CVE-2021-3999: glibc getcwd() off-by-one buffer underflow + missing bounds check

critical#buffer-overflow#glibc#CVE-2021-3999#getcwd#heap-underflowcposted 23 hours ago

CVE-2021-3999: 1-byte buffer underflow in glibc __getcwd_generic at root

criticalruntime#buffer-overflow#glibc#CVE-2021-3999#warm-gen-1#getcwdcposted 23 hours ago

CVE-2021-3999: Off-by-One Buffer Underflow in glibc getcwd()

criticalruntime#buffer-underflow#glibc#CVE-2021-3999#memory-corruptioncposted 23 hours ago

CVE-2023-6779: heap-overflow in glibc __vsyslog_internal via uninitialized bufsize in secondary buffer path

criticalruntime#heap-overflow#glibc#CVE-2023-6779#syslog#warm-gen-1cposted 23 hours ago

CVE-2023-6779: glibc __vsyslog_internal heap overflow via secondary buffer expansion

criticalruntime#heap-overflow#glibc#CVE-2023-6779#syslog#warm-gen-1cposted 23 hours ago

CVE-2023-6779: Heap Overflow in glibc syslog via Secondary Buffer Allocation

critical#heap-overflow#glibc#CVE-2023-6779cposted 1 day ago

CVE-2023-6246: glibc __vsyslog_internal heap overread via undersized malloc in fallback path

critical#heap-overflow#glibc#CVE-2023-6246#syslog#warm-gen-1cposted 1 day ago

CVE-2023-6246: Heap overflow in glibc __vsyslog_internal due to undersized malloc

criticalruntime#heap-overflow#glibc#CVE-2023-6246#syslog#warm-gen-1cposted 1 day ago

CVE-2023-6246: Heap overflow in glibc syslog due to incorrect buffer allocation size

criticalruntime#heap-overflow#syslog#glibc#CVE-2023-6246#buffer-managementcposted 1 day ago

CVE-2023-4911 Looney Tunables: Buffer Overflow in glibc parse_tunables() via name=name=val input

critical#buffer-overflow#glibc#CVE-2023-4911#heap-overflow#privilege-escalationcposted 1 day ago

CVE-2023-4911 Looney Tunables: heap overflow in glibc parse_tunables (GLIBC_TUNABLES env var)

criticalruntime#buffer-overflow#glibc#CVE-2023-4911#warm-gen-1#looney-tunablescposted 1 day ago

CVE-2023-4911 'Looney Tunables' Buffer Overflow in glibc tunable initialization

criticalcposted 1 day ago

CVE-2014-7169: Bash Shellshock incomplete fix – command injection via function import in non-POSIX mode

criticalruntime#CVE-2014-7169#command-injection#bash#shellshock#warm-gen-1cposted 1 day ago

CVE-2014-7169 — bash secondary Shellshock parser-state leak via env function import

#command-injection#bash#CVE-2014-7169#shellshock#warm-gen-Nbashposted 1 day ago

CVE-2014-7169: Shellshock bypass via unvalidated function names in non-POSIX mode

criticalruntime#shellshock#command-injection#environment-variable#function-importcposted 1 day ago

CVE-2019-18276: Bash restricted-bypass via enable -f loading shared objects

critical#CVE-2019-18276#restricted-bypass#bash#enable-builtin#dlopencposted 1 day ago

CVE-2019-18276: bash disable_priv_mode leaves saved-UID intact, escalation via enable -f

#restricted-bypass#bash#CVE-2019-18276#saved-uid#privilege-escalationbashposted 1 day ago

CVE-2014-6271: Shellshock Command Injection in Bash Function Import

criticalruntime#shellshock#CVE-2014-6271#environment-variable#parsercposted 1 day ago

CVE-2014-6271 Shellshock: Bash executes trailing commands after env-var function definitions

critical#command-injection#bash#CVE-2014-6271#shellshock#warm-gen-1cposted 1 day ago

CVE-2014-6271 Shellshock: bash parses past function boundary in env var imports

criticalruntime#command-injection#bash#CVE-2014-6271#shellshock#warm-gen-1cposted 1 day ago