CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-15281 – wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
https://notcve.org/view.php?id=CVE-2025-15281
20 Jan 2026 — Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. Vitaly Simonovich discovered that the GNU C Library did not properly initialize the input when WRDE_REUSE is used. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service. Anastasia Belova discovered that the G... • https://sourceware.org/bugzilla/show_bug.cgi?id=33814 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-0915 – getnetbyaddr and getnetbyaddr_r leak stack contents to DNS resovler
https://notcve.org/view.php?id=CVE-2026-0915
15 Jan 2026 — Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. Vitaly Simonovich discovered that the GNU C Library did not properly initialize the input when WRDE_REUSE is used. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service. Anastasia Belova discov... • https://sourceware.org/bugzilla/show_bug.cgi?id=33802 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8058 – glibc: Double free in glibc
https://notcve.org/view.php?id=CVE-2025-8058
23 Jul 2025 — The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library. A double-free vulnerability has been discovered in glibc (GNU C Library). • https://sourceware.org/bugzilla/show_bug.cgi?id=33185 • CWE-415: Double Free •
CVSS: 9.0EPSS: 92%CPEs: 1EXPL: 16CVE-2024-2961 – CosmicSting: Magento Arbitrary File Read (CVE-2024-34102) + PHP Buffer Overflow in the iconv() function of glibc (CVE-2024-2961)
https://notcve.org/view.php?id=CVE-2024-2961
17 Apr 2024 — The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. La función iconv() en las versiones 2.39 y anteriores de la librería GNU C puede desbordar el búfer de salida que se le pasa hasta en 4 bytes al convertir cadenas al juego de caracteres ISO-2022-CN-EXT, lo que puede usarse para bloquear una ap... • https://packetstorm.news/files/id/182289 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 1CVE-2023-4527 – Glibc: stack read overflow in getaddrinfo in no-aaaa mode
https://notcve.org/view.php?id=CVE-2023-4527
18 Sep 2023 — A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash. Se encontró una falla en glibc. Cuando se llama a la función getaddrinfo con la familia de direcciones AF_UNSPEC y el sistema está configurado con el modo no-aaaa a través de /etc/resolv.co... • http://www.openwall.com/lists/oss-security/2023/09/25/1 • CWE-121: Stack-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2023-4813 – Glibc: potential use-after-free in gaih_inet()
https://notcve.org/view.php?id=CVE-2023-4813
12 Sep 2023 — A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. Se encontró una falla en glibc. En una situación poco común, la función gaih_inet puede utilizar memoria que se ha liberado, lo que provoca un bloqueo de la aplicación. • https://github.com/tnishiox/cve-2023-4813 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-20109 – Ubuntu Security Notice USN-6762-1
https://notcve.org/view.php?id=CVE-2015-20109
25 Jun 2023 — end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue. It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could ... • https://security.netapp.com/advisory/ntap-20230731-0009 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0687 – SUSE Security Advisory - SUSE-SU-2023:3825-1
https://notcve.org/view.php?id=CVE-2023-0687
06 Feb 2023 — A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. • https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 1CVE-2021-3999 – glibc: Off-by-one buffer overflow/underflow in getcwd()
https://notcve.org/view.php?id=CVE-2021-3999
04 Feb 2022 — A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. Se ha encontrado un fallo en glibc. Un desbordamiento y subdesbordamiento de búfer en la función getcwd() puede conllevar a una corrupción de memoria cuando... • https://access.redhat.com/security/cve/CVE-2021-3999 • CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-23218 – glibc: Stack-based buffer overflow in svcunix_create via long pathnames
https://notcve.org/view.php?id=CVE-2022-23218
14 Jan 2022 — The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. La función de compatibilidad obsoleta svcunix_create en el módulo sunrpc de la Biblioteca C de GNU (también conocida como glibc) hasta la versión ... • https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •