Skip to main content

Glibc

113 CVEs product

Monthly

CVE-2026-6238 MEDIUM PATCH This Month

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.

Buffer Overflow Glibc
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5435 HIGH PATCH This Week

Out-of-bounds write in GNU C Library 2.2+ allows remote unauthenticated attackers to corrupt memory and potentially execute arbitrary code through specially crafted TSIG DNS records processed by deprecated ns_printrrf, ns_printrr, or fp_nquery functions. While these functions are deprecated, any application still using them for DNS record printing remains vulnerable to network-based attacks with low complexity and no authentication barriers. No public exploit identified at time of analysis, but the deprecated status suggests limited real-world exposure despite the network attack vector.

Buffer Overflow Memory Corruption Glibc
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-5450 CRITICAL PATCH Act Now

Heap buffer overflow in glibc scanf functions versions 2.7 through 2.43 allows remote unauthenticated attackers to execute arbitrary code by providing malicious input to applications using %mc format specifiers with width >1024. CVSS 9.8 indicates critical network-accessible impact, but EPSS score of 0.02% (5th percentile) suggests minimal real-world exploitation activity at time of analysis. No CISA KEV listing confirms this as a theoretical risk requiring specific application usage patterns rather than widespread active exploitation. Successful exploitation depends on target applications parsing attacker-controlled input through affected scanf family functions with specific format string configurations.

Heap Overflow Buffer Overflow Glibc
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-5928 HIGH PATCH This Week

Out-of-bounds read in GNU C Library (glibc) versions 2.1.1 through 2.43 during wide character pushback operations can cause application crashes and potential information disclosure. The ungetwc() function incorrectly operates on the regular character buffer instead of the wide-stream buffer due to an implementation bug in _IO_wdefault_pbackfail, leading to reads before allocated memory regions. While CVSS rates this 7.5 High with network vector, EPSS exploitation probability is extremely low (0.02%, 5th percentile), reflecting the highly specialized conditions required: applications must use ungetwc() with character encodings having single-byte/multi-byte overlaps (not standard Unicode sets). No active exploitation confirmed (not in CISA KEV), no public exploit code identified at time of analysis.

Denial Of Service Glibc
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5358 CRITICAL PATCH Act Now

Buffer overflow in glibc's obsolete NIS authentication function allows remote attackers to compromise integrity and availability via spoofed UDP responses. Affects all glibc versions through 2.43, but exploitation requires the target application to actively use the deprecated nis_local_principal function (obsolete since glibc 2.26). EPSS score of 0.02% (5th percentile) indicates low real-world exploitation probability, consistent with the narrow attack surface of legacy NIS deployments. No active exploitation or public exploit code identified at time of analysis.

Buffer Overflow Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-4046 HIGH PATCH This Week

Remote denial of service in GNU C Library (glibc) 2.43 and earlier allows unauthenticated remote attackers to crash applications via malformed input during character set conversion from IBM1390 or IBM1399 encodings. The vulnerability triggers an assertion failure in the iconv() function with high attack reliability (CVSS 7.5, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Proof-of-concept code exists and CISA SSVC assessment confirms the issue is automatable with partial technical impact, making this a practical denial-of-service vector for any networked application processing untrusted character encoding conversions.

Denial Of Service Glibc
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-4438 MEDIUM PATCH This Month

The GNU C Library (glibc) versions 2.34 through 2.43 contain a vulnerability in the gethostbyaddr and gethostbyaddr_r functions that can return invalid DNS hostnames violating DNS specification requirements when using a configured nsswitch.conf with the DNS backend. This affects any application or system service relying on reverse DNS lookups through glibc, potentially leading to information disclosure or incorrect hostname resolution. While no CVSS score, EPSS probability, or active exploitation status has been publicly assigned, the vulnerability represents a data integrity issue in a foundational system library affecting millions of Linux systems.

Information Disclosure Glibc
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-4437 HIGH PATCH This Week

A DNS response parsing vulnerability exists in the GNU C Library (glibc) versions 2.34 through 2.43 affecting the gethostbyaddr and gethostbyaddr_r functions. When a malicious or compromised DNS server returns a crafted response that violates the DNS specification, the library may incorrectly treat non-answer sections (such as authority or additional sections) as valid answers, leading to buffer overflow and information disclosure. The vulnerability is classified as a read buffer over-read (CWE-125) and does not currently have a published CVSS score, EPSS metric, or confirmed KEV status, though the underlying mechanism suggests moderate real-world risk in environments with untrusted or attacker-controlled DNS infrastructure.

Information Disclosure Buffer Overflow Glibc
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3904 MEDIUM PATCH This Month

Denial of service in GNU C Library 2.36 on x86_64 systems occurs when nscd-backed functions trigger a race condition in the optimized memcmp implementation, allowing concurrent thread modification of input data to cause application crashes. This affects any application using NSS caching functionality under high load conditions. No patch is currently available.

Denial Of Service Glibc
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-15281 HIGH PATCH This Week

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. [CVSS 7.5 HIGH]

Information Disclosure Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0915 HIGH PATCH This Week

Stack memory disclosure in GNU C Library versions 2.0-2.42 allows unauthenticated remote attackers to leak sensitive stack contents via crafted DNS queries when getnetbyaddr functions are configured to use the DNS backend for network lookups. This vulnerability affects systems running vulnerable Glibc and DNS resolver combinations, with no available patch currently released.

DNS Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-0861 HIGH POC PATCH This Week

Glibc versions 2.30 through 2.42 contain an integer overflow in the memalign function family that allows attackers with control over both size and alignment parameters to trigger heap corruption. Public exploit code exists for this vulnerability, which requires carefully crafted inputs with alignment values between 2^62+1 and 2^63 paired with sizes near PTRDIFF_MAX. Local attackers exploiting this flaw could achieve code execution or denial of service on affected systems.

Buffer Overflow Integer Overflow Glibc Red Hat Suse
NVD VulDB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-5745 MEDIUM PATCH This Month

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian Glibc Red Hat +1
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2025-5702 MEDIUM PATCH This Month

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian Glibc Red Hat +1
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2025-4802 HIGH POC PATCH This Month

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Glibc Red Hat Suse
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-33602 HIGH This Week

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Glibc Debian Linux H300s Firmware H500s Firmware +8
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2024-33601 HIGH This Week

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Glibc Debian Linux H300s Firmware H500s Firmware +8
NVD
CVSS 3.1
7.3
EPSS
0.2%
CVE-2024-33600 MEDIUM This Month

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Null Pointer Dereference Denial Of Service Glibc Debian Linux Active Iq Unified Manager +10
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2024-33599 HIGH This Week

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Glibc Debian Linux H300s Firmware +6
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-6780 MEDIUM POC This Month

An integer overflow was found in the __vsyslog_internal function of the glibc library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Glibc Fedora
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2023-6779 HIGH POC This Week

Heap-based off-by-one buffer overflow in glibc's __vsyslog_internal function affects versions 2.37 and newer, triggered when syslog() or vsyslog() are invoked with messages exceeding INT_MAX bytes. Remote attackers can cause application crashes (denial of service) and potentially impact integrity in applications that log attacker-controlled data via syslog. Publicly available exploit code exists, though EPSS exploitation probability remains moderate at 0.65% (71st percentile) and the issue is not listed in CISA KEV.

Heap Overflow Buffer Overflow Glibc Fedora
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2023-6246 HIGH POC THREAT Act Now

Local privilege escalation in GNU glibc 2.36 and newer arises from a heap-based buffer overflow in __vsyslog_internal, reachable via the syslog/vsyslog interfaces when openlog was not called (or called with a NULL ident) and argv[0]'s basename exceeds 1024 bytes. Any setuid/setgid binary on affected Linux distributions (including Fedora 38 and 39) that invokes syslog can be leveraged by a local attacker to crash the process or escalate privileges to root. Publicly available exploit code exists and EPSS sits at the 96th percentile, signaling meaningful real-world risk despite the local attack vector.

Privilege Escalation Heap Overflow Buffer Overflow Glibc Fedora
NVD
CVSS 3.1
8.4
EPSS
25.5%
CVE-2023-5156 HIGH PATCH This Week

A flaw was found in the GNU C Library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Glibc Enterprise Linux
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-4806 MEDIUM This Month

A flaw has been identified in glibc. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Glibc Codeready Linux Builder Eus +20
NVD VulDB
CVSS 3.1
5.9
EPSS
1.9%
CVE-2023-4527 MEDIUM POC This Month

A flaw was found in glibc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Glibc Codeready Linux Builder Eus Codeready Linux Builder Eus For Power Little Endian +24
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-4813 MEDIUM PATCH This Month

A flaw has been identified in glibc. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption Glibc Enterprise Linux +14
NVD
CVSS 3.1
5.9
EPSS
1.7%
CVE-2023-0687 CRITICAL PATCH Act Now

A vulnerability was found in GNU C Library 2.38. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Glibc
NVD VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-25139 CRITICAL POC Act Now

sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Glibc
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-39046 MEDIUM POC This Month

An issue was discovered in the GNU C Library (glibc) 2.36. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc H300s Firmware H500s Firmware H700s Firmware +3
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2021-43396 HIGH POC PATCH This Week

In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Glibc Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Function Cloud Native Environment Communications Cloud Native Core Network Repository Function +3
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2021-38604 HIGH POC PATCH This Week

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Glibc Fedora Communications Cloud Native Core Binding Support Function +5
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2021-35942 CRITICAL Act Now

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Glibc Active Iq Unified Manager E Series Santricity Os Controller +4
NVD
CVSS 3.1
9.1
EPSS
2.7%
CVE-2021-33574 CRITICAL POC Act Now

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption Glibc Fedora +11
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2021-27645 LOW PATCH Monitor

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting. Rated low severity (CVSS 2.5).

Denial Of Service Glibc Fedora Debian Linux
NVD
CVSS 3.1
2.5
EPSS
0.4%
CVE-2021-3326 HIGH PATCH This Week

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Glibc E Series Santricity Os Controller Ontap Select Deploy Administration Utility Communications Cloud Native Core Security Edge Protection Proxy +7
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2020-29573 HIGH PATCH This Week

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Canonical Glibc Enterprise Linux +2
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-29562 MEDIUM POC This Month

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program,. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Glibc Fedora E Series Santricity Os Controller
NVD
CVSS 3.1
4.8
EPSS
1.5%
CVE-2020-1752 HIGH PATCH This Week

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption RCE Glibc Ubuntu Linux +6
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2020-1751 HIGH PATCH This Week

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Rated high severity (CVSS 7.0).

Buffer Overflow RCE Denial Of Service Memory Corruption Glibc +2
NVD
CVSS 3.1
7.0
EPSS
0.5%
CVE-2020-6096 HIGH This Week

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Glibc Fedora Debian Linux
NVD
CVSS 3.1
8.1
EPSS
5.2%
CVE-2020-10029 MEDIUM POC This Month

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Canonical Glibc Fedora +9
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2019-19126 LOW PATCH Monitor

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Authentication Bypass Glibc Ubuntu Linux Fedora Debian Linux
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2019-1010025 MEDIUM POC This Month

GNU Libc current is affected by: Mitigation bypass. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Glibc
NVD
CVSS 3.0
5.3
EPSS
2.3%
CVE-2019-1010024 MEDIUM POC This Month

GNU Libc current is affected by: Mitigation bypass. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
CVSS 3.0
5.3
EPSS
3.2%
CVE-2019-1010023 MEDIUM POC This Month

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
CVSS 3.1
5.4
EPSS
3.1%
CVE-2019-1010022 CRITICAL POC Act Now

GNU Libc current is affected by: Mitigation bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Glibc
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2019-9192 HIGH POC This Week

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2019-9169 CRITICAL POC PATCH Act Now

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Glibc Cloud Backup Ontap Select Deploy Administration Utility +3
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2019-7309 MEDIUM POC This Month

In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2019-6488 HIGH This Week

The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Glibc
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-19591 HIGH POC This Week

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc Fedora
NVD
CVSS 3.1
7.5
EPSS
5.5%
CVE-2018-11237 HIGH POC PATCH This Week

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Glibc Virtualization Host Enterprise Linux Desktop +7
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.9%
CVE-2018-11236 CRITICAL PATCH Act Now

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Buffer Overflow Glibc Virtualization Host +7
NVD
CVSS 3.0
9.8
EPSS
7.4%
CVE-2018-6551 CRITICAL Act Now

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Glibc
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2018-6485 CRITICAL PATCH Act Now

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Glibc Virtualization Host Enterprise Linux Desktop +12
NVD
CVSS 3.0
9.8
EPSS
4.7%
CVE-2018-1000001 HIGH POC THREAT Act Now

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Glibc Ubuntu Linux +7
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
13.4%
CVE-2017-16997 HIGH PATCH This Week

elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Glibc Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2017-17426 HIGH POC This Week

The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Glibc
NVD
CVSS 3.0
8.1
EPSS
0.4%
CVE-2017-15804 CRITICAL PATCH Act Now

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Glibc
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-15671 MEDIUM PATCH This Month

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Glibc
NVD
CVSS 3.0
5.9
EPSS
0.2%
CVE-2017-15670 CRITICAL PATCH Act Now

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Glibc
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-12133 MEDIUM This Month

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Use After Free Information Disclosure Glibc
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2017-12132 MEDIUM PATCH This Month

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Glibc
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2015-5180 HIGH PATCH This Week

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Ubuntu Linux Glibc
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-1000366 HIGH POC PATCH This Week

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow RCE Enterprise Linux Enterprise Linux Desktop Enterprise Linux Server +17
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
8.9%
CVE-2014-9984 CRITICAL PATCH Act Now

nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Glibc
NVD
CVSS 3.0
9.8
EPSS
0.5%
CVE-2017-8804 HIGH PATCH This Week

The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Denial Of Service Deserialization Glibc
NVD
CVSS 3.0
7.5
EPSS
6.0%
CVE-2015-8985 MEDIUM PATCH This Month

The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Glibc
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2015-8984 MEDIUM PATCH This Month

The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Glibc
NVD
CVSS 3.0
5.9
EPSS
0.8%
CVE-2015-8983 HIGH PATCH This Week

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service Buffer Overflow Glibc
NVD
CVSS 3.0
8.1
EPSS
0.5%
CVE-2015-8982 HIGH PATCH This Week

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service Buffer Overflow Glibc
NVD
CVSS 3.0
8.1
EPSS
1.3%
CVE-2016-10228 MEDIUM This Month

The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Glibc
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2016-5417 HIGH PATCH This Week

Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Glibc
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2016-6323 HIGH This Week

The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Glibc Opensuse Fedora
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-4429 MEDIUM PATCH This Month

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Memory Corruption Buffer Overflow Leap Opensuse +2
NVD
CVSS 3.1
5.9
EPSS
2.0%
CVE-2016-3706 HIGH This Week

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Opensuse Glibc
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2016-3075 HIGH Act Now

Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Denial Of Service Buffer Overflow Opensuse Glibc Fedora +1
NVD
CVSS 3.0
7.5
EPSS
10.9%
CVE-2016-1234 HIGH POC PATCH This Week

Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Glibc Leap Opensuse +1
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2015-8779 CRITICAL Act Now

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Linux Enterprise Debuginfo Opensuse +8
NVD
CVSS 3.0
9.8
EPSS
5.5%
CVE-2015-8778 CRITICAL Act Now

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Fedora Debian Linux +8
NVD
CVSS 3.0
9.8
EPSS
5.3%
CVE-2015-8776 CRITICAL Act Now

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Enterprise Debuginfo Opensuse Linux Enterprise Desktop Linux Enterprise Server +6
NVD
CVSS 3.0
9.1
EPSS
4.3%
CVE-2014-9761 CRITICAL Act Now

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Linux Enterprise Debuginfo Opensuse +7
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2015-7547 HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 94.0%.

