CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15804 – glibc: Buffer overflow during unescaping of user names with the ~ operator
https://notcve.org/view.php?id=CVE-2017-15804
03 Apr 2017 — The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. La función glob en glob.c en la biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un desbordamiento de búfer durante la eliminación del escape de nombres de usuario con el operador ~. It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd sy... • http://www.securityfocus.com/bid/101535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6551 – Gentoo Linux Security Advisory 201804-02
https://notcve.org/view.php?id=CVE-2018-6551
03 Apr 2017 — The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. La implementación malloc en GNU C Library (también conocida como glibc o libc6), desde la versión 2.24 hasta la 2.26 en powerpc y solo en la versión 2.26 en i386, no gestionaba correctam... • https://security.netapp.com/advisory/ntap-20190404-0003 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 20%CPEs: 12EXPL: 6CVE-2018-1000001 – glibc - 'realpath()' Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-1000001
03 Apr 2017 — In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. En glibc 2.26 y anteriores existe una confusión en el uso de getcwd() por realpath(), que puede emplearse para escribir antes del búfer de destino. Esto conduce a un subdesbordamiento de búfer y a una potencial ejecución de código. It was discovered that the GNU C library did not properly handle all of the pos... • https://packetstorm.news/files/id/148173 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 1CVE-2017-16997 – glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries
https://notcve.org/view.php?id=CVE-2017-16997
03 Apr 2017 — elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently ve... • https://github.com/Xiami2012/CVE-2017-16997-poc • CWE-426: Untrusted Search Path CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8985 – Gentoo Linux Security Advisory 201908-06
https://notcve.org/view.php?id=CVE-2015-8985
20 Mar 2017 — The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. La función pop_fail_stack en GNU C Library (también conocida como glibc o libc6) permite a atacantes dependientes de contexto provocar una denegación de servicio (fallo de aserción y caída de aplicación) a través de vectores relacionados con el procesamiento extendido de e... • http://www.openwall.com/lists/oss-security/2017/02/14/9 • CWE-19: Data Processing Errors •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10228 – glibc: iconv program can hang when invoked with the -c option
https://notcve.org/view.php?id=CVE-2016-10228
02 Mar 2017 — The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. El programa iconv de la Biblioteca C de GNU (tambíen conocido como glibc o libc6) versión 2.31 y anteriores, cuando es invocado con múltiples sufijos en la codificación de destino (TRANSLATE o IGNORE) junto con la ... • http://openwall.com/lists/oss-security/2017/03/01/10 • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3192
https://notcve.org/view.php?id=CVE-2010-3192
12 Oct 2010 — Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations... • http://seclists.org/fulldisclosure/2010/Apr/399 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •