CVSS: 7.8EPSS: 92%CPEs: 39EXPL: 95CVE-2021-3156 – Sudo Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-3156
26 Jan 2021 — Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de "sudoedit -s" y un argumento de línea de comandos que termina con un solo caráct... • https://packetstorm.news/files/id/176932 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-12723 – perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS
https://notcve.org/view.php?id=CVE-2020-12723
05 Jun 2020 — regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. En el archivo regcomp.c en Perl versiones anteriores a 5.30.3, permite un desbordamiento del búfer por medio de una expresión regular diseñada debido a llamadas recursivas de la función S_study_chunk ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-185: Incorrect Regular Expression •
CVSS: 8.6EPSS: 0%CPEs: 25EXPL: 0CVE-2020-10878 – perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS
https://notcve.org/view.php?id=CVE-2020-10878
05 Jun 2020 — Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. Perl versiones anteriores a 5.30.3, presenta un desbordamiento de enteros relacionado con un manejo inapropiado de una situación "PL_regkind[OP(n)] == NOTHING". Una expresión regular diseñada podría conllevar a un bytecode malformado con la posibilidad de inyección de instrucciones ManhND di... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html • CWE-185: Incorrect Regular Expression CWE-190: Integer Overflow or Wraparound •
CVSS: 8.2EPSS: 3%CPEs: 23EXPL: 0CVE-2020-10543 – perl: heap-based buffer overflow in regular expression compiler leads to DoS
https://notcve.org/view.php?id=CVE-2020-10543
05 Jun 2020 — Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl versiones anteriores a 5.30.3 en plataformas de 32 bits permite un desbordamiento del búfer en la región heap de la memoria porque los cuantificadores de expresiones regulares anidadas presentan un desbordamiento de enteros ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are eva... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 11%CPEs: 361EXPL: 0CVE-2020-10188 – telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
https://notcve.org/view.php?id=CVE-2020-10188
06 Mar 2020 — utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. El archivo utility.c en telnetd en netkit telnet versiones hasta 0.17, permite a atacantes remotos ejecutar código arbitrario por medio de escrituras cortas o datos urgentes, debido a un desbordamiento del búfer que involucra a las funciones netclear y nextitem. A vulnerability was found where incorre... • https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.9EPSS: 5%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •