CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2020-6377 – chromium-browser: Use after free in audio
https://notcve.org/view.php?id=CVE-2020-6377
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en audio en Google Chrome versiones anteriores a la versión 79.0.3945.117, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00023.html https://access.redhat.com/errata/RHSA-2020:0084 https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html https://crbug.com/1029462 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK https:/ • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 1CVE-2020-6750
https://notcve.org/view.php?id=CVE-2020-6750
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected. GSocketClient en GNOME GLib versiones hasta 2.62.4, ocasionalmente puede conectarse directamente a una dirección de destino en lugar de conectarse por medio de un servidor proxy cuando se configuró para hacerlo, porque el campo proxy_addr es manejado inapropiadamente. • https://bugzilla.suse.com/show_bug.cgi?id=1160668 https://gitlab.gnome.org/GNOME/glib/issues/1989 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RIFEDSRJ4P3WFCMDUOFQ2LEILZLMDW7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMLGW55HOQXHMTIPH2PWXFRBNBWVO4W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEM7MMAXMWCDPUH4MTUZ763MBB64RRLJ https://security.netapp.com/advisory/ntap-20200127-0001 •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 1CVE-2019-5188 – e2fsprogs: Out-of-bounds write in e2fsck/rehash.c
https://notcve.org/view.php?id=CVE-2019-5188
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Existe una vulnerabilidad de ejecución de código en la funcionalidad directory rehashing de E2fsprogs e2fsck versión 1.45.4. Un directorio ext4 especialmente diseñado puede causar una escritura fuera de límites en la pila, resultando en una ejecución de código. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00004.html https://lists.debian.org/debian-lts-announce/2020/03/msg00030.html https://lists.debian.org/debian-lts-announce/2020/07/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY https://security.netapp.com/advisory/ntap-20220506-0001 https://ta • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-14834 – dnsmasq: memory leak in the create_helper() function in /src/helper.c
https://notcve.org/view.php?id=CVE-2019-14834
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. Se encontró una vulnerabilidad en dnsmasq versiones anteriores a la versión 2.81, donde la pérdida de memoria permite a atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de vectores que implican una creación de respuesta DHCP. A flaw was found in the Dnsmasq application where a remote attacker can trigger a memory leak by sending specially crafted DHCP responses to the server. A successful attack is dependent on a specific configuration regarding the domain name set into the dnsmasq.conf file. Over time, the memory leak may cause the process to run out of memory and terminate, causing a denial of service. • http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=69bc94779c2f035a9fffdb5327a54c3aeca73ed5 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14834 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JU474LT66BHNVFG5C4GEV3VTZNAEJ3BS https://access.redhat.com/security/cve/CVE-2019-14834 https://bugzilla.redhat.com/show_bug.cgi?id=1764425 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-5310 – python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode
https://notcve.org/view.php?id=CVE-2020-5310
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. El archivo libImaging/TiffDecode.c en Pillow versiones anteriores a la versión 6.2.2, tiene un desbordamiento de enteros de la decodificación TIFF, relacionado con realloc. • https://github.com/python-pillow/Pillow/commit/4e2def2539ec13e53a82e06c4b3daf00454100c4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MMU3WT2X64GS5WHDPKKC2WZA7UIIQ3A https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P https://pillow.readthedocs.io/en/stable/releasenotes/6.2.2.html https://usn.ubuntu.com/4272-1 https://access.redhat.com/security/cve/CVE-2020-5310 https://bugzilla.redhat.com/show_bug.cgi?id& • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •