CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20316 – samba: Symlink race error can allow metadata read and modify outside of the exported share
https://notcve.org/view.php?id=CVE-2021-20316
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. Se ha encontrado un fallo en la forma en que Samba maneja los metadatos de los archivos/directorios. Este fallo permite a un atacante autenticado con permisos para leer o modificar los metadatos del recurso compartido, llevar a cabo esta operación fuera del recurso compartido. • https://access.redhat.com/security/cve/CVE-2021-20316 https://bugzilla.redhat.com/show_bug.cgi?id=2009673 https://bugzilla.samba.org/show_bug.cgi?id=14842 https://security-tracker.debian.org/tracker/CVE-2021-20316 https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2021-20316.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-1621 – Heap buffer overflow in vim_strncpy find_word in vim/vim
https://notcve.org/view.php?id=CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution Un Desbordamiento del búfer de pila en vim_strncpy find_word en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4919. Esta vulnerabilidad es capaz de bloquear el software, Omitir el Mecanismo de Protección, Modificar la Memoria y una posible ejecución remota A flaw was found in vim, where it is vulnerable to a heap buffer overflow in the vim_strncpy find_word function. This flaw allows a specially crafted file to crash software, modify memory and possibly perform remote execution when opened in vim. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIP7KG7TVS5YF3QREAY2GOGUT3YUBZAI https://security.gentoo. • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-28739 – ruby: Buffer overrun in String-to-Float conversion
https://notcve.org/view.php?id=CVE-2022-28739
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. Se presenta una lectura excesiva del búfer en Ruby versiones anteriores a 2.6.10, 2.7.x versiones anteriores a 2.7.6, 3.x versiones anteriores a 3.0.4 y 3.1.x versiones anteriores a 3.1.2. Es producida en la conversión String-to-Float, incluyendo Kernel#Float y String#to_f A buffer overrun vulnerability was found in Ruby. The issue occurs in a conversion algorithm from a String to a Float that causes process termination due to a segmentation fault, but under limited circumstances. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/29 http://seclists.org/fulldisclosure/2022/Oct/30 http://seclists.org/fulldisclosure/2022/Oct/41 http://seclists.org/fulldisclosure/2022/Oct/42 https://hackerone.com/reports/1248108 https://lists.debian.org/debian-lts-announce/2023/06/msg00012.html https://security-tracker.debian.org/tracker/CVE-2022-28739 https://security.gentoo.org/glsa/202401-27 https://security.netapp.com/advisory/n • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 94%CPEs: 4EXPL: 5CVE-2022-30333 – RARLAB UnRAR Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2022-30333
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. RARLAB UnRAR versiones hasta 6.12, en Linux y UNIX permite un salto de directorio para escribir en los archivos durante una operación de extracción (también se conoce como desempaquetado), como es demostrado creando un archivo ~/.ssh/authorized_keys. NOTA: WinRAR y Android RAR no están afectados RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files during an extract (unpack) operation. • https://github.com/aslitsecurity/Zimbra-CVE-2022-30333 https://github.com/TheL1ghtVn/CVE-2022-30333-PoC https://github.com/J0hnbX/CVE-2022-30333 http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html https://security.gentoo.org/glsa/202309-04 https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz https://www.rarlab.com/rar_add.h • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 1CVE-2022-1619 – Heap-based Buffer Overflow in function cmdline_erase_chars in vim/vim
https://notcve.org/view.php?id=CVE-2022-1619
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution Desbordamiento de búfer basado en Heap en la función cmdline_erase_chars en el repositorio de GitHub vim/vim anterior a 8.2.4899. Esta vulnerabilidad es capaz de colapsar el software, modificar la memoria, y la posible ejecución remota • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/ef02f16609ff0a26ffc6e20263523424980898fe https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450 https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6BY5P7ERZS7KXSBCGFCOXLMLGWUUJIH https://lists.fedoraproject& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •