CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2020-8623 – A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
https://notcve.org/view.php?id=CVE-2020-8623
21 Aug 2020 — In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker En BIND versiones 9.10.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-8622 – A truncated TSIG response can lead to an assertion failure
https://notcve.org/view.php?id=CVE-2020-8622
21 Aug 2020 — In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the pack... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2020-8621 – Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
https://notcve.org/view.php?id=CVE-2020-8621
21 Aug 2020 — In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected. En BIND versiones 9.14.0 -) 9.16.5, 9.17.0 -) 9.17.3, si un servidor está configurado con minimización de QNAME y "forward first", entonces un atacante que pueda enviarle consultas puede ser capaz de desencadenar la condición que... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html • CWE-617: Reachable Assertion •
CVSS: 3.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-12829
https://notcve.org/view.php?id=CVE-2020-12829
20 Aug 2020 — In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service. En QEMU versiones hasta 5.0.0, se encontró un desbordamiento de enteros en la implementación del controlador de pantalla SM501. Este f... • https://bugzilla.redhat.com/show_bug.cgi?id=1808510 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14415
https://notcve.org/view.php?id=CVE-2020-14415
20 Aug 2020 — oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. La función oss_write en el archivo audio/ossaudio.c en QEMU versiones anteriores a 5.0.0, maneja inapropiadamente una posición de búfer • https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=7a4ede0047a8613b0e3b72c9d351038f013dd357 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-15861
https://notcve.org/view.php?id=CVE-2020-15861
19 Aug 2020 — Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. Net-SNMP versiones hasta 5.7.3, permite una Escalada de Privilegios debido al seguimiento de un enlace simbólico (symlink) de UNIX. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966599 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 3CVE-2020-14356 – kernel: Use After Free vulnerability in cgroup BPF component
https://notcve.org/view.php?id=CVE-2020-14356
19 Aug 2020 — A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. Se detectó un fallo de desreferencia de puntero null en el subsistema cgroupv2 del kernel de Linux en versiones anteriores a 5.7.10, en la manera de reiniciar el sistema. Un usuario local podría usar este fallo para bloquear el sistema o escalar sus privilegios en el siste... • https://github.com/ShaikUsaf/linux-4.19.72_CVE-2020-14356 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-15862 – net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution
https://notcve.org/view.php?id=CVE-2020-15862
19 Aug 2020 — Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. Net-SNMP versiones hasta 5.7.3, presenta una Administración de Privilegios Inapropiada porque el acceso de SNMP WRITE en el EXTEND MIB provee la capacidad de ejecutar comandos arbitrarios como root. A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows runni... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965166 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2020-24394 – kernel: umask not applied on filesystem without ACL support
https://notcve.org/view.php?id=CVE-2020-24394
19 Aug 2020 — In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. En el kernel de Linux versiones anteriores a 5.7.8, el archivo fs/nfsd/vfs.c (en el servidor NFS), puede establecer permisos incorrectos en nuevos objetos de un sistema de archivos cuando el sistema de archivos carece de soporte de ACL, también se conoce como CID-22cf84... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 97%CPEs: 25EXPL: 65CVE-2020-1472 – Microsoft Netlogon Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-1472
17 Aug 2020 — An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the... • https://www.exploit-db.com/exploits/49071 • CWE-287: Improper Authentication CWE-330: Use of Insufficiently Random Values •