Page 102 of 1394 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1

CVE-2013-6460

https://notcve.org/view.php?id=CVE-2013-6460

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents La gema Nokogiri versiones 1.5.x, tiene una Denegación de Servicio por medio de un bucle infinito cuando se analizan documentos XML. • http://www.openwall.com/lists/oss-security/2013/12/27/2 http://www.securityfocus.com/bid/64513 https://access.redhat.com/security/cve/cve-2013-6460 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460 https://exchange.xforce.ibmcloud.com/vulnerabilities/90058 https://security-tracker.debian.org/tracker/CVE-2013-6460 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •

CVSS: 2.4EPSS: 0%CPEs: 6EXPL: 1

CVE-2016-1000002

https://notcve.org/view.php?id=CVE-2016-1000002

gdm3 3.14.2 and possibly later has an information leak before screen lock gdm3 versión 3.14.2 y posiblemente después, tiene una filtrado de información antes del bloqueo de pantalla • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000002 https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000002.json https://security-tracker.debian.org/tracker/CVE-2016-1000002 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2013-4251

https://notcve.org/view.php?id=CVE-2013-4251

The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. El componente scipy.weave en SciPy versiones anteriores a 0.12.1, crea directorios temporales no seguros. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html http://www.securityfocus.com/bid/63008 https://access.redhat.com/security/cve/cve-2013-4251 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251 https://exchange.xforce.ibmcloud.com/vulnera • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

CVE-2005-4890

https://notcve.org/view.php?id=CVE-2005-4890

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. Se presenta un posible secuestro de tty en shadow versiones 4.x anteriores a 4.1.5 y sudo versiones 1.x anteriores a 1.7.4 por medio de "su - user -c program". La sesión de usuario puede ser escapada a la sesión principal mediante el uso de la ioctl TIOCSTI para insertar caracteres en el búfer de entrada para ser leídos por el siguiente proceso. • http://www.openwall.com/lists/oss-security/2012/11/06/8 http://www.openwall.com/lists/oss-security/2013/05/20/3 http://www.openwall.com/lists/oss-security/2013/11/28/10 http://www.openwall.com/lists/oss-security/2013/11/29/5 http://www.openwall.com/lists/oss-security/2014/10/20/9 http://www.openwall.com/lists/oss-security/2014/10/21/1 http://www.openwall.com/lists/oss-security/2014/12/15/5 http://www.openwall.com/lists/oss-security/201 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-3718

https://notcve.org/view.php?id=CVE-2013-3718

evince is missing a check on number of pages which can lead to a segmentation fault evince está careciendo de una comprobación en el número de páginas que puede conllevar a un fallo de segmentación • http://bugzilla.gnome.org/show_bug.cgi?id=701302 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-3718 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-3718 https://security-tracker.debian.org/tracker/CVE-2013-3718 • CWE-20: Improper Input Validation •