CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3886
https://notcve.org/view.php?id=CVE-2019-3886
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block. Se ha descubierto una comprobación de permisos incorrecta en versiones de libvirt 4.8.0 y superiores. Se ha permitido que el permiso de solo lectura invoque API dependiendo del agente invitado, lo que podría conducir a una potencial divulgación de información no intencionada o una denegación de servicio (DoS) provocando un bloqueo de libvirt. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html http://www.securityfocus.com/bid/107777 https://access.redhat.com/errata/RHBA-2019:3723 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH https://usn.ubuntu.com/4021-1 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2019-0217 – httpd: mod_auth_digest: access control bypass due to race condition
https://notcve.org/view.php?id=CVE-2019-0217
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. En Apache HTTP Server 2.4 versión 2.4.38 y anteriores, una condición de carrera en mod_auth_digest cuando se ejecuta en un servidor multihilo podría permitir a un usuario con credenciales válidas autenticarse usando otro nombre de usuario, evitando las restricciones de control de acceso configuradas. A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html http://www.openwall.com/lists/oss-security/2019/04/02/5 http://www.securityfocus.com/bid/107668 https://access.redhat.com/errata/RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:3932 https://access.red • CWE-284: Improper Access Control CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0220 – httpd: URL normalization inconsistency
https://notcve.org/view.php?id=CVE-2019-0220
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. Se descubrió una vulnerabilidad en Apache HTTP Server 2.4.0 hasta 2.4.38. Cuando el componente del recorrido de la solicitud de la URL contiene múltiples barras diagonales consecutivas ('/'), como por ejemplo LocationMatch y RewriteRule debe tener en cuenta los duplicados en las expresiones regulares que otros aspectos del procesamiento de los servidores los colapsarán implícitamente. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html http://www.openwall.com/lists/oss-security/2019/04/02/6 http://www.securityfocus.com/bid/107670 https://access.redhat.com/errata/RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:4126 https://access.red • CWE-41: Improper Resolution of Path Equivalence CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 8.8EPSS: 96%CPEs: 68EXPL: 3CVE-2019-0211 – Apache HTTP Server Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-0211
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. En Apache HTTP Server 2.4, versiones 2.4.17 a 2.4.38, con el evento MPM, worker o prefork, el código ejecutándose en procesos hijo (o hilos) menos privilegiados (incluyendo scripts ejecutados por un intérprete de scripts en proceso) podría ejecutar código arbitrario con los privilegios del proceso padre (normalmente root) manipulando el marcador. Los sistemas que no son Unix no se ven afectados. A flaw was found in Apache where code executing in a less-privileged child process or thread could execute arbitrary code with the privilege of the parent process (usually root). • https://www.exploit-db.com/exploits/46676 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x • CWE-250: Execution with Unnecessary Privileges CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0160 – edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media
https://notcve.org/view.php?id=CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. Desbordamiento de búfer en el firmware del sistema para EDK II podría permitir que un usuario no autenticado escale privilegios y/o provoque una denegación de servicio mediante acceso de red. Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media. • https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html https://access.redhat.com/security/cve/CVE-2019-0160 https://bugzilla.redhat.com/show_bug.cgi?id=1691640 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •