CVSS: 9.8EPSS: 3%CPEs: 28EXPL: 4CVE-2013-4788 – glibc and eglibc 2.5/2.7/2.13 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-4788
16 Jul 2013 — The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address. La implementación PTR_MANGLE en la GNU C Library (librería también conocida como glibc o libc6) 2.4, 2.17 y... • https://packetstorm.news/files/id/122413 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 17%CPEs: 36EXPL: 1CVE-2013-1914 – glibc: Stack (frame) overflow in getaddrinfo() when processing entry mapping to long list of address structures
https://notcve.org/view.php?id=CVE-2013-1914
29 Apr 2013 — Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results. Desbordamiento de búfer basado en pila en la función getaddrinfo en sysdeps/posix/getaddrinfo.c en GNU C Library (tambien conocido como glibc o libc6) v2.17 y anteriores permite a atacantes remotos provocar una de... • https://packetstorm.news/files/id/164014 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3192
https://notcve.org/view.php?id=CVE-2010-3192
12 Oct 2010 — Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations... • http://seclists.org/fulldisclosure/2010/Apr/399 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •