glibc
Products
2- 3 CVEs
- 2 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-6488 | 0.00 | — | 0.00 | Jan 18, 2019 | The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as… | |||
| CVE-2009-4881 | 0.00 | — | 0.02 | Jun 1, 2010 | Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as… | |||
| CVE-2004-1382 | 0.00 | — | 0.00 | Dec 31, 2004 | The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. | |||
| CVE-2002-1146 | 0.00 | — | 0.03 | Oct 11, 2002 | The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary… | |||
| CVE-2000-0335 | 0.00 | — | 0.02 | May 3, 2000 | The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. |
- CVE-2019-6488Jan 18, 2019risk 0.00cvss —epss 0.00
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as…
- CVE-2009-4881Jun 1, 2010risk 0.00cvss —epss 0.02
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as…
- CVE-2004-1382Dec 31, 2004risk 0.00cvss —epss 0.00
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
- CVE-2002-1146Oct 11, 2002risk 0.00cvss —epss 0.03
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary…
- CVE-2000-0335May 3, 2000risk 0.00cvss —epss 0.02
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.