CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-6801
https://notcve.org/view.php?id=CVE-2020-6801
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. Los desarrolladores de Mozilla han reportado bugs de seguridad de la memoria presentes en Firefox versión 72. Algunos de estos bugs mostraron evidencias de corrupción de memoria y presumimos que con esfuerzo suficiente algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1601024%2C1601712%2C1604836%2C1606492 https://usn.ubuntu.com/4278-2 https://www.mozilla.org/security/advisories/mfsa2020-05 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 1CVE-2020-7062 – Null Pointer Dereference in PHP Session Upload Progress
https://notcve.org/view.php?id=CVE-2020-7062
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. En PHP versiones 7.2.x por debajo de 7.2.28, versiones 7.3.x por debajo de 7.3.15 y versiones 7.4.x por debajo de 7.4.3, cuando es usada la funcionalidad de carga de archivos, si el seguimiento de progreso de carga está habilitado, pero session.upload_progress.cleanup está ajustado en 0 (deshabilitado), y la carga del archivo presenta un fallo, el procedimiento de carga intentaría limpiar los datos que no existan y encontraría una desreferencia del puntero null, lo que probablemente conllevaría a un bloqueo. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html https://bugs.php.net/bug.php?id=79221 https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html https://security.gentoo.org/glsa/202003-57 https://usn.ubuntu.com/4330-1 https://www.debian.org/security/2020/dsa-4717 https://www.debian.org/security/2020/dsa-4719 https://www.tenable.com/security/tns-2021-14 https://access.redhat.com/security/cve/CVE-2020-7062 https://bugzilla.redhat • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2020-9274
https://notcve.org/view.php?id=CVE-2020-9274
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c. Se detectó un problema en Pure-FTPd versión 1.0.49. • https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefa https://lists.debian.org/debian-lts-announce/2020/02/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22P44PECZWNDP7CMBL7NRBMNFS73C5Z2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5DBVHJCXWRSJPNJQCJQCKZF6ZDPZCKA https://security.gentoo.org&#x • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2020-9383 – kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c
https://notcve.org/view.php?id=CVE-2020-9383
An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. Se detectó un problema en el kernel de Linux versión 3.16 hasta la versión 5.5.6. La función set_fdc en el archivo drivers/block/floppy.c, conlleva a una lectura fuera de límites de wait_til_ready porque el índice FDC no es comprobado para errores antes de asignarlos, también se conoce como CID-2e90ca68b0d2 An out-of-bounds (OOB) memory access flaw was found in the floppy driver module in the Linux kernel. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2f9ac30a54dc0181ddac3705cdcf4775d863c530 https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap& • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 93%CPEs: 7EXPL: 6CVE-2020-8794 – OpenSMTPD - OOB Read Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-8794
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce handling. OpenSMTPD versiones anteriores a 6.6.4, permite una ejecución de código remota debido a una lectura fuera de límites en la función mta_io en el archivo mta_session.c para respuestas multilínea. Aunque esta vulnerabilidad afecta al lado del cliente de OpenSMTPD, es posible atacar a un servidor porque el código del servidor inicia el código del cliente durante el manejo de saltos. • https://www.exploit-db.com/exploits/48185 https://www.exploit-db.com/exploits/48140 http://packetstormsecurity.com/files/156633/OpenSMTPD-Out-Of-Bounds-Read-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2020/Feb/32 http://www.openwall.com/lists/oss-security/2020/02/26/1 http://www.openwall.com/lists/oss-security/2020/03/01/1 http://www.openwall.com/lists/oss-security/2020/03/01/2 http://www.openwall.com/lists/oss-security/2021/05/04/7 https: • CWE-125: Out-of-bounds Read •