CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2019-20838 – pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1
https://notcve.org/view.php?id=CVE-2019-20838
libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454. libpcre en PCRE versiones anteriores a 8.43, permite una lectura excesiva del búfer del asunto en JIT cuando UTF es deshabilitado, y \X o \R contiene más de un cuantificador corregido, un problema relacionado con CVE-2019-20454 • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://bugs.gentoo.org/717920 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://www.pcre.org/original/changelog.txt https://access.redhat.com/security/cve/CVE-2019-20838 https://bugzilla.redhat.com/show_bug.cgi?id=1848444 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 27EXPL: 0CVE-2020-14155 – pcre: Integer overflow when parsing callout numeric arguments
https://notcve.org/view.php?id=CVE-2020-14155
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. libpcre en PCRE versiones anteriores a 8.44, permite un desbordamiento de enteros por medio de un número grande después de una subcadena (?C • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release https://bugs.gentoo.org/717920 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://security.netapp.com/advisory/ntap-20221028-0010 https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://www.oracle.com/security-alerts/cp • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2020-13630 – sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c
https://notcve.org/view.php?id=CVE-2020-13630
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. El archivo ext/fts3/fts3.c en SQLite versiones anteriores a la versión 3.32.0, tiene un uso de la memoria previamente liberada en la función fts3EvalNextRow, relacionado con la funcionalidad snippet. A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the application or potentially execute arbitrary code. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXY • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-13631 – sqlite: Virtual table can be renamed into the name of one of its shadow tables
https://notcve.org/view.php?id=CVE-2020-13631
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. SQLite versiones anteriores a la versión 3.32.0, permite que una tabla virtual sea renombrada con el nombre de una de sus tablas shadow, relacionada con los archivos alter.c y build.c. A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce%40lists&# • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2019-0757 – dotnet: NuGet Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. Existe una vulnerabilidad de manipulación en NuGet Package Manager para Linux y Mac que podría permitir que un atacante autenticado modifique la estructura de carpetas de un paquete de NuGet, también conocida como 'NuGet Package Manager Tampering Vulnerability'. A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. • https://access.redhat.com/errata/RHSA-2019:1259 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757 https://access.redhat.com/security/cve/CVE-2019-0757 https://bugzilla.redhat.com/show_bug.cgi?id=1685475 • CWE-732: Incorrect Permission Assignment for Critical Resource •