CVSS: 10.0EPSS: 3%CPEs: 16EXPL: 2CVE-2024-12084 – Rsync: heap buffer overflow in rsync due to improper checksum length handling
https://notcve.org/view.php?id=CVE-2024-12084
15 Jan 2025 — A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. • https://github.com/themirze/cve-2024-12084 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-12088 – Rsync: --safe-links option bypass leads to path traversal
https://notcve.org/view.php?id=CVE-2024-12088
14 Jan 2025 — A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. • https://access.redhat.com/security/cve/CVE-2024-12088 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •
CVSS: 6.1EPSS: 5%CPEs: 7EXPL: 1CVE-2019-11717 – Mozilla: Caret character improperly escaped in origins
https://notcve.org/view.php?id=CVE-2019-11717
11 Jul 2019 — A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Se presenta una vulnerabilidad en la que el carácter de intercalación ("^") se escapa inapropiadamente al construir algunos URI debido a que se utiliza como separador, lo que permite la posible suplantación de atributos de origen. Esta v... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-116: Improper Encoding or Escaping of Output CWE-138: Improper Neutralization of Special Elements •
CVSS: 8.3EPSS: 1%CPEs: 7EXPL: 2CVE-2019-9811 – Mozilla Firefox Language Pack XUL Injection Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-9811
10 Jul 2019 — As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Como parte de una entrada Pwn2Own ganadora, un investigador demostró un escape del sandbox mediante la instalación de un paquete de idioma malicioso y luego abriendo una funcionalidad del navegador que usaba la traducción comprometida... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 7.5EPSS: 79%CPEs: 13EXPL: 0CVE-2017-13704
https://notcve.org/view.php?id=CVE-2017-13704
02 Oct 2017 — In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. En las versiones anteriores a la 2.78 de dnsmasq, si el tamaño del paquete DNS no coincide con el tamaño esperado, el parámetro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiend... • http://thekelleys.org.uk/dnsmasq/CHANGELOG • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 92%CPEs: 12EXPL: 2CVE-2017-14492 – Dnsmasq < 2.78 - Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14492
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario mediante una petición manipulada de anuncio de router IPv6. A heap buffer overflow was discovered in dnsmasq in... • https://packetstorm.news/files/id/144479 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 15%CPEs: 12EXPL: 2CVE-2017-14494 – Dnsmasq < 2.78 - Information Leak
https://notcve.org/view.php?id=CVE-2017-14494
02 Oct 2017 — dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Las versiones anteriores a la 2.78 de dnsmasq, cuando se configuran como retransmisor, permiten que los atacantes remotos obtengan información sensible de la memoria mediante vectores relacionados con la gestión de peticiones DHCPv6 reenviadas. An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local netwo... • https://packetstorm.news/files/id/144471 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 60%CPEs: 12EXPL: 2CVE-2017-14495 – Dnsmasq < 2.78 - Lack of free() Denial of Service
https://notcve.org/view.php?id=CVE-2017-14495
02 Oct 2017 — Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Una fuga de memoria en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante vectores relacionados con la creació... • https://packetstorm.news/files/id/144468 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 15%CPEs: 21EXPL: 2CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
02 Oct 2017 — Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An intege... • https://packetstorm.news/files/id/144462 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5759
https://notcve.org/view.php?id=CVE-2016-5759
08 Sep 2017 — The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. El script mkdumprd llamado "dracut" en el directorio actual "." permite a los usuarios locales engañar al administrador para que ejecute código como root. • http://lists.opensuse.org/opensuse-updates/2016-10/msg00083.html • CWE-20: Improper Input Validation •