CVE-2020-8027 – openldap uses fixed paths in /tmp
https://notcve.org/view.php?id=CVE-2020-8027
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1. Una vulnerabilidad de archivo temporal no seguro en openldap2 de SUSE Linux Enterprise Server versión 15-LTSS, SUSE Linux Enterprise Server para SAP versión 15; openSUSE Leap versión 15.1, openSUSE Leap versión 15.2, permite a atacantes locales sobrescribir archivos arbitrarios y obtener acceso a la configuración de openldap2. Este problema afecta a: openldap2 de SUSE Linux Enterprise Server versión 15-LTSS versiones anteriores a 2.4.46-9.37.1. openldap2 de SUSE Linux Enterprise Server para SAP versión 15 versiones anteriores a 2.4.46-9.37.1. • https://bugzilla.suse.com/show_bug.cgi?id=1175568 • CWE-377: Insecure Temporary File •
CVE-2020-28049
https://notcve.org/view.php?id=CVE-2020-28049
An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation. Se detectó un problema en SDDM versiones anteriores a 0.19.0. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00031.html https://bugzilla.suse.com/show_bug.cgi?id=CVE-2020-28049 https://github.com/sddm/sddm/blob/v0.19.0/ChangeLog https://github.com/sddm/sddm/releases https://lists.debian.org/debian-lts-announce/2020/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GT3EX5NSQJJAKY63ENSMEDX6NYZLYY3S https://security.gentoo.org/glsa/202402-02 https://www.debian.org/security/2020& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2020-16011 – Chrome ConvertToJavaBitmap Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2020-16011
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en UI de Google Chrome en Windows anterior a versión 86.0.4240.183, permitía a un atacante remoto que había comprometido el proceso del renderizador realizar potencialmente un escape del sandbox por medio de una página HTML diseñada Chrome on Android suffers from a ConvertToJavaBitmap heap buffer overflow vulnerability. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.html http://packetstormsecurity.com/files/159975/Chrome-ConvertToJavaBitmap-Heap-Buffer-Overflow.html https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html https://crbug.com/1144489 https://www.debian.org/security/2021/dsa-4824 • CWE-787: Out-of-bounds Write •
CVE-2020-16009 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-16009
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en V8 en Google Chrome anterior a versión 86.0.4240.183, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Turbofan fails to deoptimize code after map deprecation, leading to a type confusion vulnerability. Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.html http://packetstormsecurity.com/files/159974/Chrome-V8-Turbofan-Type-Confusion.html https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html https://crbug.com/1143772 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW https://lists.fedoraproject.org/archives/list/package-annou • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2020-16007
https://notcve.org/view.php?id=CVE-2020-16007
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. Una comprobación de datos insuficiente en installer en Google Chrome anterior a versión 86.0.4240.183, permitía a un atacante local elevar potencialmente los privilegios por medio de un sistema de archivos diseñado • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.html https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html https://crbug.com/1125018 https://www.debian.org/security/2021/dsa-4824 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •