Page 103 of 1100 results (0.018 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2022-0676 – Heap-based Buffer Overflow in radareorg/radare2

https://notcve.org/view.php?id=CVE-2022-0676

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. Un Desbordamiento de Búfer en la región heap de la memoria en el repositorio de GitHub radareorg/radare2 versiones anteriores a 5.6.4 • https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6 https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.4EPSS: 0%CPEs: 6EXPL: 1

CVE-2022-0714 – Heap-based Buffer Overflow in vim/vim

https://notcve.org/view.php?id=CVE-2022-0714

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. Un desbordamiento de búfer basado en la región heap en el repositorio de GitHub vim/vim en versiones anteriores a la 8.2.4436. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 1

CVE-2021-4115 – polkit: file descriptor leak allows an unprivileged user to cause a crash

https://notcve.org/view.php?id=CVE-2021-4115

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned Se presenta un fallo en polkit que puede permitir a un usuario no privilegiado causar un bloqueo de polkit, debido al agotamiento del descriptor de archivos del proceso. La mayor amenaza de esta vulnerabilidad es la disponibilidad. NOTA: La duración de la interrupción del proceso de polkit está ligada al proceso que falla y a la creación de uno nuevo There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. • http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html https://access.redhat.com/security/cve/cve-2021-4115 https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat • CWE-400: Uncontrolled Resource Consumption CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-44141 – samba: Information leak via symlinks of existance of files or directories outside of the exported share

https://notcve.org/view.php?id=CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Todas las versiones de Samba anteriores a 4.15.5, son vulnerables a que un cliente malicioso use un enlace simbólico del servidor para determinar si un archivo o directorio se presenta en un área del sistema de archivos del servidor no exportada bajo la definición de recurso compartido. SMB1 con extensiones unix debe estar habilitado para que este ataque tenga éxito A vulnerability was found in Samba due to an insecure link following. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker can discover if a named or directory exists on the filesystem outside the exported share. • https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2021-44141.html https://access.redhat.com/security/cve/CVE-2021-44141 https://bugzilla.redhat.com/show_bug.cgi?id=2046120 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-45083

https://notcve.org/view.php?id=CVE-2021-45083

An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local installation. In the case of an easy-to-guess password, it's trivial to obtain the plaintext string. • https://bugzilla.suse.com/show_bug.cgi?id=1193671 https://github.com/cobbler/cobbler/releases https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE https://www.openwall.com/lists/oss-security/2022/02/18/3 • CWE-276: Incorrect Default Permissions •