Page 11 of 57 results (0.012 seconds)

CVSS: 6.8EPSS: 3%CPEs: 27EXPL: 0

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegación de servicio mediante un desbordamiento de buffer basado en memoria dinámica o, posiblemente tener otro impacto no especificado a través de datos XML manipulados, un tema relacionado con CVE-2015-2716. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. La función gzip_decode en la biblioteca de cliente xmlrpc en Python versiones 3.4 y anteriores, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de una petición HTTP especialmente diseñada. It was discovered that the Python xmlrpclib did not restrict the size of a gzip compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. • https://bugs.python.org/issue16043 https://access.redhat.com/security/cve/CVE-2013-1753 https://bugzilla.redhat.com/show_bug.cgi?id=1046170 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.8EPSS: 0%CPEs: 88EXPL: 2

The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Los clientes HTTP en las librarias (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib en CPython (también conocido como Python) 2.x anterior a 2.7.9 y 3.x anterior a 3.4.3, cuando accede a una URL HTTPS, not (a) comprueba el certificado contra un almacen trust o verifica que elnombre del servidor coincide con un nombre de dominio en el campo del tema (b) Common Name o (c) subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario. The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. • http://bugs.python.org/issue22417 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://www.openwall.com/lists/oss-security/2014/12/11/1 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/71639 https://access.redhat.com/errata/RHSA-2016:1166 https://access.redhat.com/errata/RHSA-2017:1162 https://access.redhat.com/errata&#x • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 3.3EPSS: 0%CPEs: 17EXPL: 0

Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value. Condición de carrera en la función _get_masked_mode en Lib/os.py en Python 3.2 hasta 3.5, cuando exist_ok está activado y se utilizan múltiples hilos, podría permitir a usuarios locales saltarse el archivo destinado a los permisos aprovechando una vulnerabilidad de solicitud por separado antes de que umask haya sido ajustado al valor esperado. • http://bugs.python.org/issue21082 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00007.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html http://www.openwall.com/lists/oss-security/2014/03/28/15 http://www.openwall.com/lists/oss-security/2014/03/29/5 http://www.openwall.com/lists/oss-security/2014/03/30/4 https://security.gentoo.org/glsa/201503-10 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.8EPSS: 17%CPEs: 8EXPL: 2

The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator. El módulo CGIHTTPServer en Python versiones 2.7.5 y 3.3.4, no maneja apropiadamente las URL en las que la codificación de URL es usada para los separadores de ruta, lo que permite a atacantes remotos leer el código fuente del script o conducir un salto de directorio y ejecutar código no deseado por medio de una secuencia de caracteres diseñada, como es demostrado mediante un separador %2f. It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory. • https://www.exploit-db.com/exploits/33894 http://bugs.python.org/issue21766 http://openwall.com/lists/oss-security/2014/06/26/3 https://access.redhat.com/security/cve/cve-2014-4650 https://access.redhat.com/security/cve/CVE-2014-4650 https://bugzilla.redhat.com/show_bug.cgi?id=1113527 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-138: Improper Neutralization of Special Elements •