VDB
CVE-2023-6780
CVE-2023-6780
PUBLISHED
CVSS 8.699999809265137 HIGH
Die GNU libc ist die Basis C Bibliothek unter Linux sowie anderen Unix-Betriebssystemen, welche die Systemaufrufe sowie Basisfunktionalität bereitstellt.
EPSS 0.23% · 45.9th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.23%
45.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell integrated Dell Remote Access Controller <7.00.00.181 | |
| Open Source | Open Source GNU libc <2.36-9+deb12u4 | |
| Dell | Dell Avamar | |
| Gentoo | Gentoo Linux | |
| Dell | Dell PowerScale OneFS | |
| Dell | Dell integrated Dell Remote Access Controller <7.20.30.50 | |
| Siemens | Siemens SIMATIC S7 1500 CPU | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html (nist-nvd)
- http://seclists.org/fulldisclosure/2024/Feb/3 (nist-nvd)
- https://www.openwall.com/lists/oss-security/2024/01/30/6 (nist-nvd)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
- TestCaseRule-CVE-2025-38555.yara (github-yara)
…and 2 more exploits
Timeline
- Jan 21, 1970 Security Advisory
- Jan 30, 2024 CVE Published
- Feb 8, 2024 EPSS Score
- Mar 6, 2024 EPSS Score
- Apr 3, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jun 23, 2024 EPSS Score
- Jul 21, 2024 EPSS Score
- Aug 17, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Nov 7, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0246.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0246 advisory
- https://sourceware.org/pipermail/libc-announce/2024/000037.html advisory
- https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog advisory
- https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-07597a0fb3 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-aec80d6e8a advisory
- https://lists.debian.org/debian-security-announce/2024/msg00018.html advisory
- https://security.gentoo.org/glsa/202402-01 advisory
- https://ubuntu.com/security/notices/USN-6620-1 advisory
- https://www.dell.com/support/kbdoc/en-us/000299628/dsa-2025-146-security-update-for-dell-idrac9-vulnerabilities advisory
- https://cert-portal.siemens.com/productcert/html/ssa-082556.html advisory
- https://www.dell.com/support/kbdoc/de-de/000362542/dsa-2025-339-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities advisory
- https://www.dell.com/support/kbdoc/de-de/000363693/dsa-2025-166-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities advisory