CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-2199 – 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c
https://notcve.org/view.php?id=CVE-2024-2199
28 May 2024 — A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. Se encontró una vulnerabilidad de denegación de servicio en el servidor ldap 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una falla del servidor al modificar "userPassword" utilizando una entrada con formato incorrecto. This update for 389-ds fixes the following issues. • https://access.redhat.com/errata/RHSA-2024:3591 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 26EXPL: 0CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
17 May 2024 — GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before... • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 23EXPL: 0CVE-2024-33869 – ghostscript: path traversal and command execution due to path reduction
https://notcve.org/view.php?id=CVE-2024-33869
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. A flaw was found in Ghostscript. • https://bugs.ghostscript.com/show_bug.cgi?id=707691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 6.8EPSS: 0%CPEs: 23EXPL: 0CVE-2024-33870 – ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths
https://notcve.org/view.php?id=CVE-2024-33870
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. • https://bugs.ghostscript.com/show_bug.cgi?id=707686 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-33871 – ghostscript: OPVP device arbitrary code execution via custom Driver library
https://notcve.org/view.php?id=CVE-2024-33871
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. Se descubrió un problema en Artifex Ghostscript antes de la versión 10.03.1. contrib/opvp/gdevopvp.c permite la ejecución de código arbitrario a través de una librería d... • https://bugs.ghostscript.com/show_bug.cgi?id=707754 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 6%CPEs: 26EXPL: 2CVE-2024-29510 – Ghostscript Command Execution via Format String
https://notcve.org/view.php?id=CVE-2024-29510
16 May 2024 — Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Artifex Ghostscript anterior a 10.03.1 permite la corrupción de la memoria y una omisión MÁS SEGURA de la sandbox mediante la inyección de cadena de formato con un dispositivo uniprint. A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands a... • https://packetstorm.news/files/id/179645 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •
CVSS: 8.3EPSS: 0%CPEs: 44EXPL: 0CVE-2024-3727 – Containers/image: digest type does not guarantee valid type
https://notcve.org/view.php?id=CVE-2024-3727
09 May 2024 — A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Se encontró una falla en la librería github.com/containers/image. Esta falla permite a los atacantes activar accesos inesperados al registro autenticado en nombre de un usuario víctima, lo que provoca agotamiento de recursos, path traversal local y otros ataques. This upd... • https://access.redhat.com/errata/RHSA-2024:0045 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 15%CPEs: 12EXPL: 0CVE-2024-4340 – Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
https://notcve.org/view.php?id=CVE-2024-4340
30 Apr 2024 — Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Pasar una lista muy anidada a sqlparse.parse() conduce a una denegación de servicio debido a RecursionError. A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse(), where a recursion error may be triggered, which can lead to a denial of service. It was discovered that SQL parse incorrectly handled certain nested lists. • https://github.com/advisories/GHSA-2m57-hf25-phgg • CWE-674: Uncontrolled Recursion •
CVSS: 6.0EPSS: 0%CPEs: 21EXPL: 0CVE-2024-3447 – Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()
https://notcve.org/view.php?id=CVE-2024-3447
23 Apr 2024 — A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. This update for qemu fixes the following issues. Fixed heap use-after-free in e1000e_write_packet_to_guest. • https://access.redhat.com/security/cve/CVE-2024-3447 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.6EPSS: 7%CPEs: 19EXPL: 0CVE-2023-50186 – GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-50186
19 Apr 2024 — GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of metadata within AV1 encoded video files. The issue results from the lack of proper validation of the length of user-supplied data ... • https://gstreamer.freedesktop.org/security/sa-2023-0011.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •