GNU : Security Vulnerabilities, CVEs, Published In 2013 (Code Execution) CVSS score >= 2
Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.
Max CVSS
5.1
EPSS Score
3.89%
Published
2013-12-13
Updated
2014-02-21
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
Max CVSS
6.8
EPSS Score
0.28%
Published
2013-10-09
Updated
2023-02-13
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.
Max CVSS
4.4
EPSS Score
0.73%
Published
2013-01-03
Updated
2016-12-24
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.
Max CVSS
5.1
EPSS Score
1.56%
Published
2013-10-09
Updated
2017-07-01
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
4.62%
Published
2013-10-09
Updated
2019-06-13
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Max CVSS
6.8
EPSS Score
0.84%
Published
2013-05-02
Updated
2023-02-13
6 vulnerabilities found