CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-4625
https://notcve.org/view.php?id=CVE-2011-4625
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages. simplesamlphp versiones anteriores a 1.6.3 (squeeze) y versiones anteriores a 1.8.2 (sid) maneja incorrectamente el cifrado XML lo que podría permitir a atacantes remotos descifrar o falsificar mensajes. • https://security-tracker.debian.org/tracker/CVE-2011-4625 https://www.mageni.net/1.3.6.1.4.1.25623.1.0.70545 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0899
https://notcve.org/view.php?id=CVE-2007-0899
There is a possible heap overflow in libclamav/fsg.c before 0.100.0. Existe un posible desbordamiento de la pila en el archivo libclamav/fsg.c versiones anteriores a la versión 0.100.0. • https://security-tracker.debian.org/tracker/CVE-2007-0899 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 1CVE-2006-4245
https://notcve.org/view.php?id=CVE-2006-4245
archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. archivemail versión 0.6.2, utiliza archivos temporales de forma no segura lo que conlleva a una posible condición de carrera • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=385253 https://security-tracker.debian.org/tracker/CVE-2006-4245 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 1CVE-2013-5123 – phlyLabs phlyMail Lite 4.03.04 - 'go' Open Redirect
https://notcve.org/view.php?id=CVE-2013-5123
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. El soporte de duplicación (-M, --use-mirrors) en Python Pip versiones anteriores a la versión 1.5, utiliza consultas DNS no seguras y comprobaciones de autenticidad que permiten a atacantes realizar ataques de tipo man-in-the-middle. • https://www.exploit-db.com/exploits/24086 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155248.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155291.html http://www.openwall.com/lists/oss-security/2013/08/21/17 http://www.openwall.com/lists/oss-security/2013/08/21/18 http://www.securityfocus.com/bid/77520 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5123 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5123 https&# • CWE-287: Improper Authentication •
CVSS: 5.1EPSS: 0%CPEs: 5EXPL: 1CVE-2019-5068
https://notcve.org/view.php?id=CVE-2019-5068
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. Existe una vulnerabilidad de permisos de memoria compartida explotable en la funcionalidad de X11 de Mesa 3D Graphics Library versión 19.1.2. Un atacante puede acceder a la memoria compartida sin ningún permiso específico para activar esta vulnerabilidad. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00037.html https://gitlab.freedesktop.org/mesa/mesa/-/commit/02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc https://lists.debian.org/debian-lts-announce/2019/11/msg00013.html https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857 https://usn.ubuntu.com/4271-1 • CWE-277: Insecure Inherited Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •