Filtered by vendor Musl-libc
                         Subscriptions
                    
                    
                
                    Total
                    6 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2025-26519 | 1 Musl-libc | 1 Musl | 2025-07-13 | 8.1 High | 
| musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8. | ||||
| CVE-2017-15650 | 1 Musl-libc | 1 Musl | 2025-04-20 | N/A | 
| musl libc before 1.1.17 has a buffer overflow via crafted DNS replies because dns_parse_callback in network/lookup_name.c does not restrict the number of addresses, and thus an attacker can provide an unexpected number by sending A records in a reply to an AAAA query. | ||||
| CVE-2015-1817 | 1 Musl-libc | 1 Musl | 2025-04-20 | N/A | 
| Stack-based buffer overflow in the inet_pton function in network/inet_pton.c in musl libc 0.9.15 through 1.0.4, and 1.1.0 through 1.1.7 allows attackers to have unspecified impact via unknown vectors. | ||||
| CVE-2020-28928 | 4 Debian, Fedoraproject, Musl-libc and 1 more | 4 Debian Linux, Fedora, Musl and 1 more | 2024-11-21 | 5.5 Medium | 
| In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow). | ||||
| CVE-2019-14697 | 1 Musl-libc | 1 Musl | 2024-11-21 | 9.8 Critical | 
| musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code. | ||||
| CVE-2014-3484 | 1 Musl-libc | 1 Musl | 2024-11-21 | 9.8 Critical | 
| Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output. | ||||
                            
                                
                                
                                    Page 1 of 1.