CVSS: 9.3EPSS: 1%CPEs: 9EXPL: 0CVE-2019-8544 – webkitgtk: malicious crafted web content leads to arbitrary we content
https://notcve.org/view.php?id=CVE-2019-8544
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8544 https://bugzilla.redhat.com/show_bug.cgi?id=1719224 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2019-3874 – kernel: SCTP socket buffer memory leak leading to denial of service
https://notcve.org/view.php?id=CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable. El búfer del socket SCTP utilizado por una aplicación de espacio de usuario no es tenido en cuenta por el subsistema de cgroups. Un atacante podría explotar este error para lanzar un ataque de denegación de servicio. • https://access.redhat.com/errata/RHSA-2019:3309 https://access.redhat.com/errata/RHSA-2019:3517 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874 https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html https://security.netapp.com/advisory/ntap-20190411-0003 https://usn.ubuntu.com/3979-1 https://usn.ubuntu.com/3980-1 https://usn.ubuntu.com/3980-2 https://usn.ubuntu.com/3981-1 https://usn.ubuntu.com/3981-2 https://usn.ubuntu.com/398 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-16838 – sssd: improper implementation of GPOs due to too restrictive permissions
https://notcve.org/view.php?id=CVE-2018-16838
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. Se ha encontrado un error en la implementación de sssd Group Policy Objects. Cuando el GPO no puede ser leído por SSSD debido a ajustes de permisos demasiado estrictos del lado del servidor, SSSD permitirá que todos los usuarios autenticados inicien sesión, en lugar de denegar el acceso. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00051.html https://access.redhat.com/errata/RHSA-2019:2177 https://access.redhat.com/errata/RHSA-2019:2437 https://access.redhat.com/errata/RHSA-2019:3651 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838 https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html https://access.redhat.com/security/cve/CVE-2018-16838 https:/&# • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3877 – mod_auth_mellon: open redirect in logout url when using URLs with backslashes
https://notcve.org/view.php?id=CVE-2019-3877
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function. Se ha detectado una vulnerabilidad en mod_auth_mellon, en anteriores a la v0.14.2. Una redirección abierta en la URL de cierre de sesión permite que las peticiones con barras invertidas pasen asumiendo que es una URL relativa, mientras que los navegadores convierten silenciosamente los caracteres de barra invertida en barras, tratándolos como una URL absoluta. • https://access.redhat.com/errata/RHSA-2019:0766 https://access.redhat.com/errata/RHSA-2019:3421 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877 https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8 https://github.com/Uninett/mod_auth_mellon/issues/35 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.1EPSS: 2%CPEs: 12EXPL: 1CVE-2019-3878 – mod_auth_mellon: authentication bypass in ECP flow
https://notcve.org/view.php?id=CVE-2019-3878
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication. Se ha detectado una vulnerabilidad en mod_auth_mellon, en versiones anteriores a la v0.14.2. Si Apache está configurado como proxy inverso y mod_auth_mellon está configurado para que solo deje acceder a los usuarios autenticados (con la directiva "require valid-user"), la adición de cabeceras HTTP especiales que se suelen emplear para iniciar el SAML ECP especial (no basado en el navegador) puede emplearse para omitir la autenticación. A vulnerability was found in mod_auth_mellon. • https://access.redhat.com/errata/RHBA-2019:0959 https://access.redhat.com/errata/RHSA-2019:0746 https://access.redhat.com/errata/RHSA-2019:0766 https://access.redhat.com/errata/RHSA-2019:0985 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878 https://github.com/Uninett/mod_auth_mellon/pull/196 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ https://lists.fedoraproject.org/archives/list/package-announce%40lists. • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •