VYPR

Libc

by GNU

CVEs (12)

  • CVE-2026-40200HigApr 10, 2026
    risk 0.53cvss 8.1epss 0.00

    An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on…

  • CVE-2026-6042LowApr 10, 2026
    risk 0.21cvss 3.3epss 0.00

    A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local…

  • CVE-1999-0041Feb 13, 1997
    risk 0.04cvss epss 0.09

    Buffer overflow in NLS (Natural Language Service).

  • CVE-1999-0767Sep 8, 1999
    risk 0.03cvss epss 0.01

    Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.

  • CVE-2002-0029Nov 29, 2002
    risk 0.01cvss epss 0.10

    Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2)…

  • CVE-2019-14874Mar 19, 2020
    risk 0.00cvss epss 0.01

    In the __i2b function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of _ x[0] will trigger a null pointer…

  • CVE-2019-14877Mar 19, 2020
    risk 0.00cvss epss 0.01

    In the __mdiff function of the newlib libc library, all versions prior to 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate big integers, however no check is performed to verify if the allocation succeeded or not. The access to _wds and _sign will trigger a null…

  • CVE-2019-14873Mar 19, 2020
    risk 0.00cvss epss 0.01

    In the __multadd function of the newlib libc library, prior to versions 3.3.0 (see newlib/libc/stdlib/mprec.c), Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. This will trigger a null pointer dereference bug…

  • CVE-2012-1577Dec 10, 2019
    risk 0.00cvss epss 0.02

    lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.

  • CVE-2019-14697Aug 6, 2019
    risk 0.00cvss epss 0.03

    musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

  • CVE-2019-1010023Jul 15, 2019
    risk 0.00cvss epss 0.03

    GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute…

  • CVE-2019-1010022Jul 15, 2019
    risk 0.00cvss epss 0.03

    GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream…