.0 |
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigge
|
01-09-2021 - 18:15 | 24-02-2015 - 15:59 | |
| CVE-2017-1000366 | 7.2 |
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made t
|
15-10-2020 - 13:28 | 19-06-2017 - 16:29 | |
| CVE-2013-7424 | 5.1 |
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demon
|
28-11-2016 - 19:10 | 26-08-2015 - 19:59 |