Page 123 of 1900 results (0.020 seconds)

CVSS: 7.1EPSS: 1%CPEs: 9EXPL: 0

In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 En libvpx, se presenta un posible agotamiento de recursos debido a una comprobación de entrada inapropiada. Esto podría conllevar a una denegación de servicio remota sin ser necesarios privilegios de ejecución adicionales. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html http://www.openwall.com/lists/oss-security/2019/10/25/17 http://www.openwall.com/lists/oss-security/2019/10/27/1 http://www.openwall.com/lists/oss-security/2019/11/07/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6 https://sec • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 1%CPEs: 9EXPL: 0

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302 En libvpx, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de información remota sin ser necesarios privilegios de ejecución adicionales. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html http://www.openwall.com/lists/oss-security/2019/10/25/17 http://www.openwall.com/lists/oss-security/2019/10/27/1 http://www.openwall.com/lists/oss-security/2019/11/07/1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6 https://sec • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 1%CPEs: 12EXPL: 0

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774 En libexif, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. Esto podría conllevar a una escalada de privilegios remota en el proveedor de contenido multimedia sin ser necesarios privilegios de ejecución adicionales. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html http://www.openwall.com/lists/oss-security/2019/10/25/17 http://www.openwall.com/lists/oss-security/2019/10/27/1 http://www.openwall.com/lists/oss-security/2019/11/07/1 https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566 https://github.com/libexif/libexif/issues/26 https://lists.debian.org/debian-lts-anno • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 En libvpx, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de información remota sin ser necesarios privilegios de ejecución adicionales. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html http://www.openwall.com/lists/oss-security/2019/10/25/17 http://www.openwall.com/lists/oss-security/2019/10/27/1 http://www.openwall.com/lists/oss-security/2019/11/07/1 https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN https://lists.fedoraproject.org/archives/list/package-an • CWE-125: Out-of-bounds Read •

CVSS: 6.3EPSS: 0%CPEs: 14EXPL: 0

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. Se detectó que había un ataque de sincronización ECDSA en la biblioteca criptográfica libgcrypt20. Versión afectada: 1.8.4-5, 1.7.6-2+deb9u3 y 1.6.3-2+deb8u4. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html http://www.openwall.com/lists/oss-security/2019/10/02/2 https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5 https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html https://minerva.crocs.fi.muni.cz https://security-tracker.debian.org/tracker/CV • CWE-203: Observable Discrepancy CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •