CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19010
https://notcve.org/view.php?id=CVE-2019-19010
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. Una inyección eval en el plugin Math de Limnoria (versiones anteriores a 2019.11.09) y Supybot (hasta el 09-05-2018) permite a atacantes remotos no privilegiados revelar información o posiblemente tener otro impacto no especificado por medio de los comandos calc e icalc IRC. • https://github.com/ProgVal/Limnoria/commit/3848ae78de45b35c029cc333963d436b9d2f0a35 https://github.com/ProgVal/Limnoria/wiki/math-eval-vulnerability https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54CQM2TEXRADLE77VOMCPHL5PBHR3ZWJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P2AGND54UIJV3WHOYO2YINIXSDGAAPO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRNOUHFEN75QAIKT4Y3HDN3TT5LSIWN2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-14869 – ghostscript: -dSAFER escape in .charkeys (701841)
https://notcve.org/view.php?id=CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands. Se detectó un fallo en todas las versiones de ghostscript 9.x en versiones anteriores a la 9.50, donde el procedimiento ".charkeys", donde no aseguraba apropiadamente sus llamadas privilegiadas, permitiendo que los scripts omitieran las restricciones "-dSAFER". Un atacante podría abusar de este fallo mediante la creación de un archivo PostScript especialmente diseñado que podría aumentar los privilegios dentro de Ghostscript y acceder a archivos fuera de áreas restringidas o ejecutar comandos. A flaw was found in the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. • http://jvn.jp/en/jp/JVN52486659/index.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00050.html http://www.openwall.com/lists/oss-security/2019/11/15/1 https://access.redhat.com/errata/RHSA-2020:0222 https://bugs.ghostscript.com/show_bug.cgi?id=701841 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14869 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=48590477 • CWE-648: Incorrect Use of Privileged APIs CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-18928 – cyrus-imapd: privilege escalation in HTTP request
https://notcve.org/view.php?id=CVE-2019-18928
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. Cyrus IMAP versiones 2.5.x anteriores a la versión 2.5.14 y versiones 3.x anteriores a la versión 3.0.12, permite una escalada de privilegios porque una petición HTTP puede ser interpretada en el contexto de autenticación de una petición anterior no relacionada que llegó por medio de la misma conexión. • https://lists.debian.org/debian-lts-announce/2022/06/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAGKPZDXQ6KRUGQVRAO6N4PCINP6KS5F https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHV3TUU53WCKJ3BBRK2EHAF44MSZEFK6 https://www.cyrusimap.org/imap/download/release-notes/2.5/x/2.5.14.html https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.12.html https://access.redhat.com/security/cve/CVE-2 • CWE-287: Improper Authentication •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2019-18837
https://notcve.org/view.php?id=CVE-2019-18837
An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c. Se descubrió un problema en crun versiones anteriores a la versión 0.10.5. Con una imagen especialmente diseñada, no comprueba correctamente si un objetivo es un enlace simbólico, resultando en el acceso a archivos fuera del contenedor. • https://github.com/containers/crun/pull/173 https://github.com/containers/crun/releases/tag/0.10.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTA5SJUAKQUK6HRY2CZVJUIZP5BO3EOG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITB2UNEGHXZUR3ATYHWPSK5LJB36N7AP • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2019-14818 – dpdk: possible memory leak leads to denial of service
https://notcve.org/view.php?id=CVE-2019-14818
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. Se encontró un fallo en todas las versiones de dpdk 17.xx anteriores a 17.11.8, versiones 16.xx anteriores a 16.11.10, versiones 18.xx anteriores a 18.11.4 y versiones 19.xx anteriores a 19.08.1, donde un maestro malicioso o un contenedor con acceso al socket vhost_user, puede enviar mensajes de VRING_SET_NUM especialmente diseñados, resultando en una pérdida de memoria incluyendo descriptores de archivo. Este fallo podría conllevar a una condición de denegación de servicio. A flaw was found in dpdk where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. • https://access.redhat.com/errata/RHSA-2020:0165 https://access.redhat.com/errata/RHSA-2020:0166 https://access.redhat.com/errata/RHSA-2020:0168 https://access.redhat.com/errata/RHSA-2020:0171 https://access.redhat.com/errata/RHSA-2020:0172 https://bugs.dpdk.org/show_bug.cgi?id=363 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14818 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULJ3C7OVBOEVDGSHYC3VCLSUHANGTFFP https://access.redhat& • CWE-401: Missing Release of Memory after Effective Lifetime •