CVSS: 6.5EPSS: 4%CPEs: 3EXPL: 0CVE-2016-2037
https://notcve.org/view.php?id=CVE-2016-2037
The cpio_safer_name_suffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file. La función cpio_safer_name_suffix en util.c en cpio 2.11 permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango) através de un archivo cpio manipulado. • http://www.debian.org/security/2016/dsa-3483 http://www.openwall.com/lists/oss-security/2016/01/19/4 http://www.openwall.com/lists/oss-security/2016/01/22/4 http://www.securityfocus.com/bid/82293 http://www.securitytracker.com/id/1035067 http://www.ubuntu.com/usn/USN-2906-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 97%CPEs: 68EXPL: 10CVE-2015-7547 – glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2015-7547
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. Múltiples desbordamientos de buffer basado en pila en las funciones (1) send_dg y (2) send_vc en la librería libresolv en la librería GNU C (también conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una respuesta DNS manipulada que desencadenan una llamada a la función getaddrinfo con la familia de direcciones AF_UNSPEC o AF_INET6, en relación con la ejecución de "consultas duales A/AAAA DNS" y el módulo libnss_dns.so.2 NSS. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. • https://www.exploit-db.com/exploits/39454 https://www.exploit-db.com/exploits/40339 https://github.com/fjserna/CVE-2015-7547 https://github.com/cakuzo/CVE-2015-7547 https://github.com/Stick-U235/CVE-2015-7547-Research https://github.com/t0r0t0r0/CVE-2015-7547 https://github.com/babykillerblack/CVE-2015-7547 https://github.com/Amilaperera12/Glibc-Vulnerability-Exploit-CVE-2015-7547 https://github.com/miracle03/CVE-2015-7547-master https://github.com/bluebluelan/CVE-2015-7547&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 1CVE-2015-8370 – grub2: buffer overflow when checking password entered during bootup
https://notcve.org/view.php?id=CVE-2015-8370
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. Múltiple desbordamiento inferior de entero en Grub2 1.98 hasta la versión 2.02 permite a atacantes físicamente próximos eludir la autenticación, obtener información sensible o causar una denegación de servicio (corrupción de disco) a través del carácter backspace en la función (1) grub_username_get en grub-core/normal/auth.c o (2) grub_password_get en lib/crypto.c, lo que desencadena un error de memoria 'Off-by-two' o 'Out of bounds overwrite'. A flaw was found in the way grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system. • http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173703.html http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174049.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 4%CPEs: 5EXPL: 0CVE-2015-8313
https://notcve.org/view.php?id=CVE-2015-8313
GnuTLS incorrectly validates the first byte of padding in CBC modes GnuTLS comprueba incorrectamente el primer byte de relleno en los modos CBC • http://www.debian.org/security/2015/dsa-3408 http://www.securityfocus.com/archive/1/537012/100/0/threaded http://www.securityfocus.com/bid/78327 https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8313 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2015-8313 https://security-tracker.debian.org/tracker/CVE-2015-8313 • CWE-203: Observable Discrepancy •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5276
https://notcve.org/view.php?id=CVE-2015-5276
The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does not properly handle short reads from blocking sources, which makes it easier for context-dependent attackers to predict the random values via unspecified vectors. La clase std::random_device en libstdc++ en el GNU Compiler Collection (también conocido como GCC) en versiones anteriores a 4.9.4 no maneja adecuadamente lecturas cortas desde fuentes bloqueadas, lo que hace mas fácil para atacantes dependientes del contexto predecir los valores aleatorios a través de vectores no especificados. • http://lists.opensuse.org/opensuse-updates/2015-11/msg00054.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00052.html http://www.securitytracker.com/id/1034375 https://bugzilla.redhat.com/show_bug.cgi?id=1262846 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65142 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •