cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-4911,https://securityvulnerability.io/vulnerability/CVE-2023-4911,Buffer Overflow in GNU C Library's Dynamic Loader ld.so Could Allow Local Attacker to Execute Code with Elevated Privileges,"The first article discusses two different critical vulnerabilities in the GNU C Library (glibc) that allow unprivileged attackers to gain root access on multiple major Linux distributions. The vulnerabilities are tracked as CVE-2023-4911 and CVE-2023-6246 and both can lead to local privilege escalation. CVE-2023-4911 was already exploited by ransomware groups to steal cloud service provider (CSP) credentials in Kinsing malware attacks. The second vulnerability, CVE-2023-6246, was found in glibc's __vsyslog_internal() function and allows any unprivileged user to escalate privileges to full root access on default installations of various Linux distributions. The impact of these vulnerabilities is significant due to the widespread use of the affected library, and organizations are urged to ensure their systems are secure against these vulnerabilities.",Gnu,",Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",7.8,HIGH,0.24763000011444092,true,2023-11-21T00:00:00.000Z,true,true,true,2023-10-03T21:36:45.000Z,true,false,false,,2023-10-03T18:15:00.000Z,0
CVE-2011-0536,https://securityvulnerability.io/vulnerability/CVE-2011-0536,,"Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.",Gnu,"Glibc,Enterprise Linux",,,0.0004400000034365803,false,,false,false,false,,,false,false,,2011-04-08T15:00:00.000Z,0