Page 111 of 1444 results (0.020 seconds)

CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. By manipulating the code flows that precede the handling of these configuration messages, an attacker can also gain some control over which data will be held in the uninitialized stack variables. This can allow him to bypass KASLR, and stack canaries protection - as both pointers and stack canaries may be leaked in this manner. Combining this vulnerability (for example) with the previously disclosed RCE vulnerability in L2CAP configuration parsing (CVE-2017-1000251) may allow an attacker to exploit the RCE against kernels which were built with the above mitigations. • http://seclists.org/oss-sec/2017/q4/357 http://www.securityfocus.com/bid/102101 https://access.redhat.com/errata/RHSA-2018:0654 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1130 https://access.redhat.com/errata/RHSA-2018:1170 https://access.redhat.com/errata/RHSA-2018:1319 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. Un usuario sin privilegios puede montar un sistema de archivos en el espacio de usuario (FUSE) en RHEL 6 o 7 y provocar el cierre inesperado del sistema si una aplicación hace un agujero en un archivo que no termina alineado con un límite de página. • http://www.securityfocus.com/bid/102128 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1854 https://bugzilla.redhat.com/show_bug.cgi?id=1520893 https://support.f5.com/csp/article/K42142782?utm_source=f5support&amp%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2017-15121 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 1

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1. Cuando se utiliza el modo Navegación Privada, es posible que un trabajador web escriba datos persistentes en IndexedDB y realice fingerprinting en un usuario de forma única. IndexedDB no debería estar disponible en modo Navegación Privada y estos datos almacenados persistirán en varias sesiones en modo Navegación Privada porque no se borran al cerrar. • http://www.securityfocus.com/bid/102039 http://www.securityfocus.com/bid/102112 http://www.securitytracker.com/id/1039954 https://access.redhat.com/errata/RHSA-2017:3382 https://bugzilla.mozilla.org/show_bug.cgi?id=1410106 https://lists.debian.org/debian-lts-announce/2017/12/msg00003.html https://www.debian.org/security/2017/dsa-4062 https://www.mozilla.org/security/advisories/mfsa2017-27 https://www.mozilla.org/security/advisories/mfsa2017-28 https://access.redhat.com/securit • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0

It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it. Se ha encontrado que la función sysdb_search_user_by_upn_res() de sssd en versiones anteriores a la 1.16.0 no saneaba las peticiones al consultar su caché local y era vulnerable a inyecciones. En un entorno de inicio de sesión centralizado, si un hash de contraseña se almacenaba en la caché local de un usuario determinado, un atacante autenticado podía utilizar este error para recuperarlo. It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. • https://access.redhat.com/errata/RHSA-2017:3379 https://access.redhat.com/errata/RHSA-2018:1877 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173 https://access.redhat.com/security/cve/CVE-2017-12173 https://bugzilla.redhat.com/show_bug.cgi?id=1498173 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 91%CPEs: 15EXPL: 0

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. Las versiones anteriores a la 4.7.3 de Samba podrían permitir que atacantes remotos obtengan información sensible aprovechando el error del servidor para borrar la memoria dinámica (heap) asignada. A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. • http://www.securityfocus.com/bid/101908 http://www.securitytracker.com/id/1039855 http://www.ubuntu.com/usn/USN-3486-1 http://www.ubuntu.com/usn/USN-3486-2 https://access.redhat.com/errata/RHSA-2017:3260 https://access.redhat.com/errata/RHSA-2017:3261 https://access.redhat.com/errata/RHSA-2017:3278 https://lists.debian.org/debian-lts-announce/2017/11/msg00029.html https://security.gentoo.org/glsa/201805-07 https://support.hpe.com/hpsc/doc/public/display?docLoc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •