CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-2961

High Severity
SVRS
60/100
CVSSv3
NA/10
EPSS
0.93526/1

CVE-2024-2961 is a critical buffer overflow vulnerability in the GNU C Library (glibc) versions 2.39 and older. This iconv() function flaw can cause applications to crash or allow attackers to overwrite variables, potentially leading to arbitrary code execution. The vulnerability occurs when converting strings to the ISO-2022-CN-EXT character set, overflowing the output buffer by up to 4 bytes. With an SVRS score of 60, while not immediately critical, CVE-2024-2961 poses a significant risk, especially with reports indicating active exploits in the wild. Given the available exploits and the potential for significant impact, organizations using affected glibc versions should prioritize patching this vulnerability. This could lead to application instability or provide attackers with an entry point to systems using the vulnerable library. Addressing CVE-2024-2961 is essential to maintain system integrity and prevent potential exploitation.

TAGS
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-04-17
LAST MODIFIED2025-02-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-2961 is a vulnerability in the iconv() function of the GNU C Library that can lead to a buffer overflow when converting strings to the ISO-2022-CN-EXT character set. This vulnerability has a CVSS score of 8.8 and an SVRS of 81, indicating a critical severity level.

Key Insights

  • Active Exploitation: This vulnerability is actively exploited in the wild, making it a high-priority threat.
  • Impact: Successful exploitation can lead to application crashes or memory corruption, potentially allowing attackers to execute arbitrary code or gain unauthorized access to sensitive data.
  • Affected Systems: Systems running GNU C Library versions 2.39 and older are vulnerable to this attack.
  • Threat Actors: Specific threat actors or APT groups exploiting this vulnerability have not been identified.

Mitigation Strategies

  • Update Software: Install the latest security updates from the vendor to patch the vulnerability.
  • Use Safe Coding Practices: Developers should use safe coding practices to avoid buffer overflows and other memory-related vulnerabilities.
  • Implement Input Validation: Validate user input to prevent malicious characters from triggering the vulnerability.
  • Monitor for Suspicious Activity: Monitor systems for suspicious activity, such as unexpected application crashes or memory errors, and investigate any anomalies promptly.

Additional Information

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, urging organizations to take immediate action.
  • Users with additional queries can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

TypeIndicatorDate
IP
45.10.160.452024-10-03
IP
165.231.182.982024-10-03
IP
193.93.193.742024-10-03
URL
http://accept.bar/common2024-10-03
URL
http://amocha.xyz/common2024-10-03
URL
http://cd.iconstaff.top/m2024-10-03
URL
http://cdn-webstats.com/ls2024-10-03

Exploits

TitleSoftware LinkDate
ambionics/cnext-exploitshttps://github.com/ambionics/cnext-exploits2024-05-27
kjdfklha/CVE-2024-2961_pochttps://github.com/kjdfklha/CVE-2024-2961_poc2024-06-04
kyotozx/CVE-2024-2961-Remote-File-Readhttps://github.com/kyotozx/CVE-2024-2961-Remote-File-Read2025-01-27
omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961https://github.com/omarelshopky/exploit_cve-2023-26326_using_cve-2024-29612025-02-02
suce0155/CVE-2024-2961_buddyforms_2.7.7https://github.com/suce0155/CVE-2024-2961_buddyforms_2.7.72025-02-04
regantemudo/PHP-file-read-to-RCE-CVE-2024-2961-https://github.com/regantemudo/PHP-file-read-to-RCE-CVE-2024-2961-2025-02-20
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

phpMyAdmin 5.2.2 is released
Isaac Bennetch2025-05-01
phpMyAdmin 5.2.2 is released | Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög https://github.com/MoonE) fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird <
phpmyadmin.net
rss
forum
news
Persistent backdoors injected on Adobe Commerce via new CosmicSting attack
2025-04-01
Persistent backdoors injected on Adobe Commerce via new CosmicSting attack | CosmicSting (CVE-2024-34102) allows arbitrary file reading on unpatched systems. When combined with CNEXT (CVE-2024-2961), threat actors can escalate to remote code execution, taking over the entir...CosmicSting (CVE-2024-34102) allows arbitrary file reading on unpatched systems. When combined with CNEXT (CVE-2024-2961), threat actors can escalate to remote code execution, taking over the entir...
sansec.io
rss
forum
news
CVE-2024-2961 | GNU C Library up to 2.39 iconv out-of-bounds write (DLA 3807-1 / Nessus ID 214840)
vuldb.com2025-01-31
CVE-2024-2961 | GNU C Library up to 2.39 iconv out-of-bounds write (DLA 3807-1 / Nessus ID 214840) | A vulnerability classified as critical was found in GNU C Library up to 2.39. This vulnerability affects the function iconv. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-2961. Attacking locally is a requirement. Furthermore, there is an
vuldb.com
rss
forum
news
Tageszusammenfassung - 04.10.2024
CERT.at2024-12-02
Tageszusammenfassung - 04.10.2024 | End-of-Day report Timeframe: Donnerstag 03-10-2024 18:00 - Freitag 04-10-2024 18:00 Handler: Michael Schlagenhaufer Co-Handler: n/a News Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a "month-long" barrage of more than 100 hyper-volumetric DDoS
cert.at
rss
forum
news
Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack - The Hacker News
2024-06-26
Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack - The Hacker News | News Content: Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites. "Protecting our users is our top priority. We detected a security issue recently that may affect websites using certain third-party libraries," the company said in a statement shared with The Hacker News. "To help potentially impacted advertisers secure their websites, we have been proactively sharing information
google.com
rss
forum
news
Metasploit Weekly Wrap-Up 10/25/2024
Brendan Watters2024-10-25
Metasploit Weekly Wrap-Up 10/25/2024 | Headlining the release is a new exploit module by jheysel-r7 that chains two vulnerabilities to target Magento/Adobe Commerce systems. Learn more!Hackers and Vampires Agree: Every Byte Counts Headlining the release today is a new exploit module by jheysel-r7 that chains two vulnerabilities to target Magento/Adobe Commerce systems: the first, <a href
rapid7.com
rss
forum
news
libc @ Savannah: The GNU C Library version 2.40 is now available
2024-11-01
libc @ Savannah: The GNU C Library version 2.40 is now available | The GNU C Library ================= The GNU C Library version 2.40 is now available. The GNU C Library is used as the C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel. The GNU C Library is primarily designed to be a
gnu.org
rss
forum
news

Social Media

@3l5h0pky and I have weaponized an unauthenticated insecure deserialization vulnerability in BuddyForms (CVE-2023-26326) and chained it with iconv (CVE-2024-2961) to achieve Remote Code Execution (RCE)! 🔗 Check the exploit here: https://t.co/Bb4UJ1dC1M
0
0
2
Our @metasploit wrap up details two vulns targeting Magento/Adobe Commerce systems: CVE-2024-34102 to determine the version and layout of the glibc library, and the second, CVE-2024-2961 is a single-byte buffer overflow. https://t.co/AtVLr7QNmU #infosec #CyberSecurity
0
1
2
Server with #opendir 213.109.147[.]108:4242 (now disabled) had an exploit for #CosmicSting (aka CVE-2024-34102), an Unauthorized XXE that combined with CVE-2024-2961 allows RCE in Magento and Adobe Commerce stores. On the server there was a TXT file with about 3900 https://t.co/ABOcTPbJYR iocs: 213.109.147.108
0
3
8
@Hostinger in regards to CVE-2024-2961 you have glibc 2.28 installed and php char sets that are recomended to be disabled by multiple sources (i recommend this quick write down https://t.co/BvtUguTW3H) are still active. Is there anything that I should worry about?
0
0
0
Security Alert: CVE-2024-2961 Check your Linux distribution for vulnerability to CVE-2024-2961: Remote Code Execution in the 'glibc' package. If affected, update to the latest glibc library immediately. Note: This library is widely used by many applications.
0
0
1
Our servers now immune from CVE-2024-2961
0
0
0
CosmicSting Targets 📱 Adobe Products, PrestaShop Technologies, Linux 🌍 null 🏭 E-Commerce Advice - Verify and upgrade the Linux system's glibc library if it's vulnerable to CVE-2024-2961 using the provided detection command. (2/3)
1
0
1
Iconv, set the charset to RCE (part 2): Remote code execution on Roundcube (CVE-2024-2961) https://t.co/lDsOQKGUw5
1
0
5
Iconv, set the charset to RCE (part 2): Remote code execution on Roundcube (CVE-2024-2961) https://t.co/I7O730lYNF
0
0
2
RT @ptracesecurity: Iconv, Set The Charset To Rce: Exploiting The Glibc To Hack The Php Engine (part 1) https://t.co/XoelahCoYJ #Pentesti… iocs: https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
0
6
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/1
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/6
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/1
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/3
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/5
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/6
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://security.netapp.com/advisory/ntap-20240531-0002/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/1
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/3
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/5
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/6
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/07/22/5
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://security.netapp.com/advisory/ntap-20240531-0002/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/17/9
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/18/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/04/24/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/1
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/2
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/3
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/4
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/5
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/05/27/6
3FF69D7A-14F2-4F67-A097-88DEE7810D18http://www.openwall.com/lists/oss-security/2024/07/22/5
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://security.netapp.com/advisory/ntap-20240531-0002/
3FF69D7A-14F2-4F67-A097-88DEE7810D18https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/04/17/9
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/04/18/4
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/04/24/2
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/1
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/2
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/3
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/4
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/5
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/05/27/6
AF854A3A-2127-422B-91AE-364DA2661108http://www.openwall.com/lists/oss-security/2024/07/22/5
AF854A3A-2127-422B-91AE-364DA2661108https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/[email protected]/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
AF854A3A-2127-422B-91AE-364DA2661108https://security.netapp.com/advisory/ntap-20240531-0002/
AF854A3A-2127-422B-91AE-364DA2661108https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
AF854A3A-2127-422B-91AE-364DA2661108https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
AF854A3A-2127-422B-91AE-364DA2661108https://www.ambionics.io/blog/iconv-cve-2024-2961-p2
AF854A3A-2127-422B-91AE-364DA2661108https://www.ambionics.io/blog/iconv-cve-2024-2961-p3

CWE Details

CWE IDCWE NameDescription
CWE-787Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence