threat
engine
.sh
Back
·
··:··
Home
/
Product
/
gnu glibc
Product
gnu glibc
164 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-6238
>= 2.2
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDA
6.5
MEDIUM
CVE-2026-5435
>= 2.2
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the call
7.3
HIGH
CVE-2026-5928
<= 2.43
Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single
7.5
HIGH
CVE-2026-5450
>= 2.7 and <= 2.43
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with
9.8
CRITICAL
CVE-2026-4046
<= 2.43
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs f
7.5
HIGH
CVE-2026-4438
>= 2.34 and <= 2.43
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C lib
5.4
MEDIUM
CVE-2026-4437
>= 2.34 and <= 2.43
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Lib
7.5
HIGH
CVE-2026-3904
>= 2.35 and < 2.37
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.
6.2
MEDIUM
CVE-2025-15281
>= 2.0 and < 2.43
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the int
7.5
HIGH
CVE-2026-0915
>= 2.0 and <= 2.42
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and q
7.5
HIGH
CVE-2026-0861
>= 2.30 and <= 2.42
Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library v
8.4
HIGH
CVE-2025-5745
>= 2.40 and < 2.40-136
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector regist
5.6
MEDIUM
CVE-2025-5702
>= 2.39 and < 2.39-209
The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registe
5.6
MEDIUM
CVE-2025-4802
>= 2.27 and <= 2.38
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled
7.8
HIGH
CVE-2024-33602
>= 2.15 and < 2.40
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrup
7.4
HIGH
CVE-2024-33601
>= 2.15 and < 2.40
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses
7.3
HIGH
CVE-2024-33600
>= 2.15 and < 2.40
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgr
5.9
MEDIUM
CVE-2024-33599
>= 2.15 and < 2.40
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by cl
8.1
HIGH
CVE-2024-2961
>= 2.1.93 and < 2.40
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes whe
7.3
HIGH
CVE-2023-6780
>= 2.37 and < 2.39
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and v
5.3
MEDIUM
CVE-2023-6779
>= 2.37 and < 2.39
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is calle
8.2
HIGH
CVE-2023-6246
>= 2.36 and < 2.39
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the sys
8.4
HIGH
CVE-2023-4911
>= 2.34 and < 2.39
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment varia
7.8
HIGH
CVE-2023-5156
>= 2.34 and < 2.39
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result
7.5
HIGH
CVE-2023-4806
all versions
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been free
5.9
MEDIUM
CVE-2023-4527
>= 2.36 and < 2.36.113
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured
6.5
MEDIUM
CVE-2023-4813
< 2.36
A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resultin
5.9
MEDIUM
CVE-2015-20109
< 2.22
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent att
5.5
MEDIUM
CVE-2023-0687
< 2.38
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monst
4.6
MEDIUM
CVE-2023-25139
all versions
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer siz
9.8
CRITICAL
CVE-2022-39046
all versions
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1
7.5
HIGH
CVE-2021-3999
< 2.31
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of
7.8
HIGH
CVE-2021-3998
>= 2.33 and < 2.35
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information l
7.5
HIGH
CVE-2022-23219
< 2.31
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its ho
9.8
CRITICAL
CVE-2022-23218
< 2.31
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its
9.8
CRITICAL
CVE-2021-43396
all versions
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' cha
7.5
HIGH
CVE-2021-38604
<= 2.34
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data
7.5
HIGH
CVE-2021-35942
< 2.31
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wor
9.1
CRITICAL
CVE-2021-33574
all versions
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification t
9.8
CRITICAL
CVE-2020-27618
<= 2.32
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences
5.5
MEDIUM
CVE-2021-27645
>= 2.29 and <= 2.33
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for ne
2.5
LOW
CVE-2021-3326
<= 2.32.0
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-
7.5
HIGH
CVE-2019-25013
<= 2.32
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in th
5.9
MEDIUM
CVE-2020-29573
< 2.23
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if
7.5
HIGH
CVE-2020-29562
>= 2.30 and <= 2.32
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible ch
4.8
MEDIUM
CVE-1999-0199
< 2.2
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon d
9.8
CRITICAL
CVE-2020-1752
< 2.32.0
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out.
7.0
HIGH
CVE-2020-1751
< 2.31
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the
5.1
MEDIUM
CVE-2020-6096
<= 2.31
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy(
8.1
HIGH
CVE-2020-10029
< 2.32.0
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-b
5.5
MEDIUM
CVE-2019-19126
< 2.31
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment var
3.3
LOW
CVE-2019-1010025
all versions
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread
5.3
MEDIUM
CVE-2019-1010024
all versions
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap.
5.3
MEDIUM
CVE-2019-1010023
all versions
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker
5.4
MEDIUM
CVE-2019-1010022
all versions
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: n
9.8
CRITICAL
CVE-2006-7254
< 2.5
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled b
5.5
MEDIUM
CVE-2005-3590
< 2.3.5
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the pass
9.8
CRITICAL
CVE-2019-9192
<= 2.29
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion,
7.5
HIGH
CVE-2019-9169
<= 2.29
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via
9.8
CRITICAL
CVE-2018-20796
<= 2.29
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion,
7.5
HIGH
CVE-2009-5155
< 2.28
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attac
7.5
HIGH
CVE-2019-7309
<= 2.29
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (
5.5
MEDIUM
CVE-2016-10739
<= 2.28
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained
5.3
MEDIUM
CVE-2019-6488
<= 2.28
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly att
7.8
HIGH
CVE-2018-19591
<= 2.28
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the al
7.5
HIGH
CVE-2018-11237
<= 2.27
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write d
7.8
HIGH
CVE-2018-11236
<= 2.27
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to
9.8
CRITICAL
CVE-2017-18269
>= 2.21 and <= 2.27
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka
9.8
CRITICAL
CVE-2018-6551
>= 2.24 and <= 2.26
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.2
9.8
CRITICAL
CVE-2018-6485
<= 2.26
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.
9.8
CRITICAL
CVE-2017-1000409
all versions
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment varia
7.0
HIGH
CVE-2017-1000408
all versions
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variabl
7.8
HIGH
CVE-2018-1000001
<= 2.26
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destinat
7.8
HIGH
CVE-2017-16997
all versions
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a pr
7.8
HIGH
CVE-2017-17426
all versions
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is
8.1
HIGH
CVE-2017-15804
<= 2.26
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of
9.8
CRITICAL
CVE-2017-15671
<= 2.26
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freein
5.9
MEDIUM
CVE-2017-15670
<= 2.26
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glo
9.8
CRITICAL
CVE-2011-5320
<= 2.14.1
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large s
6.2
MEDIUM
CVE-2017-12133
<= 2.25
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.
5.9
MEDIUM
CVE-2017-12132
<= 2.25
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit la
5.9
MEDIUM
CVE-2015-5180
<= 2.24
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and pro
7.5
HIGH
CVE-2017-1000366
<= 2.25
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to
7.8
HIGH
CVE-2014-9984
<= 2.19
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when
9.8
CRITICAL
CVE-2017-8804
all versions
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization
7.5
HIGH
CVE-2015-8985
< 2.28
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of serv
5.9
MEDIUM
CVE-2015-8984
<= 2.21
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a deni
5.9
MEDIUM
CVE-2015-8983
<= 2.21
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows
8.1
HIGH
CVE-2015-8982
<= 2.20
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers
8.1
HIGH
CVE-2016-10228
<= 2.25
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destinati
5.9
MEDIUM
CVE-2016-5417
<= 2.23
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6)
7.5
HIGH
CVE-2016-6323
<= 2.24
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the un
7.5
HIGH
CVE-2016-4429
< 2.24
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows rem
5.9
MEDIUM
CVE-2016-3706
< 2.23
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) a
7.5
HIGH
CVE-2016-3075
<= 2.23
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 al
7.5
HIGH
CVE-2016-1234
< 2.24
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, all
7.5
HIGH
CVE-2015-8779
<= 2.22
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent
9.8
CRITICAL
CVE-2015-8778
<= 2.22
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of ser
9.8
CRITICAL
CVE-2015-8776
<= 2.22
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial o
9.1
CRITICAL
CVE-2014-9761
<= 2.22
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to c
9.8
CRITICAL
CVE-2015-7547
all versions
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (
8.1
HIGH
CVE-2015-8777
<= 2.22
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a po
5.5
MEDIUM
CVE-2015-5277
<= 2.19
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2
CVE-2015-1781
<= 2.21
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 a
CVE-2013-7424
<= 2.14.1
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent att
CVE-2015-1473
<= 2.20
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-typ
CVE-2015-1472
<= 2.20
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-typ
CVE-2014-8121
<= 2.21
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does no
CVE-2014-9402
<= 2.20
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Swit
CVE-2013-7423
< 2.20
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descripto
CVE-2015-0235
>= 2.0 and < 2.18
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows con
CVE-2014-6040
<= 2.19
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and cras
CVE-2012-6656
<= 2.16
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-o
CVE-2014-7817
all versions
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attack
CVE-2011-2702
<= 2.12.2
Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3)
CVE-2014-4043
<= 2.19
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX sp
CVE-2014-5119
< 2.20
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent atta
CVE-2014-0475
<= 2.19
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers t
CVE-2012-3406
all versions
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "pro
CVE-2012-3405
all versions
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly ca
CVE-2012-3404
all versions
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly ca
CVE-2013-4458
<= 2.18
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18
CVE-2013-4332
<= 2.18
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent a
CVE-2013-4237
<= 2.18
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a
CVE-2013-2207
<= 2.17
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local u
CVE-2012-4424
<= 2.17
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-depend
CVE-2012-4412
<= 2.17
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attacke
CVE-2013-4788
<= 2.17
The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does n
CVE-2012-0864
all versions
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent att
CVE-2011-4609
<= 2.14
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU cons
CVE-2009-5029
<= 2.14
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of servic
CVE-2013-1914
<= 2.17
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17
CVE-2013-0242
all versions
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and ear
CVE-2012-3480
all versions
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in
CVE-2011-1095
<= 2.12.2
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might al
CVE-2011-1089
<= 2.13
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attem
CVE-2011-1659
<= 2.13
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers
CVE-2011-1658
<= 2.13
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed e
CVE-2011-1071
<= 2.12.1
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbi
CVE-2011-0536
all versions
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or
CVE-2009-5064
<= 2.1.3
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable
CVE-2010-4756
all versions
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (
CVE-2010-4052
all versions
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x
CVE-2010-4051
all versions
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dep
CVE-2010-3856
<= 2.11.2
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_
CVE-2010-3847
<= 2.11.2
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly hand
CVE-2010-3192
< 2.26
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, w
CVE-2010-0830
all versions
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or li
CVE-2010-0296
<= 2.11.1
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mou
CVE-2009-4881
<= 2.9
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc
CVE-2009-4880
<= 2.10.1
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow contex
CVE-2010-0015
all versions
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the p
CVE-2007-3508
<= 2.5
Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrar
CVE-2004-0968
all versions
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
CVE-2004-1453
all versions
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEB
CVE-2004-1382
all versions
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary f
CVE-2003-0859
all versions
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed m
CVE-2003-0028
all versions
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries
CVE-2002-1265
all versions
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connec
CVE-2002-1146
<= 2.2.5
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use t
CVE-2002-0684
<= 2.2.5
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to
CVE-2000-0959
all versions
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid pr
CVE-2000-0824
all versions
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a prog
CVE-2000-0335
all versions
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin