Page 10 of 1100 results (0.019 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-44020 – VirtualBMC: removes password protection from the managed libvirt XML domain

https://notcve.org/view.php?id=CVE-2022-44020

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration." Se descubrió un problema en OpenStack Sushy-Tools hasta 0.21.0 y VirtualBMC hasta 2.2.2. Cambiar la configuración del dispositivo de arranque con estos paquetes elimina la protección con contraseña del dominio XML libvirt administrado. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GAD7QJIUWPCKJIGYP7PPHH5DILOEONFE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEQVJF3OQGSDCSQTQQSC54JEGLMSNB4Q https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMSUGS4B6EBRHBJMTRXL5RIKJTZTEMJC https://review.opendev.org/c/openstack/sushy-tools/+/862625 https://review.opendev.org/c/openstack/virtualbmc/+/862620 https://storyboard.openstack.org/#%21 • CWE-281: Improper Preservation of Permissions CWE-305: Authentication Bypass by Primary Weakness •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2022-42916 – curl: HSTS bypass via IDN

https://notcve.org/view.php?id=CVE-2022-42916

In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26. En curl anterior a 7.86.0, se podía omitir la verificación HSTS para engañarlo y que se quedara con HTTP. • http://seclists.org/fulldisclosure/2023/Jan/19 http://seclists.org/fulldisclosure/2023/Jan/20 http://www.openwall.com/lists/oss-security/2022/12/21/1 https://curl.se/docs/CVE-2022-42916.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorap • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 8.1EPSS: 0%CPEs: 18EXPL: 0

CVE-2022-42915 – curl: HTTP proxy double-free

https://notcve.org/view.php?id=CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0. curl antes de la versión 7.86.0 tiene un double free. • http://seclists.org/fulldisclosure/2023/Jan/19 http://seclists.org/fulldisclosure/2023/Jan/20 https://curl.se/docs/CVE-2022-42915.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37YEVVC6NAF6H7UHH6YAUY5QEVY6LIH2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVU3IMZCKR4VE6KJ4GCWRL2ILLC6OV76 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q27V5YYMXUVI6PRZQVECON32XPVWTKDK https://security.gentoo. • CWE-415: Double Free •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-3705 – vim autocmd quickfix.c qf_update_buffer use after free

https://notcve.org/view.php?id=CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. • http://seclists.org/fulldisclosure/2023/Jan/19 https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731 https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYEK5RNMH7MVQH6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 3

CVE-2022-43680 – expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate

https://notcve.org/view.php?id=CVE-2022-43680

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. En libexpat versiones hasta 2.4.9, se presenta un uso de memoria previamente liberada causado por la destrucción excesiva de un DTD compartido en XML_ExternalEntityParserCreate en situaciones fuera de memoria A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions. • http://www.openwall.com/lists/oss-security/2023/12/28/5 http://www.openwall.com/lists/oss-security/2024/01/03/5 https://github.com/libexpat/libexpat/issues/649 https://github.com/libexpat/libexpat/pull/616 https://github.com/libexpat/libexpat/pull/650 https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list&#x • CWE-416: Use After Free •