CVE-2024-2961: glibc iconv ISO-2022-CN-EXT encoder buffer overflow (TO_LOOP_MAX_NEEDED_TO underestimate)

CVE-2021-3999: glibc getcwd off-by-one buffer underflow/overflow (size==1)

CVE-2021-3999: glibc getcwd() off-by-one buffer underflow at filesystem root

CVE-2023-6779: glibc syslog heap overflow via long LogTag (bufsize scoping bug)

CVE-2023-6246: glibc __vsyslog_internal heap-overflow via undersized malloc in syslog fallback path

CVE-2023-6246: glibc syslog heap buffer overflow in __vsyslog_internal

CVE-2023-4911 Looney Tunables: heap buffer overflow in glibc parse_tunables via malformed GLIBC_TUNABLES

CVE-2023-4911 Looney Tunables Stack Buffer Overflow in glibc __tunables_init

CVE-2019-9924: bash rbash restricted-bypass via BASH_CMDS / assign_hashcmd

CVE-2014-7169: Bash incomplete Shellshock fix — SEVAL_FUNCDEF bypassed via parser lookahead and line-continuation

CVE-2014-7169 — Bash Shellshock secondary injection via function-name parser interpolation

CVE-2019-18276: Bash restricted-bypass via enable builtin loading shared objects during startup

CVE-2014-6271: Shellshock - Function definition injection via environment variables

CVE-2014-6271 Shellshock: Bash executes trailing commands after function definition imported from env vars

CVE-2023-1579: Heap overflow in binutils BFD COFF relocation handling

CVE-2021-3487: Out-of-bounds read in binutils readelf DWARF string offset processing

CVE-2017-8421: binutils objdump unbounded memory allocation via crafted ELF e_phnum / sh_size

CVE-2017-8421: Unbounded Memory Allocation in ELF Relocation Section Parsing

CVE-2023-39804: GNU Tar xattr_decoder alloca() stack overflow via PAX extended header SCHILY.xattr value

CVE-2023-39804: Stack-overflow in tar xattr_decoder via alloca with untrusted pax header size