Vulnerabilities > GNU > Glibc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-04 | CVE-2020-10029 | Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. | 5.5 |
| 2019-11-19 | CVE-2019-19126 | Improper Initialization vulnerability in multiple products On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | 3.3 |
| 2019-07-15 | CVE-2019-1010025 | Use of Insufficiently Random Values vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 5.3 |
| 2019-07-15 | CVE-2019-1010024 | Information Exposure vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 5.3 |
| 2019-07-15 | CVE-2019-1010023 | Unspecified vulnerability in GNU Glibc GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. | 8.8 |
| 2019-07-15 | CVE-2019-1010022 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc GNU Libc current is affected by: Mitigation bypass. | 9.8 |
| 2019-04-10 | CVE-2006-7254 | Data Processing Errors vulnerability in GNU Glibc The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon. | 5.5 |
| 2019-04-10 | CVE-2005-3590 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. | 9.8 |
| 2019-02-26 | CVE-2019-9192 | Uncontrolled Recursion vulnerability in GNU Glibc In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. | 7.5 |
| 2019-02-26 | CVE-2019-9169 | Out-of-bounds Read vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | 9.8 |