CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14040 – golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
https://notcve.org/view.php?id=CVE-2020-14040
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String. El paquete x/text anterior a la versión 0.3.3 para Go tiene una vulnerabilidad en la codificación/unicode que podría llevar al decodificador UTF-16 a ingresar en un bucle infinito, causando que el programa se bloquee o se ejecute fuera de la memoria. Un atacante podría proporcionar un solo byte a un decodificador UTF16 instanciado con UseBOM o ExpectBOM para activar un bucle infinito si se llama a la función String en el Decoder, o el Decoder es pasado a golang.org/x/text/transform.String A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. • https://groups.google.com/forum/#%21topic/golang-announce/bXVeAmGOqz0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O https://access.redhat.com/security/cve/CVE-2020-14040 https://bugzilla.redhat.com/show_bug.cgi?id=1853652 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.2EPSS: 37%CPEs: 3EXPL: 6CVE-2020-14295 – Cacti 1.2.12 - 'filter' SQL Injection
https://notcve.org/view.php?id=CVE-2020-14295
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries. Un problema de inyección SQL en el archivo color.php en Cacti versión 1.2.12, permite a un administrador inyectar SQL por medio del parámetro filter. Esto puede conllevar a una ejecución de comandos remota porque el producto acepta consultas en pila • https://www.exploit-db.com/exploits/49810 https://github.com/0z09e/CVE-2020-14295 https://github.com/mrg3ntl3m4n/CVE-2020-14295 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html http://packetstormsecurity.com/files/162384/Cacti-1.2.12-SQL-Injection-Remote-Code-Execution.html http://packetstormsecurity.com/files/162918/Cacti-1.2.12-SQL-Injection-Remote-Command-Execution.html https://github.com/C • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14148
https://notcve.org/view.php?id=CVE-2020-14148
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function. La implementación del protocolo Server-Server en ngIRCd versiones anteriores a 26~rc2, permite un acceso fuera de límites, como es demostrado por la función IRC_NJOIN() • https://github.com/ngircd/ngircd/issues/274 https://github.com/ngircd/ngircd/issues/277 https://github.com/ngircd/ngircd/pull/275 https://github.com/ngircd/ngircd/pull/276 https://github.com/ngircd/ngircd/releases/tag/rel-26-rc2 https://lists.debian.org/debian-lts-announce/2020/06/msg00023.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJOYV5GHUFJMUVQW3TJKXZ7JPXL4W3ER https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-13999
https://notcve.org/view.php?id=CVE-2020-13999
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file. La función ScaleViewPortExtEx en la biblioteca libemf.cpp en libEMF (también se conoce como ECMA-234 Metafile Library) versión 1.0.12, permite un desbordamiento de enteros y una denegación de servicio por medio de un archivo EMF diseñado • http://libemf.sourceforge.net/index.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/555PIBSHDUZD26UCJ5DHCQ4W7RXEZC66 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVZXYNDM4YOONMXYPW2GTMIS6V6JBIL6 https://sourceforge.net/p/libemf/code/HEAD/tree https://sourceforge.net/p/libemf/news/2020/06/release-of-libemf-1013 https://sourceforge.net/projects/libemf • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 13%CPEs: 11EXPL: 0CVE-2020-0198 – libexif: integer overflow in exif_data_load_data_content function in exif-data.c
https://notcve.org/view.php?id=CVE-2020-0198
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941 En la función exif_data_load_data_content del archivo exif-data.c, se presenta un posible aborto de UBSAN debido a un desbordamiento de enteros. Esto podría conllevar a una denegación de servicio remota sin ser necesarios privilegios de ejecución adicionales. Es requerida una interacción del usuario para su explotación. • https://lists.debian.org/debian-lts-announce/2020/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ELDZR6USD5PR34MRK2ZISLCYJ465FNKN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVBD5JRUQPN4LQHTAAJHA3MR5M7YTAC7 https://security.gentoo.org/glsa/202011-19 https://source.android.com/security/bulletin/pixel/2020-06-01 https://usn.ubuntu.com/4396-1 https://access.redhat.com/security/cve/CVE-2020-0198 https:/ • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •