| Bug | Description |
|---|
| TEMP-0552518-ADA4BA | eglibc: ldd arbitrary code execution |
| CVE-2023-25139 | sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-o ... |
| CVE-2023-6780 | An integer overflow was found in the __vsyslog_internal function of th ... |
| CVE-2023-6779 | An off-by-one heap-based buffer overflow was found in the __vsyslog_in ... |
| CVE-2023-6246 | A heap-based buffer overflow was found in the __vsyslog_internal funct ... |
| CVE-2023-5156 | A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 ... |
| CVE-2023-4911 | A buffer overflow was discovered in the GNU C Library's dynamic loader ... |
| CVE-2023-4527 | A flaw was found in glibc. When the getaddrinfo function is called wit ... |
| CVE-2022-39046 | An issue was discovered in the GNU C Library (glibc) 2.36. When the sy ... |
| CVE-2022-23219 | The deprecated compatibility function clnt_create in the sunrpc module ... |
| CVE-2022-23218 | The deprecated compatibility function svcunix_create in the sunrpc mod ... |
| CVE-2021-43396 | In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, re ... |
| CVE-2021-38604 | In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/s ... |
| CVE-2021-35942 | The wordexp function in the GNU C Library (aka glibc) through 2.33 may ... |
| CVE-2021-33574 | The mq_notify function in the GNU C Library (aka glibc) versions 2.32 ... |
| CVE-2021-27645 | The nameserver caching daemon (nscd) in the GNU C Library (aka glibc o ... |
| CVE-2021-3999 | A flaw was found in glibc. An off-by-one buffer overflow and underflow ... |
| CVE-2021-3998 | A flaw was found in glibc. The realpath() function can mistakenly retu ... |
| CVE-2021-3326 | The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and ... |
| CVE-2020-29573 | sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) befo ... |
| CVE-2020-29562 | The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2 ... |
| CVE-2020-27618 | The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and ... |
| CVE-2020-10029 | The GNU C Library (aka glibc or libc6) before 2.32 could overflow an o ... |
| CVE-2020-6096 | An exploitable signed comparison vulnerability exists in the ARMv7 mem ... |
| CVE-2020-1752 | A use-after-free vulnerability introduced in glibc upstream version 2. ... |
| CVE-2019-25013 | The iconv feature in the GNU C Library (aka glibc or libc6) through 2. ... |
| CVE-2019-19126 | On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 ... |
| CVE-2019-9169 | In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_n ... |
| CVE-2019-7309 | In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp fun ... |
| CVE-2019-6488 | The string component in the GNU C Library (aka glibc or libc6) through ... |
| CVE-2018-1000001 | In glibc 2.26 and earlier there is confusion in the usage of getcwd() ... |
| CVE-2018-19591 | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to ... |
| CVE-2018-11237 | An AVX-512-optimized implementation of the mempcpy function in the GNU ... |
| CVE-2018-11236 | stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 a ... |
| CVE-2018-6551 | The malloc implementation in the GNU C Library (aka glibc or libc6), f ... |
| CVE-2018-6485 | An integer overflow in the implementation of the posix_memalign in mem ... |
| CVE-2017-1000409 | A buffer overflow in glibc 2.5 (released on September 29, 2006) and ca ... |
| CVE-2017-1000408 | A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached ... |
| CVE-2017-1000366 | glibc contains a vulnerability that allows specially crafted LD_LIBRAR ... |
| CVE-2017-18269 | An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686 ... |
| CVE-2017-17426 | The malloc function in the GNU C Library (aka glibc or libc6) 2.26 cou ... |
| CVE-2017-16997 | elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2 ... |
| CVE-2017-15804 | The glob function in glob.c in the GNU C Library (aka glibc or libc6) ... |
| CVE-2017-15671 | The glob function in glob.c in the GNU C Library (aka glibc or libc6) ... |
| CVE-2017-15670 | The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by- ... |
| CVE-2017-12133 | Use-after-free vulnerability in the clntudp_call function in sunrpc/cl ... |
| CVE-2017-12132 | The DNS stub resolver in the GNU C Library (aka glibc or libc6) before ... |
| CVE-2016-10739 | In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinf ... |
| CVE-2016-10228 | The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and e ... |
| CVE-2016-6323 | The makecontext function in the GNU C Library (aka glibc or libc6) bef ... |
| CVE-2016-5417 | Memory leak in the __res_vinit function in the IPv6 name server manage ... |
| CVE-2016-4429 | Stack-based buffer overflow in the clntudp_call function in sunrpc/cln ... |
| CVE-2016-3706 | Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ... |
| CVE-2016-3075 | Stack-based buffer overflow in the nss_dns implementation of the getne ... |
| CVE-2016-2856 | pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ... |
| CVE-2016-1234 | Stack-based buffer overflow in the glob implementation in GNU C Librar ... |
| CVE-2015-20109 | end_pattern (called from internal_fnmatch) in the GNU C Library (aka g ... |
| CVE-2015-8985 | The pop_fail_stack function in the GNU C Library (aka glibc or libc6) ... |
| CVE-2015-8984 | The fnmatch function in the GNU C Library (aka glibc or libc6) before ... |
| CVE-2015-8983 | Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c ... |
| CVE-2015-8982 | Integer overflow in the strxfrm function in the GNU C Library (aka gli ... |
| CVE-2015-8779 | Stack-based buffer overflow in the catopen function in the GNU C Libra ... |
| CVE-2015-8778 | Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 ... |
| CVE-2015-8777 | The process_envvars function in elf/rtld.c in the GNU C Library (aka g ... |
| CVE-2015-8776 | The strftime function in the GNU C Library (aka glibc or libc6) before ... |
| CVE-2015-7547 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_ ... |
| CVE-2015-5277 | The get_contents function in nss_files/files-XXX.c in the Name Service ... |
| CVE-2015-5229 | The calloc function in the glibc package in Red Hat Enterprise Linux ( ... |
| CVE-2015-5180 | res_query in libresolv in glibc before 2.25 allows remote attackers to ... |
| CVE-2015-1781 | Buffer overflow in the gethostbyname_r and other unspecified NSS funct ... |
| CVE-2015-1473 | The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka gli ... |
| CVE-2015-1472 | The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka gli ... |
| CVE-2015-0235 | Heap-based buffer overflow in the __nss_hostname_digits_dots function ... |
| CVE-2014-9984 | nscd in the GNU C Library (aka glibc or libc6) before version 2.20 doe ... |
| CVE-2014-9761 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc ... |
| CVE-2014-9402 | The nss_dns implementation of getnetbyname in GNU C Library (aka glibc ... |
| CVE-2014-8121 | DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in ... |
| CVE-2014-7817 | The wordexp function in GNU C Library (aka glibc) 2.21 does not enforc ... |
| CVE-2014-6040 | GNU C Library (aka glibc) before 2.20 allows context-dependent attacke ... |
| CVE-2014-5119 | Off-by-one error in the __gconv_translit_find function in gconv_trans. ... |
| CVE-2014-4043 | The posix_spawn_file_actions_addopen function in glibc before 2.20 doe ... |
| CVE-2014-0475 | Multiple directory traversal vulnerabilities in GNU C Library (aka gli ... |
| CVE-2013-7424 | The getaddrinfo function in glibc before 2.15, when compiled with libi ... |
| CVE-2013-7423 | The send_dg function in resolv/res_send.c in GNU C Library (aka glibc ... |
| CVE-2013-4788 | The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6 ... |
| CVE-2013-4458 | Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ... |
| CVE-2013-4332 | Multiple integer overflows in malloc/malloc.c in the GNU C Library (ak ... |
| CVE-2013-4237 | sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2. ... |
| CVE-2013-2207 | pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not pr ... |
| CVE-2013-1914 | Stack-based buffer overflow in the getaddrinfo function in sysdeps/pos ... |
| CVE-2013-0242 | Buffer overflow in the extend_buffers function in the regular expressi ... |
| CVE-2012-6656 | iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows con ... |
| CVE-2012-4424 | Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library ... |
| CVE-2012-4412 | Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc ... |
| CVE-2012-3480 | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, ... |
| CVE-2012-3406 | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka ... |
| CVE-2012-3405 | The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Libr ... |
| CVE-2012-3404 | The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Libr ... |
| CVE-2011-5320 | scanf and related functions in glibc before 2.15 allow local users to ... |
| CVE-2011-2702 | Integer signedness error in Glibc before 2.13 and eglibc before 2.13, ... |
| CVE-2011-1659 | Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or ... |
| CVE-2011-1095 | locale/programs/locale.c in locale in the GNU C Library (aka glibc or ... |
| CVE-2011-1089 | The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 ... |
| CVE-2011-1071 | The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIB ... |
| CVE-2011-0536 | Multiple untrusted search path vulnerabilities in elf/dl-object.c in c ... |
| CVE-2010-4052 | Stack consumption vulnerability in the regcomp implementation in the G ... |
| CVE-2010-4051 | The regcomp implementation in the GNU C Library (aka glibc or libc6) t ... |
| CVE-2010-3856 | ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.1 ... |
| CVE-2010-3847 | elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) throu ... |
| CVE-2010-0830 | Integer signedness error in the elf_get_dynamic_info function in elf/d ... |
| CVE-2010-0296 | The encode_name macro in misc/mntent_r.c in the GNU C Library (aka gli ... |
| CVE-2010-0015 | nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 an ... |
| CVE-2009-5155 | In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp i ... |
| CVE-2009-5064 | ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows ... |
| CVE-2009-5029 | Integer overflow in the __tzfile_read function in glibc before 2.15 al ... |
| CVE-2009-4881 | Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in ... |
| CVE-2009-4880 | Multiple integer overflows in the strfmon implementation in the GNU C ... |
| CVE-2009-0537 | Integer overflow in the fts_build function in fts.c in libc in (1) Ope ... |
| CVE-2008-1391 | Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, ... |
| CVE-2008-1367 | gcc 4.3.x does not generate a cld instruction while compiling function ... |
| CVE-2008-0122 | Off-by-one error in the inet_network function in libbind in ISC BIND 9 ... |
| CVE-2007-4840 | PHP 5.2.4 and earlier allows context-dependent attackers to cause a de ... |
| CVE-2007-3508 | Integer overflow in the process_envvars function in elf/rtld.c in glib ... |
| CVE-2006-7254 | The nscd daemon in the GNU C Library (glibc) before version 2.5 does n ... |
| CVE-2005-3590 | The getgrouplist function in the GNU C library (glibc) before version ... |
| CVE-2005-0403 | init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterp ... |
| CVE-2004-1453 | GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, an ... |
| CVE-2004-1382 | The glibcbug script in glibc 2.3.4 and earlier allows local users to o ... |
| CVE-2004-0968 | The catchsegv script in glibc 2.3.2 and earlier allows local users to ... |
| CVE-2003-0689 | The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows ... |
| CVE-2003-0028 | Integer overflow in the xdrmem_getbytes() function, and possibly other ... |
| CVE-2002-1146 | The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries ... |
| CVE-2002-0684 | Buffer overflow in DNS resolver functions that perform lookup of netwo ... |
| CVE-2002-0651 | Buffer overflow in the DNS resolver code used in libc, glibc, and libb ... |
| CVE-2002-0391 | Integer overflow in xdr_array function in RPC servers for operating sy ... |
| CVE-1999-0199 | manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a ... |