cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-33602,https://securityvulnerability.io/vulnerability/CVE-2024-33602,nscd netgroup cache corruption vulnerability,"nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. ",The Gnu C Library,Glibc,,,0.00044999999227002263,false,false,false,false,,false,false,2024-05-06T19:22:12.383Z,0 CVE-2024-33601,https://securityvulnerability.io/vulnerability/CVE-2024-33601,nscd: netgroup cache may terminate daemon on memory allocation failure,"nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. ",The Gnu C Library,Glibc,,,0.00044999999227002263,false,false,false,false,,false,false,2024-05-06T19:22:07.763Z,0 CVE-2024-33600,https://securityvulnerability.io/vulnerability/CVE-2024-33600,Null pointer crashes after notfound response,"nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. ",The Gnu C Library,Glibc,,,0.00044999999227002263,false,false,false,false,,false,false,2024-05-06T19:22:02.726Z,0 CVE-2024-33599,https://securityvulnerability.io/vulnerability/CVE-2024-33599,Stack-based buffer overflow in netgroup cache,"nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. ",The Gnu C Library,Glibc,,,0.00044999999227002263,false,false,false,false,,false,false,2024-05-06T19:21:54.314Z,0 CVE-2024-2961,https://securityvulnerability.io/vulnerability/CVE-2024-2961,Buffer Overflow Vulnerability in GNU C Library's iconv() Function,"The iconv() function in the GNU C Library (glibc) has a vulnerability that can cause a buffer overflow when converting strings to the ISO-2022-CN-EXT character set. This flaw occurs due to the function's failure to adequately check the size of the output buffer, allowing it to overflow by up to 4 bytes. Exploitation of this vulnerability could lead to unintended behavior in applications, such as crashing or overwriting adjacent memory locations. Applications utilizing glibc versions 2.39 and older are particularly at risk, highlighting the importance of updating to secure versions to mitigate potential attacks.",The Gnu C Library,Glibc,,,0.0007099999929778278,false,true,true,true,true,true,false,2024-04-17T17:27:40.541Z,5081 CVE-2015-20109,https://securityvulnerability.io/vulnerability/CVE-2015-20109,,"end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.",Gnu,Glibc,5.5,MEDIUM,0.0005499999970197678,false,false,false,false,,false,false,2023-06-25T00:00:00.000Z,0 CVE-2023-25139,https://securityvulnerability.io/vulnerability/CVE-2023-25139,Buffer Overflow in GNU C Library 2.37,"A vulnerability exists in the GNU C Library (glibc) version 2.37, where the 'sprintf' function may cause a buffer overflow under certain conditions. This issue arises when attempting to write a number's string representation with thousands separators into a precisely sized buffer. If the buffer is allocated the exact length needed for the padded string, it risks overflowing by two bytes, potentially leading to unexpected behavior or exploitation. This could be particularly damaging if untrusted input is processed.",Gnu,Glibc,9.8,CRITICAL,0.0021200000774115324,false,false,false,false,,false,false,2023-02-03T00:00:00.000Z,0 CVE-2022-39046,https://securityvulnerability.io/vulnerability/CVE-2022-39046,,"An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.",Gnu,Glibc,7.5,HIGH,0.0026199999265372753,false,false,false,false,,false,false,2022-08-31T00:00:00.000Z,0 CVE-2021-3999,https://securityvulnerability.io/vulnerability/CVE-2021-3999,,A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.,Gnu,Glibc,7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2022-08-24T00:00:00.000Z,0 CVE-2021-3998,https://securityvulnerability.io/vulnerability/CVE-2021-3998,,"A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.",Gnu,Glibc,7.5,HIGH,0.0018400000408291817,false,false,false,false,,false,false,2022-08-24T00:00:00.000Z,0 