cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-4911,https://securityvulnerability.io/vulnerability/CVE-2023-4911,Buffer Overflow in GNU C Library's Dynamic Loader ld.so Could Allow Local Attacker to Execute Code with Elevated Privileges,"The first article discusses two different critical vulnerabilities in the GNU C Library (glibc) that allow unprivileged attackers to gain root access on multiple major Linux distributions. The vulnerabilities are tracked as CVE-2023-4911 and CVE-2023-6246 and both can lead to local privilege escalation. CVE-2023-4911 was already exploited by ransomware groups to steal cloud service provider (CSP) credentials in Kinsing malware attacks. The second vulnerability, CVE-2023-6246, was found in glibc's __vsyslog_internal() function and allows any unprivileged user to escalate privileges to full root access on default installations of various Linux distributions. The impact of these vulnerabilities is significant due to the widespread use of the affected library, and organizations are urged to ensure their systems are secure against these vulnerabilities.",Gnu,",Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Virtualization 4 For Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7",7.8,HIGH,0.24763000011444092,true,2023-11-21T00:00:00.000Z,true,true,true,2023-10-03T21:36:45.000Z,true,false,false,,2023-10-03T18:15:00.000Z,0
CVE-2014-3564,https://securityvulnerability.io/vulnerability/CVE-2014-3564,,"Multiple heap-based buffer overflows in the status_handler function in (1) engine-gpgsm.c and (2) engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to ""different line lengths in a specific order.""",Gnu,"Gpgme,Debian Linux,Ubuntu Linux",,,0.03570999950170517,false,,false,false,false,,,false,false,,2014-10-20T17:00:00.000Z,0
CVE-2011-0536,https://securityvulnerability.io/vulnerability/CVE-2011-0536,,"Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.",Gnu,"Glibc,Enterprise Linux",,,0.0004400000034365803,false,,false,false,false,,,false,false,,2011-04-08T15:00:00.000Z,0
CVE-2004-1337,https://securityvulnerability.io/vulnerability/CVE-2004-1337,,"The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.",Gnu,"Realtime Linux Security Module,Linux",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2004-12-23T05:00:00.000Z,0
CVE-2000-0701,https://securityvulnerability.io/vulnerability/CVE-2000-0701,,"The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.",Gnu,"Mailman,Linux",,,0.000590000010561198,false,,false,false,false,,,false,false,,2000-10-20T04:00:00.000Z,0