2.0.3

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-27	CVE-2021-3326	Reachable Assertion vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. network low complexity gnu netapp oracle fujitsu debian CWE-617	7.5
2021-01-04	CVE-2019-25013	Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. network high complexity gnu fedoraproject netapp broadcom debian CWE-125	5.9
2020-10-06	CVE-1999-0199	Unchecked Return Value vulnerability in GNU Glibc manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999. network low complexity gnu CWE-252 critical	9.8
2020-04-30	CVE-2020-1752	A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. local high complexity gnu canonical netapp debian	7.0
2020-04-17	CVE-2020-1751	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. local high complexity gnu redhat canonical CWE-787	7.0
2020-04-01	CVE-2020-6096	An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. network high complexity gnu fedoraproject debian	8.1
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2019-04-10	CVE-2006-7254	Data Processing Errors vulnerability in GNU Glibc The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. local low complexity gnu CWE-19	5.5
2019-04-10	CVE-2005-3590	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. network low complexity gnu CWE-119 critical	9.8
2019-02-26	CVE-2019-9192	Uncontrolled Recursion vulnerability in GNU Glibc In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. network low complexity gnu CWE-674	7.5