CVE-2022-23218,https://securityvulnerability.io/vulnerability/CVE-2022-23218,,"The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",Gnu,Glibc,9.8,CRITICAL,0.00786999985575676,false,false,false,false,,false,false,2022-01-14T00:00:00.000Z,0 CVE-2022-23219,https://securityvulnerability.io/vulnerability/CVE-2022-23219,,"The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.",Gnu,Glibc,9.8,CRITICAL,0.00786999985575676,false,false,false,false,,false,false,2022-01-14T00:00:00.000Z,0 CVE-2021-43396,https://securityvulnerability.io/vulnerability/CVE-2021-43396,,"In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states ""the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.",Gnu,Glibc,7.5,HIGH,0.007400000002235174,false,false,false,false,,false,false,2021-11-04T19:52:49.000Z,0 CVE-2021-38604,https://securityvulnerability.io/vulnerability/CVE-2021-38604,,"In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.",Gnu,Glibc,7.5,HIGH,0.00880999956279993,false,false,false,false,,false,false,2021-08-12T15:43:34.000Z,0 CVE-2021-35942,https://securityvulnerability.io/vulnerability/CVE-2021-35942,,"The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.",Gnu,Glibc,9.1,CRITICAL,0.010859999805688858,false,false,false,false,,false,false,2021-07-22T00:00:00.000Z,0 CVE-2021-33574,https://securityvulnerability.io/vulnerability/CVE-2021-33574,,"The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.",Gnu,Glibc,9.8,CRITICAL,0.006579999811947346,false,false,false,false,,false,false,2021-05-25T00:00:00.000Z,0 CVE-2020-27618,https://securityvulnerability.io/vulnerability/CVE-2020-27618,,"The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.",Gnu,Glibc,5.5,MEDIUM,0.00107999995816499,false,false,false,false,,false,false,2021-02-26T00:00:00.000Z,0 CVE-2021-27645,https://securityvulnerability.io/vulnerability/CVE-2021-27645,,"The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.",Gnu,Glibc,2.5,LOW,0.00046999999904073775,false,false,false,false,,false,false,2021-02-24T00:00:00.000Z,0 CVE-2021-3326,https://securityvulnerability.io/vulnerability/CVE-2021-3326,,"The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",Gnu,Glibc,7.5,HIGH,0.020430000498890877,false,false,false,false,,false,false,2021-01-27T00:00:00.000Z,0 CVE-2019-25013,https://securityvulnerability.io/vulnerability/CVE-2019-25013,,"The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",Gnu,Glibc,5.9,MEDIUM,0.007120000198483467,false,false,false,false,,false,false,2021-01-04T00:00:00.000Z,0 CVE-2020-29573,https://securityvulnerability.io/vulnerability/CVE-2020-29573,,"sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of ""Fixed for glibc 2.33"" in the 26649 reference.",Gnu,Glibc,7.5,HIGH,0.0022100000642240047,false,false,false,false,,false,false,2020-12-06T00:15:00.000Z,0 CVE-2020-29562,https://securityvulnerability.io/vulnerability/CVE-2020-29562,,"The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",Gnu,Glibc,4.8,MEDIUM,0.0019099999917671084,false,false,false,false,,false,false,2020-12-04T06:48:23.000Z,0 CVE-1999-0199,https://securityvulnerability.io/vulnerability/CVE-1999-0199,,"manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.",Gnu,Glibc,9.8,CRITICAL,0.012380000203847885,false,false,false,false,,false,false,2020-10-06T12:49:43.000Z,0 CVE-2020-1752,https://securityvulnerability.io/vulnerability/CVE-2020-1752,,"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.",Gnu Libc,Glibc,7,HIGH,0.001129999989643693,false,false,false,false,,false,false,2020-04-30T00:00:00.000Z,0 CVE-2020-6096,https://securityvulnerability.io/vulnerability/CVE-2020-6096,,"An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.",Gnu,Gnu Glibc,8.1,HIGH,0.0430000014603138,false,false,false,false,,false,false,2020-04-01T00:00:00.000Z,0