Vulnerabilities > GNU > Glibc > 2.33
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |
2023-09-18 | CVE-2023-4806 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
2023-09-12 | CVE-2023-4813 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
2023-02-06 | CVE-2023-0687 | Unspecified vulnerability in GNU Glibc A vulnerability was found in GNU C Library 2.38. | 9.8 |
2022-08-24 | CVE-2021-3998 | A flaw was found in glibc. | 7.5 |
2022-01-14 | CVE-2022-23218 | Classic Buffer Overflow vulnerability in multiple products The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | 9.8 |
2022-01-14 | CVE-2022-23219 | Classic Buffer Overflow vulnerability in multiple products The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | 9.8 |
2021-08-12 | CVE-2021-38604 | NULL Pointer Dereference vulnerability in multiple products In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. | 7.5 |
2021-05-25 | CVE-2021-33574 | Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. | 9.8 |
2021-02-24 | CVE-2021-27645 | Double Free vulnerability in multiple products The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. | 2.5 |