CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2020-6511 – chromium-browser: Side-channel information leakage in content security policy
https://notcve.org/view.php?id=CVE-2020-6511
22 Jul 2020 — Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Un filtrado de información en content security policy en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.105. Issues addressed include buff... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 9.3EPSS: 4%CPEs: 7EXPL: 0CVE-2020-6512 – chromium-browser: Type Confusion in V8
https://notcve.org/view.php?id=CVE-2020-6512
22 Jul 2020 — Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un Confusión de Tipo en V8 en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 84.0.4147.105. Issues addressed include buffer overflow, bypass... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6510 – chromium-browser: Heap buffer overflow in background fetch
https://notcve.org/view.php?id=CVE-2020-6510
22 Jul 2020 — Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer en la región heap de la memoria en background fetch en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium t... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 2%CPEs: 18EXPL: 0CVE-2020-15803
https://notcve.org/view.php?id=CVE-2020-15803
17 Jul 2020 — Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. Zabbix versiones anteriores a 3.0.32rc1, versiones 4.x anteriores a 4.0.22rc1, versiones 4.1.x hasta 4.4.x anteriores a 4.4.10rc1 y versiones 5.x anteriores a 5.0.2rc1, permite un ataque de tipo XSS almacenado en el widget URL • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-15396 – Gentoo Linux Security Advisory 202007-06
https://notcve.org/view.php?id=CVE-2020-15396
30 Jun 2020 — In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. En HylaFAX+ versiones hasta 7.0.2 y HylaFAX Enterprise, la utilidad de configuración del fax llama chown sobre archivos en directorios propiedad del usuario. Al ganar una carrera, un atacante local podría usar esto para escalar sus privilegios para root Multiple vulnerabilities have been found in HylaFAX,... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 1CVE-2020-8019 – syslog-ng: Local privilege escalation from new to root in %post
https://notcve.org/view.php?id=CVE-2020-8019
29 Jun 2020 — A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SU... • https://bugzilla.suse.com/show_bug.cgi?id=1169385 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-14983
https://notcve.org/view.php?id=CVE-2020-14983
22 Jun 2020 — The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. El servidor en Chocolate Doom versión 3.0.0 y Crispy Doom versión 5.8.0, no comprueba el valor de num_players controlado por el usuario, conllevando a un desbordamiento del búfer. Un usuario malicioso puede sobrescribir la pila del servidor • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 1CVE-2020-8164 – rubygem-actionpack: possible strong parameters bypass
https://notcve.org/view.php?id=CVE-2020-8164
19 Jun 2020 — A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. Se presenta una vulnerabilidad de deserialización de datos no confiables en rails versiones anteriores a 5.2.4.3, rails versiones anteriores a 6.0.3.1, que pueden permitir a un atacante suministrar información en la que pueden ser filtrados inadvertidamente parámetros fromStrong A flaw was found in rubygem-actionpack... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00089.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-14004
https://notcve.org/view.php?id=CVE-2020-14004
12 Jun 2020 — An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user. Se detectó un problema en Icinga2 versiones anteriores a v2.12.0-rc1. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00014.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2020-13696 – Ubuntu Security Notice USN-4518-1
https://notcve.org/view.php?id=CVE-2020-13696
08 Jun 2020 — An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00009.html • CWE-863: Incorrect Authorization •