Page 133 of 3742 results (0.019 seconds)

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2019-17669 – WordPress Core < 5.2.4 - Server Side Request Forgery

https://notcve.org/view.php?id=CVE-2019-17669

WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters. WordPress versiones anteriores a 5.2.4, presenta una vulnerabilidad de tipo Server Side Request Forgery (SSRF) porque la comprobación de URL no considera la interpretación de un nombre como una serie de caracteres hexadecimales. • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46475 https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release https://wpvulndb.com/vulnerabilities/9912 https://www.debian.org/security/2020/dsa-4 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-17675 – WordPress Core < 5.2.4 - Type Confusion

https://notcve.org/view.php?id=CVE-2019-17675

WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF. WordPress antes de 5.2.4, no considera apropiadamente la confusión de tipos durante la comprobación del referente en las páginas de administración, conllevando posiblemente a un ataque de tipo CSRF. • https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46477 https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0 https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release https://wpvulndb.com/vulnerabilities/9913 https://www.debian.org/security/2020/dsa-4 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.3EPSS: 1%CPEs: 4EXPL: 2

CVE-2019-17671 – WordPress Core < 5.2.4 - Authorization Bypass

https://notcve.org/view.php?id=CVE-2019-17671

In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled. En WordPress anterior a 5.2.4, es posible la visualización no autenticada de cierto contenido porque la propiedad de consulta estática es manejada inapropiadamente. • https://www.exploit-db.com/exploits/47690 https://github.com/rhbb/CVE-2019-17671 https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html https://core.trac.wordpress.org/changeset/46474 https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308 https://lists.debian.org/debian-lts-announce/2019/11/msg00000.html https://seclists.org/bugtraq/2020/Jan/8 https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 1

CVE-2019-17533

https://notcve.org/view.php?id=CVE-2019-17533

Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed. La función Mat_VarReadNextInfo4 en el archivo mat4.c en MATIO versión 1.5.17, omite cierto carácter '\0', lo que conlleva a una lectura excesiva de búfer en la región heap de la memoria en strdup_vprintf cuando se accede a la memoria no inicializada. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856 https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a https://lists.debian.org/debian-lts-announce/2020/06/msg00037.html • CWE-125: Out-of-bounds Read CWE-908: Use of Uninitialized Resource •

CVSS: 9.8EPSS: 1%CPEs: 51EXPL: 0

CVE-2019-17531 – jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

https://notcve.org/view.php?id=CVE-2019-17531

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. Se detectó un problema de escritura polimórfica en FasterXML jackson-databind versiones 2.0.0 hasta 2.9.10. Cuando Default Typing está habilitado (globalmente o para una propiedad específica) para un endpoint JSON expuesto externamente y el servicio presenta el jar apache-log4j-extra (versión 1.2.x) en el classpath, y un atacante puede proveer un servicio JNDI para acceder, es posible hacer que el servicio ejecute una carga útil maliciosa. • https://access.redhat.com/errata/RHSA-2019:4192 https://access.redhat.com/errata/RHSA-2020:0159 https://access.redhat.com/errata/RHSA-2020:0160 https://access.redhat.com/errata/RHSA-2020:0161 https://access.redhat.com/errata/RHSA-2020:0164 https://access.redhat.com/errata/RHSA-2020:0445 https://github.com/FasterXML/jackson-databind/issues/2498 https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/ • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •