Vulnerabilities > GNU > Glibc > 2.32

DATE CVE VULNERABILITY TITLE RISK
2023-09-18 CVE-2023-4527 Out-of-bounds Read vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-125
6.5
6.5
2023-09-12 CVE-2023-4813 Use After Free vulnerability in multiple products
A flaw was found in glibc.
network
high complexity
gnu redhat fedoraproject netapp CWE-416
5.9
5.9
2023-02-06 CVE-2023-0687 Unspecified vulnerability in GNU Glibc
A vulnerability was found in GNU C Library 2.38.
network
low complexity
gnu
critical
 9.8
9.8
2021-08-12 CVE-2021-38604 NULL Pointer Dereference vulnerability in multiple products
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference.
network
low complexity
gnu fedoraproject oracle CWE-476
7.5
7.5
2021-05-25 CVE-2021-33574 Use After Free vulnerability in multiple products
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.
network
low complexity
gnu fedoraproject netapp debian CWE-416
critical
 9.8
9.8
2021-02-26 CVE-2020-27618 Infinite Loop vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
local
low complexity
gnu netapp oracle debian CWE-835
5.5
5.5
2021-02-24 CVE-2021-27645 Double Free vulnerability in multiple products
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system.
local
high complexity
gnu fedoraproject debian CWE-415
2.5
2.5
2021-01-27 CVE-2021-3326 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
low complexity
gnu netapp oracle fujitsu debian CWE-617
7.5
7.5
2021-01-04 CVE-2019-25013 Out-of-bounds Read vulnerability in multiple products
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
network
high complexity
gnu fedoraproject netapp broadcom debian CWE-125
5.9
5.9
2020-12-04 CVE-2020-29562 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
high complexity
gnu fedoraproject netapp CWE-617
4.8
4.8