Page 134 of 3742 results (0.026 seconds)

CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 2

CVE-2019-17455

https://notcve.org/view.php?id=CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. Libntlm versiones hasta 1.5, se basa en un tamaño de búfer fijo para operaciones de lectura y escritura de las funciones tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge y tSmbNtlmAuthResponse, como es demostrado por una lectura excesiva de búfer en la región heap de la memoria en la función buildSmbNtlmAuthRequest en el archivo smbutil.c para una petición NTLM especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00032.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942145 https://gitlab.com/jas/libntlm/issues/2 https://lists.debian.org/debian-lts-announce/2020/05/msg00010.html https://lists.debian.org/debian-lts-announce/2021/11/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BVFO3OVJPMSGIXBKNOCVOJZ3UTGZQF5 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-17402 – exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check

https://notcve.org/view.php?id=CVE-2019-17402

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. Exiv2 versión 0.27.2, permite a atacantes activar un bloqueo en la función Exiv2::getULong en el archivo types.cpp cuando es llamada desde la función Exiv2::Internal::CiffDirectory::readDirectory en el archivo crwimage_int.cpp, porque no existe comprobación de la relación del tamaño total con el desplazamiento y el tamaño. An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format (CRW) images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application's memory or make it crash. The biggest threat with this vulnerability is availability of the system. • https://github.com/Exiv2/exiv2/issues/1019 https://lists.debian.org/debian-lts-announce/2019/12/msg00001.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/4159-1 https://access.redhat.com/security/cve/CVE-2019-17402 https://bugzilla.redhat.com/show_bug.cgi?id=1773683 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 1

CVE-2019-17362

https://notcve.org/view.php?id=CVE-2019-17362

In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. En LibTomCrypt versiones hasta 1.18.2, la función der_decode_utf8_string (en el archivo der_decode_utf8_string.c) no detecta apropiadamente determinadas secuencias UTF-8 no válidas. Esto permite a atacantes dependiendo del contexto causar una denegación de servicio (lectura y bloqueo fuera de límites) o leer información desde otras ubicaciones de memoria por medio de datos codificados con DER cuidadosamente diseñados. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00041.html https://github.com/libtom/libtomcrypt/issues/507 https://github.com/libtom/libtomcrypt/pull/508 https://lists.debian.org/debian-lts-announce/2019/10/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/47YP5SXQ4RY6KMTK2HI5ZZR244XKRMCZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject& • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2019-14846 – ansible: secrets disclosed on logs when no_log enabled

https://notcve.org/view.php?id=CVE-2019-14846

In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process. En Ansible, todas las versiones de Ansible Engine hasta ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, se registraban en el nivel DEBUG, lo que conlleva a la divulgación de credenciales si un plugin usó una biblioteca que registraba credenciales en el nivel DEBUG. Este defecto no afecta a los módulos de Ansible, ya que son ejecutados en un proceso separado. Ansible was logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html https://access.redhat.com/errata/RHSA-2019:3201 https://access.redhat.com/errata/RHSA-2019:3202 https://access.redhat.com/errata/RHSA-2019:3203 https://access.redhat.com/errata/RHSA-2019:3207 https://access.redhat.com/errata/RHSA-2020:0756 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14846 https://github.com/ansible/ansible • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 9.8EPSS: 1%CPEs: 19EXPL: 0

CVE-2019-17267 – jackson-databind: Serialization gadgets in classes of the ehcache package

https://notcve.org/view.php?id=CVE-2019-17267

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Se detectó un problema de Escritura Polimórfica en FasterXML jackson-databind versiones anteriores a 2.9.10. Está relacionado con net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. • https://access.redhat.com/errata/RHSA-2019:3200 https://access.redhat.com/errata/RHSA-2020:0159 https://access.redhat.com/errata/RHSA-2020:0160 https://access.redhat.com/errata/RHSA-2020:0161 https://access.redhat.com/errata/RHSA-2020:0164 https://access.redhat.com/errata/RHSA-2020:0445 https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10 https://github.com/FasterXML/jackson-databind/issues/2460 https://lists.apache.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •