| CVE-2019-9169 |
AVG-855 |
High |
No |
Arbitrary code execution |
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted... |
| CVE-2018-1000001 |
AVG-590 |
High |
No |
Privilege escalation |
A buffer underflow vulnerability has been discovered in the realpath() function in glibc 2.26 when getcwd() returns a relative or unreachable path (i.e. not... |
| CVE-2018-19591 |
AVG-831 |
Medium |
Yes |
Denial of service |
A file descriptor leak has been found in glibc <= 2.28, in the if_nametoindex() function, when processing getaddrinfo() calls with crafted interface names. |
| CVE-2017-1000366 |
AVG-307 |
High |
No |
Privilege escalation |
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions... |
| CVE-2017-15671 |
AVG-460 |
Medium |
Yes |
Denial of service |
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when... |
| CVE-2017-15670 |
AVG-460 |
High |
Yes |
Arbitrary code execution |
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by- one error leading to a heap-based buffer overflow in the glob function in glob.c,... |
| CVE-2017-12133 |
AVG-368 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system. |
| CVE-2017-12132 |
AVG-368 |
Medium |
Yes |
Content spoofing |
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from... |