CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4769 – Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
https://notcve.org/view.php?id=CVE-2024-4769
14 May 2024 — When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Al importar recursos utilizando Web Workers, los mensajes de error distinguirían la diferencia entre respuestas `aplicación/javascript` y respuestas sin script. Se podría haber abusado de esto para ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1886108 • CWE-351: Insufficient Type Distinction CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4768 – Mozilla: Potential permissions request bypass via clickjacking
https://notcve.org/view.php?id=CVE-2024-4768
14 May 2024 — A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Un error en la interacción de las notificaciones emergentes con WebAuthn facilitó que un atacante engañara a un usuario para que concediera permisos. Esta vulnerabilidad afecta a Firefox < 126, Firefox ESR < 115.11 y Thunderbird < 115.11. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1886082 • CWE-281: Improper Preservation of Permissions CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4767 – Mozilla: IndexedDB files retained in private browsing mode
https://notcve.org/view.php?id=CVE-2024-4767
14 May 2024 — If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Si la preferencia `browser.privatebrowsing.autostart` está habilitada, los archivos IndexedDB no se eliminaron correctamente cuando se cerró la ventana. Esta preferencia está deshabilitada de forma predeterminada en Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1878577 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-26306 – iperf3: vulnerable to marvin attack if the authentication option is used
https://notcve.org/view.php?id=CVE-2024-26306
13 May 2024 — iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. iPerf3 anterior a 3.17, cuando se usa con OpenSSL anterior a 3.2.0 como servidor con autenticación RSA, permite un canal late... • https://downloads.es.net/pub/iperf/esnet-secadv-2024-0001.txt.asc • CWE-203: Observable Discrepancy •
CVSS: 8.3EPSS: 0%CPEs: 43EXPL: 0CVE-2024-3727 – Containers/image: digest type does not guarantee valid type
https://notcve.org/view.php?id=CVE-2024-3727
09 May 2024 — A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Se encontró una falla en la librería github.com/containers/image. Esta falla permite a los atacantes activar accesos inesperados al registro autenticado en nombre de un usuario víctima, lo que provoca agotamiento de recursos, path traversal local y otros ataques. • https://access.redhat.com/errata/RHSA-2024:0045 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 4.9EPSS: 0%CPEs: 25EXPL: 0CVE-2024-4317 – PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
https://notcve.org/view.php?id=CVE-2024-4317
09 May 2024 — Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS commands of other users. The most common values may reveal column values the eavesdropper could not otherwise read or results of functions they cannot execute. Installing an unaffected version only fixes fresh PostgreSQL installations, namely those that are created with the initdb utility after installing that versi... • https://www.postgresql.org/support/security/CVE-2024-4317 • CWE-862: Missing Authorization •
CVSS: 6.2EPSS: 0%CPEs: 16EXPL: 0CVE-2024-4418 – Libvirt: stack use-after-free in virnetclientioeventloop()
https://notcve.org/view.php?id=CVE-2024-4418
08 May 2024 — A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this i... • https://access.redhat.com/errata/RHSA-2024:4351 • CWE-416: Use After Free •
CVSS: 5.2EPSS: 0%CPEs: 19EXPL: 0CVE-2024-34397 – glib2: Signal subscription vulnerabilities
https://notcve.org/view.php?id=CVE-2024-34397
07 May 2024 — An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact. Se descubrió un problema en GNO... • https://gitlab.gnome.org/GNOME/glib/-/issues/3268 • CWE-290: Authentication Bypass by Spoofing CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-27280 – ruby: Buffer overread vulnerability in StringIO
https://notcve.org/view.php?id=CVE-2024-27280
06 May 2024 — A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2. Se descubrió un problema de sobrelectura del búfer en StringIO 3.0.1, distri... • https://hackerone.com/reports/1399856 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-126: Buffer Over-read •
CVSS: 4.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-27281 – ruby: RCE vulnerability with .rdoc_options in RDoc
https://notcve.org/view.php?id=CVE-2024-27281
06 May 2024 — An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. (When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache.) The main fixed version is 6.6.3.1. For Ruby 3.0 users, a fixed... • https://hackerone.com/reports/1187477 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •