Skip to main content

Libqb

2 CVEs product

Monthly

CVE-2023-39976 CRITICAL PATCH Act Now

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libqb
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2019-12779 HIGH POC This Week

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libqb
NVD GitHub
CVSS 3.0
7.1
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libqb
NVD GitHub
EPSS 1% CVSS 7.1
HIGH POC This Week

libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libqb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy