CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2020-25708 – libvncserver: libvncserver/rfbserver.c has a divide by zero which could result in DoS
https://notcve.org/view.php?id=CVE-2020-25708
18 Nov 2020 — A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. Se encontró un problema de división por cero en libvncserver-0.9.12. Un cliente malicioso podría usar este fallo para enviar un mensaje especialmente diseñado que, cuando se procesaba mediante el servidor VNC, conduciría a una excepción de punto flot... • https://bugzilla.redhat.com/show_bug.cgi?id=1896739 • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-25692 – openldap: NULL pointer dereference for unauthenticated packet in slapd
https://notcve.org/view.php?id=CVE-2020-25692
09 Nov 2020 — A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. Se encontró una desreferencia de puntero NULL en el servidor OpenLDAP y se corrigió en openldap versión 2.4.55, durante una petición para cambiar el nombre de los RDN. Un atacante no autenticado podría bloquear remotamente el proceso slapd al enviar ... • https://bugzilla.redhat.com/show_bug.cgi?id=1894567 • CWE-476: NULL Pointer Dereference •
CVSS: 6.6EPSS: 1%CPEs: 15EXPL: 0CVE-2020-14355 – spice: multiple buffer overflow vulnerabilities in QUIC decoding code
https://notcve.org/view.php?id=CVE-2020-14355
06 Oct 2020 — Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution. Se encontraron múltiples vulnerabilidades de desbordamiento de búfer en el proceso de decodif... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14346 – X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14346
02 Sep 2020 — A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en xorg-x11-server versiones anteriores a 1.20.9. Un subdesbordamiento de enteros en la decodificación del protocolo de extensión de entrada X en el servidor X puede conllevar a un acceso ar... • https://bugzilla.redhat.com/show_bug.cgi?id=1862246 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14361 – X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14361
02 Sep 2020 — A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en X.Org Server versiones anteriores a xorg-x11-server 1.20.9. Un subdesbordamiento de enteros que conlleva a un desbordamiento del búfer de la pila puede conllevar a una vulnerabilidad de escalada de pr... • https://bugzilla.redhat.com/show_bug.cgi?id=1869142 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14362 – X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14362
02 Sep 2020 — A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en X.Org Server versiones anteriores a xorg-x11-server 1.20.9. Un subdesbordamiento de enteros que conlleva a un desbordamiento del búfer de la pila puede conllevar a una vulnerabilidad de escalada de pr... • https://bugzilla.redhat.com/show_bug.cgi?id=1869144 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.0EPSS: 11%CPEs: 15EXPL: 2CVE-2020-14364 – QEMU: usb: out-of-bounds r/w access issue while processing usb packets
https://notcve.org/view.php?id=CVE-2020-14364
31 Aug 2020 — An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. Se encontró un fallo de acceso de lectura/escritura fuer... • https://github.com/gejian-iscas/CVE-2020-14364 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.8EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10687 – Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
https://notcve.org/view.php?id=CVE-2020-10687
17 Aug 2020 — A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. Se detectó un fallo en todas las versiones de Undertow versiones anteriores a Undertow 2.2.0.Final, donde el tráfico malicioso de peticiones... • https://bugzilla.redhat.com/show_bug.cgi?id=1785049 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 76%CPEs: 54EXPL: 1CVE-2020-9490 – httpd: Push diary crash on specifically crafted HTTP/2 header
https://notcve.org/view.php?id=CVE-2020-9490
07 Aug 2020 — Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. Apache HTTP Server versiones 2.4.20 hasta 2.4.43.. Un valor especialmente diseñado para el encabezado "Cache-Digest" en una petición HTTP/2 resultaría en un bloqueo cuando el servidor realmente... • https://packetstorm.news/files/id/160392 • CWE-400: Uncontrolled Resource Consumption CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-10688 – RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack
https://notcve.org/view.php?id=CVE-2020-10688
28 May 2020 — A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack. Se encontró un fallo de tipo cross-site scripting (XSS) en RESTEasy en versiones anteriores a 3.11.1.Final y anteriores a 4.5.3.Final, donde no manejaba apropiadamente la codificación de URL cuando ocurre la excepción RESTEASY003870. Un atac... • https://bugzilla.redhat.com/show_bug.cgi?id=1814974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •