Page 13 of 71 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2020-15250 – Information disclosure in JUnit4

https://notcve.org/view.php?id=CVE-2020-15250

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. • https://github.com/junit-team/junit4/blob/7852b90cfe1cea1e0cdaa19d490c83f0d8684b50/doc/ReleaseNotes4.13.1.md https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae https://github.com/junit-team/junit4/issues/1676 https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp https://junit.org/junit4/javadoc/4.13/org/junit/rules/TemporaryFolder.html https://lists.apache.org/thread.html/r01110833b63616ddbef59ae4e10c0fbd0060f0a51206defd4cb4d917%40%3Ccommits.pulsar.apache.org%3E https://li • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2020-8231 – curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

https://notcve.org/view.php?id=CVE-2020-8231

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. Debido al uso de un puntero colgante, libcurl versiones 7.29.0 hasta 7.71.1, puede usar la conexión errónea cuando envía datos A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl's multi API, and sets the `CURLOPT_CONNECT_ONLY` option, might experience libcurl using the wrong connection. The highest threat from this vulnerability is to data confidentiality. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://curl.haxx.se/docs/CVE-2020-8231.html https://hackerone.com/reports/948876 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.gentoo.org/glsa/202012-14 https://www.debian.org/security/2021/dsa-4881 https://www.oracle.com/securi • CWE-416: Use After Free CWE-822: Untrusted Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-15824

https://notcve.org/view.php?id=CVE-2020-15824

In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default. En JetBrains Kotlin desde la versión 1.4-M1 a la 1.4-RC (ya que Kotlin versión 1.3.7x no se ve afectado por el problema. La versión corregida es la 1.4.0) se presenta una vulnerabilidad de escalada de privilegios de la caché de scripts debido a scripts kotlin-main-kts almacenados en caché en el directorio temporal del sistema, que es compartido por todos los usuarios por defecto. • http://www.openwall.com/lists/oss-security/2020/12/06/1 https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967%40%3Cdev.groovy.apache.org%3E https://lists.apache.org/thread.html/ra12c3e23b021f259a201648005b9946acd7f618a6f32301c97047967%40%3Cusers.groovy.apache.org%3E https://lists.apache.org/thread.html/ra • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 14%CPEs: 74EXPL: 2

CVE-2020-13935 – tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS

https://notcve.org/view.php?id=CVE-2020-13935

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. La longitud de la carga útil en una trama de WebSocket no fue comprobada correctamente en Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M6, versiones 9.0.0.M1 hasta 9.0.36, versiones 8.5.0 hasta 8.5.56 y versiones 7.0.27 hasta 7.0. 104. Las longitudes de carga útil no válidas podrían desencadenar un bucle infinito. • https://github.com/RedTeamPentesting/CVE-2020-13935 https://github.com/aabbcc19191/CVE-2020-13935 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.html https://kc.mcafee.com/corporate/index?page=content&id=SB10332 https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc7904d44b651e50%40%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce& • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1

CVE-2020-15358 – sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c

https://notcve.org/view.php?id=CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. En SQLite versiones anteriores a 3.32.3, el archivo select.c maneja inapropiadamente la optimización query-flattener, conllevando a un desbordamiento de la pila de multiSelectOrderBy debido al uso inapropiado de las propiedades transitivas para la propagación constante A heap buffer overflow was found in SQLite in the query flattening optimization technique. This flaw allows an attacker to execute SQL statements to crash the application, resulting in a denial of service. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 http://seclists.org/fulldisclosure/2021/Feb/14 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200709-0001 https://support.apple.com/kb/HT211843 https://support.apple.com/kb/HT211844 https • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •