Skip to main content

Gnulib

2 CVEs product

Monthly

CVE-2018-17942 HIGH POC PATCH This Week

The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Gnulib
NVD GitHub
CVSS 3.0
8.8
EPSS
2.5%
CVE-2017-7476 CRITICAL POC PATCH Act Now

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnulib
NVD
CVSS 3.0
9.8
EPSS
0.9%
EPSS 3% CVSS 8.8
HIGH POC PATCH This Week

The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Gnulib
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Gnulib
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy