CVSS: 7.8EPSS: 85%CPEs: 9EXPL: 8CVE-2022-3602 – X.509 Email Address 4-byte Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-3602
01 Nov 2022 — A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash... • https://github.com/colmmacc/CVE-2022-3602 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.2EPSS: 0%CPEs: 11EXPL: 2CVE-2020-14394 – Ubuntu Security Notice USN-6567-2
https://notcve.org/view.php?id=CVE-2020-14394
17 Aug 2022 — An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Se ha encontrado un fallo de bucle infinito en la emulación del controlador USB xHCI de QEMU mientras es calculada la longitud del anillo de petición de transferencia (TRB). Este fallo permite a un usuario invitado privilegiado colgar el proceso de QEMU... • https://bugzilla.redhat.com/show_bug.cgi?id=1908004 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42778 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42778
18 Apr 2022 — A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Se ha encontrado un problema de doble liberación de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_pkcs15_free_tokeninfo Multiple vulnerabilities have been discovered in OpenSC, the worst of which could result in the execution of arbitrary code. Versions less than 0.22.0 are affected. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185 • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42779 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42779
12 Apr 2022 — A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. Se encontró un problema de uso de memoria previamente liberada de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_file_valid An update that solves four vulnerabilities and has one errata is now available. This update for opensc fixes the following issues. Stack buffer overflow issues in various places. Fixed multiple heap buffer overflows in pkcs15-oberthur.c. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42780 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42780
12 Apr 2022 — A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. Se ha encontrado un problema de tipo use after return En Opensc versiones anteriores a 0.22.0, en la función insert_pin que podría bloquear los programas que usan la biblioteca It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause a d... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383 • CWE-252: Unchecked Return Value •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42781 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42781
12 Apr 2022 — Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. Se han encontrado problemas de desbordamiento del búfer de la pila en Opensc versiones anteriores a 0.22.0 en el archivo pkcs15-oberthur.c que podrían bloquear los programas usando la biblioteca An update that solves four vulnerabilities and has one errata is now available. This update for opensc fixes the following issues. Stack buffer overflow issues in vario... • https://bugzilla.redhat.com/show_bug.cgi?id=2016439 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42782 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42782
12 Apr 2022 — Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library. Se han encontrado problemas de desbordamiento del buffer de pila en Opensc versiones anteriores a 0.22.0, en varios lugares que podrían bloquear los programas usando la biblioteca It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause ... • https://bugzilla.redhat.com/show_bug.cgi?id=2016448 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3618 – Ubuntu Security Notice USN-6379-1
https://notcve.org/view.php?id=CVE-2021-3618
23 Mar 2022 — ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at ... • https://alpaca-attack.com • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-44025 – Debian Security Advisory 5013-1
https://notcve.org/view.php?id=CVE-2021-44025
19 Nov 2021 — Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message. Roundcube versiones anteriores a 1.3.17 y versiones 1.4.x anteriores a 1.4.12, es propenso a un ataque de tipo XSS en el manejo de la extensión del nombre del archivo adjunto cuando se muestra un mensaje de advertencia de tipo MIME It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize reques... • https://bugs.debian.org/1000156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 68%CPEs: 7EXPL: 2CVE-2021-44026 – Roundcube Webmail SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-44026
19 Nov 2021 — Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. Roundcube versiones anteriores a 1.3.17 y versiones 1.4.x anteriores a 1.4.12, es propenso a una potencial inyección SQL por medio de los parámetros search o search_params It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize requests and mail messages. This would allow an attacker to perform Cross-Side Scripting (XSS) or SQL injec... • https://github.com/pentesttoolscom/roundcube-cve-2021-44026 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •