CVSS: 6.6EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11521 – freerdp: Out-of-bounds write in planar.c
https://notcve.org/view.php?id=CVE-2020-11521
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. El archivo libfreerdp/codec/planar.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Escritura Fuera de límites. A flaw was found in freerdp in versions between 1.0 and 2.0.0. An out-of-bounds memory write was found in the planar.c function which could allow an attacker to control data sent from the RDP server to the client. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5cwc-6wc9-255w https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11521/pocAnalysis_6.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11521 https://bugzilla.redhat.com/show_bu • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 2%CPEs: 13EXPL: 1CVE-2020-11523 – freerdp: Integer overflow in region.c
https://notcve.org/view.php?id=CVE-2020-11523
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. El archivo libfreerdp/gdi/region.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta un Desbordamiento de Enteros. A flaw was found in FreeRDP in versions between 1.0 and 2.0.0. An integer overflow was found in the region.c function which could allow an attacker the ability to control the RDP server as well as the data sent to the client. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html https://github.com/FreeRDP/FreeRDP/commits/master https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42 https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html https://pub.freerdp.com/cve/CVE-2020-11523/pocAnalysis_2.pdf https://usn.ubuntu.com/4379-1 https://usn.ubuntu.com/4382-1 https://access.redhat.com/security/cve/CVE-2020-11523 https://bugzilla.redhat.com/show_bu • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0CVE-2020-0093 – libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c
https://notcve.org/view.php?id=CVE-2020-0093
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132 En la función exif_data_save_data_entry del archivo exif-data.c, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de información local sin ser necesarios privilegios de ejecución adicionales. Es requerida una interacción del usuario para su explotación. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html https://security.gentoo.org/glsa/202007-05 https://source.android.com/security/bulletin/2020-05-01 https://usn.ubuntu.com/4396-1 https://access.redhat.com/security/cve/CVE-2020-0093 https://bugzilla.redhat.com/show_bug.cgi?id=1852487 • CWE-125: Out-of-bounds Read •
CVSS: 6.3EPSS: 0%CPEs: 117EXPL: 0CVE-2020-1945 – ant: insecure temporary file vulnerability
https://notcve.org/view.php?id=CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. Apache Ant versiones 1.1 hasta 1.9.14 y versiones 1.10.0 hasta 1.10.7, utiliza el directorio temporal por defecto identificado por la propiedad del sistema Java java.io.tmpdir para varias tareas y puede, por tanto, filtrar información confidencial. Las tareas fixcrlf y replaceregexp también copian los archivos desde el directorio temporal de nuevo en el árbol de compilación, lo que permite a un atacante inyectar archivos fuente modificados en el proceso de compilación. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00053.html http://www.openwall.com/lists/oss-security/2020/09/30/6 http://www.openwall.com/lists/oss-security/2020/12/06/1 https://lists.apache.org/thread.html/r0d08a96ba9de8aa435f32944e8b2867c368a518d4ff57782e3637335%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r1863b9ce4c3e4b1e5b0c671ad05545ba3eb8399616aa746af5dfe1b1%40%3Cdev.crea • CWE-377: Insecure Temporary File CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8020 – Persistent XSS in markdown parser used by obs-server
https://notcve.org/view.php?id=CVE-2020-8020
A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb. Una vulnerabilidad de Neutralización Inapropiada de Entrada Durante la Generación de una Página Web en open-build-service, permite a atacantes remotos almacenar código JS arbitrario para causar un ataque de tipo XSS. Este problema afecta: openSUSE open-build-service versiones anteriores a 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb. • https://bugzilla.suse.com/show_bug.cgi?id=1171439 https://lists.debian.org/debian-lts-announce/2021/02/msg00006.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •