Vulnerabilities > GNU > Glibc > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-06 | CVE-1999-0199 | Unchecked Return Value vulnerability in GNU Glibc manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999. | 7.5 |
2020-04-30 | CVE-2020-1752 | Use After Free vulnerability in multiple products A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. | 7.0 |
2020-04-17 | CVE-2020-1751 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. | 7.0 |
2020-04-01 | CVE-2020-6096 | Signed to Unsigned Conversion Error vulnerability in multiple products An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. | 8.1 |
2019-07-15 | CVE-2019-1010023 | Unspecified vulnerability in GNU Glibc GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. | 8.8 |
2019-04-10 | CVE-2005-3590 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Glibc The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory. | 7.5 |
2019-02-26 | CVE-2019-9192 | Uncontrolled Recursion vulnerability in GNU Glibc In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. | 7.5 |
2019-02-26 | CVE-2018-20796 | Uncontrolled Recursion vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | 7.5 |
2019-02-26 | CVE-2009-5155 | Data Processing Errors vulnerability in multiple products In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | 7.5 |
2018-12-04 | CVE-2018-19591 | Improper Input Validation vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. | 7.5 |