Denial Of Service RCE Buffer Overflow Debian Linux Ubuntu Linux +28
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
94.0%
Threat
5.9
CVE-2015-8777 MEDIUM POC This Month

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Glibc
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2015-5277 HIGH This Week

The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +3
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1781 MEDIUM This Month

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service RCE Buffer Overflow Linux Enterprise Debuginfo Linux Enterprise Desktop +4
NVD
CVSS 2.0
6.8
EPSS
7.3%
CVE-2013-7424 MEDIUM This Month

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Glibc
NVD
CVSS 2.0
5.1
EPSS
0.8%
CVE-2015-1473 MEDIUM This Month

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Glibc
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2015-1472 HIGH This Week

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux Glibc
NVD
CVSS 2.0
7.5
EPSS
4.8%
CVE-2014-8121 MEDIUM POC This Month

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Suse Linux Enterprise Desktop Suse Linux Enterprise Server Glibc Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
3.0%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.

Buffer Overflow Glibc
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Out-of-bounds write in GNU C Library 2.2+ allows remote unauthenticated attackers to corrupt memory and potentially execute arbitrary code through specially crafted TSIG DNS records processed by deprecated ns_printrrf, ns_printrr, or fp_nquery functions. While these functions are deprecated, any application still using them for DNS record printing remains vulnerable to network-based attacks with low complexity and no authentication barriers. No public exploit identified at time of analysis, but the deprecated status suggests limited real-world exposure despite the network attack vector.

Buffer Overflow Memory Corruption Glibc
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Heap buffer overflow in glibc scanf functions versions 2.7 through 2.43 allows remote unauthenticated attackers to execute arbitrary code by providing malicious input to applications using %mc format specifiers with width >1024. CVSS 9.8 indicates critical network-accessible impact, but EPSS score of 0.02% (5th percentile) suggests minimal real-world exploitation activity at time of analysis. No CISA KEV listing confirms this as a theoretical risk requiring specific application usage patterns rather than widespread active exploitation. Successful exploitation depends on target applications parsing attacker-controlled input through affected scanf family functions with specific format string configurations.

Heap Overflow Buffer Overflow Glibc
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Out-of-bounds read in GNU C Library (glibc) versions 2.1.1 through 2.43 during wide character pushback operations can cause application crashes and potential information disclosure. The ungetwc() function incorrectly operates on the regular character buffer instead of the wide-stream buffer due to an implementation bug in _IO_wdefault_pbackfail, leading to reads before allocated memory regions. While CVSS rates this 7.5 High with network vector, EPSS exploitation probability is extremely low (0.02%, 5th percentile), reflecting the highly specialized conditions required: applications must use ungetwc() with character encodings having single-byte/multi-byte overlaps (not standard Unicode sets). No active exploitation confirmed (not in CISA KEV), no public exploit code identified at time of analysis.

Denial Of Service Glibc
NVD VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Buffer overflow in glibc's obsolete NIS authentication function allows remote attackers to compromise integrity and availability via spoofed UDP responses. Affects all glibc versions through 2.43, but exploitation requires the target application to actively use the deprecated nis_local_principal function (obsolete since glibc 2.26). EPSS score of 0.02% (5th percentile) indicates low real-world exploitation probability, consistent with the narrow attack surface of legacy NIS deployments. No active exploitation or public exploit code identified at time of analysis.

Buffer Overflow Glibc Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote denial of service in GNU C Library (glibc) 2.43 and earlier allows unauthenticated remote attackers to crash applications via malformed input during character set conversion from IBM1390 or IBM1399 encodings. The vulnerability triggers an assertion failure in the iconv() function with high attack reliability (CVSS 7.5, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Proof-of-concept code exists and CISA SSVC assessment confirms the issue is automatable with partial technical impact, making this a practical denial-of-service vector for any networked application processing untrusted character encoding conversions.

Denial Of Service Glibc
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

The GNU C Library (glibc) versions 2.34 through 2.43 contain a vulnerability in the gethostbyaddr and gethostbyaddr_r functions that can return invalid DNS hostnames violating DNS specification requirements when using a configured nsswitch.conf with the DNS backend. This affects any application or system service relying on reverse DNS lookups through glibc, potentially leading to information disclosure or incorrect hostname resolution. While no CVSS score, EPSS probability, or active exploitation status has been publicly assigned, the vulnerability represents a data integrity issue in a foundational system library affecting millions of Linux systems.

Information Disclosure Glibc
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A DNS response parsing vulnerability exists in the GNU C Library (glibc) versions 2.34 through 2.43 affecting the gethostbyaddr and gethostbyaddr_r functions. When a malicious or compromised DNS server returns a crafted response that violates the DNS specification, the library may incorrectly treat non-answer sections (such as authority or additional sections) as valid answers, leading to buffer overflow and information disclosure. The vulnerability is classified as a read buffer over-read (CWE-125) and does not currently have a published CVSS score, EPSS metric, or confirmed KEV status, though the underlying mechanism suggests moderate real-world risk in environments with untrusted or attacker-controlled DNS infrastructure.

Information Disclosure Buffer Overflow Glibc
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Denial of service in GNU C Library 2.36 on x86_64 systems occurs when nscd-backed functions trigger a race condition in the optimized memcmp implementation, allowing concurrent thread modification of input data to cause application crashes. This affects any application using NSS caching functionality under high load conditions. No patch is currently available.

Denial Of Service Glibc
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. [CVSS 7.5 HIGH]

Information Disclosure Glibc Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Stack memory disclosure in GNU C Library versions 2.0-2.42 allows unauthenticated remote attackers to leak sensitive stack contents via crafted DNS queries when getnetbyaddr functions are configured to use the DNS backend for network lookups. This vulnerability affects systems running vulnerable Glibc and DNS resolver combinations, with no available patch currently released.

DNS Glibc Red Hat +1
NVD VulDB
EPSS 0% CVSS 8.4
HIGH POC PATCH This Week

Glibc versions 2.30 through 2.42 contain an integer overflow in the memalign function family that allows attackers with control over both size and alignment parameters to trigger heap corruption. Public exploit code exists for this vulnerability, which requires carefully crafted inputs with alignment values between 2^62+1 and 2^63 paired with sizes near PTRDIFF_MAX. Local attackers exploiting this flaw could achieve code execution or denial of service on affected systems.

Buffer Overflow Integer Overflow Glibc +2
NVD VulDB
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian +3
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A security vulnerability in the GNU C Library (CVSS 5.6). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian +3
NVD
EPSS 0% CVSS 7.8
HIGH POC PATCH This Month

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Glibc Red Hat +1
NVD
EPSS 1% CVSS 7.4
HIGH This Week

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Glibc Debian Linux +10
NVD
EPSS 0% CVSS 7.3
HIGH This Week

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Glibc Debian Linux +10
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Null Pointer Dereference Denial Of Service Glibc +12
NVD
EPSS 1% CVSS 8.1
HIGH This Week

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Stack Overflow Glibc +8
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

An integer overflow was found in the __vsyslog_internal function of the glibc library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Glibc Fedora
NVD
EPSS 1% CVSS 8.2
HIGH POC This Week

Heap-based off-by-one buffer overflow in glibc's __vsyslog_internal function affects versions 2.37 and newer, triggered when syslog() or vsyslog() are invoked with messages exceeding INT_MAX bytes. Remote attackers can cause application crashes (denial of service) and potentially impact integrity in applications that log attacker-controlled data via syslog. Publicly available exploit code exists, though EPSS exploitation probability remains moderate at 0.65% (71st percentile) and the issue is not listed in CISA KEV.

Heap Overflow Buffer Overflow Glibc +1
NVD
EPSS 25% CVSS 8.4
HIGH POC THREAT Act Now

Local privilege escalation in GNU glibc 2.36 and newer arises from a heap-based buffer overflow in __vsyslog_internal, reachable via the syslog/vsyslog interfaces when openlog was not called (or called with a NULL ident) and argv[0]'s basename exceeds 1024 bytes. Any setuid/setgid binary on affected Linux distributions (including Fedora 38 and 39) that invokes syslog can be leveraged by a local attacker to crash the process or escalate privileges to root. Publicly available exploit code exists and EPSS sits at the 96th percentile, signaling meaningful real-world risk despite the local attack vector.

Privilege Escalation Heap Overflow Buffer Overflow +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was found in the GNU C Library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Glibc Enterprise Linux
NVD
EPSS 2% CVSS 5.9
MEDIUM This Month

A flaw has been identified in glibc. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +22
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A flaw was found in glibc. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Glibc +26
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

A flaw has been identified in glibc. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Denial Of Service Memory Corruption +16
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

A vulnerability was found in GNU C Library 2.38. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Glibc
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Glibc
NVD
EPSS 2% CVSS 5.3
MEDIUM POC This Month

An issue was discovered in the GNU C Library (glibc) 2.36. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc H300s Firmware +5
NVD
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Glibc Communications Cloud Native Core Binding Support Function +5
NVD
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Glibc +7
NVD
EPSS 3% CVSS 9.1
CRITICAL Act Now

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Denial Of Service Glibc +6
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Denial Of Service Memory Corruption +13
NVD
EPSS 0% CVSS 2.5
LOW PATCH Monitor

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting. Rated low severity (CVSS 2.5).

Denial Of Service Glibc Fedora +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Glibc E Series Santricity Os Controller +9
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Canonical +4
NVD
EPSS 2% CVSS 4.8
MEDIUM POC This Month

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program,. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Glibc Fedora +1
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption RCE +8
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Rated high severity (CVSS 7.0).

Buffer Overflow RCE Denial Of Service +4
NVD
EPSS 5% CVSS 8.1
HIGH This Week

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Glibc Fedora +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Canonical +11
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Authentication Bypass Glibc Ubuntu Linux +2
NVD
EPSS 2% CVSS 5.3
MEDIUM POC This Month

GNU Libc current is affected by: Mitigation bypass. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Glibc
NVD
EPSS 3% CVSS 5.3
MEDIUM POC This Month

GNU Libc current is affected by: Mitigation bypass. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
EPSS 3% CVSS 5.4
MEDIUM POC This Month

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

GNU Libc current is affected by: Mitigation bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Glibc
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
EPSS 5% CVSS 9.8
CRITICAL POC PATCH Act Now

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Glibc +5
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Glibc
NVD
EPSS 6% CVSS 7.5
HIGH POC This Week

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Glibc Fedora
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Glibc +9
NVD Exploit-DB
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Buffer Overflow +9
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Glibc
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow Glibc +14
NVD
EPSS 13% CVSS 7.8
HIGH POC THREAT Act Now

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow +9
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH PATCH This Week

elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Glibc Enterprise Linux Desktop +2
NVD
EPSS 0% CVSS 8.1
HIGH POC This Week

The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Glibc
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Glibc
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Glibc
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Glibc
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Glibc
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Ubuntu Linux +1
NVD
EPSS 9% CVSS 7.8
HIGH POC PATCH This Week

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow RCE Enterprise Linux +19
NVD Exploit-DB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Glibc
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Denial Of Service Deserialization Glibc
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Glibc
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Integer Overflow RCE Denial Of Service +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Glibc
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Glibc
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Glibc +2
NVD
EPSS 2% CVSS 5.9
MEDIUM PATCH This Month

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Memory Corruption Buffer Overflow +4
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Opensuse +1
NVD
EPSS 11% CVSS 7.5
HIGH Act Now

Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.9% and no vendor patch available.

Denial Of Service Buffer Overflow Opensuse +3
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Glibc +3
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +10
NVD
EPSS 5% CVSS 9.8
CRITICAL Act Now

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +10
NVD
EPSS 4% CVSS 9.1
CRITICAL Act Now

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Linux Enterprise Debuginfo Opensuse +8
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +9
NVD
EPSS 94% 5.9 CVSS 8.1
HIGH POC PATCH THREAT Act Now

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 94.0%.

Denial Of Service RCE Buffer Overflow +30
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM POC This Month

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Glibc
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Enterprise Linux Desktop +5
NVD
EPSS 7% CVSS 6.8
MEDIUM This Month

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service RCE Buffer Overflow +6
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Glibc
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +1
NVD
EPSS 5% CVSS 7.5
HIGH This Week

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Ubuntu Linux +1
NVD
EPSS 3% CVSS 5.0
MEDIUM POC This Month

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Suse Linux Enterprise Desktop Suse Linux Enterprise Server +2
NVD
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy