CVSS: 7.3EPSS: 0%CPEs: 9EXPL: 0CVE-2024-2947 – Cockpit: command injection when deleting a sosreport with a crafted name
https://notcve.org/view.php?id=CVE-2024-2947
28 Mar 2024 — A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer. Se encontró una falla en Cockpit. Eliminar un informe sos con un nombre modificado a través de la interfaz web de Cockpit puede generar una vulnerabilidad de inyección de comandos, lo que resulta en una escalada de privilegios. • https://access.redhat.com/errata/RHSA-2024:3667 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2024-30203 – emacs: Gnus treats inline MIME contents as trusted
https://notcve.org/view.php?id=CVE-2024-30203
25 Mar 2024 — In Emacs before 29.3, Gnus treats inline MIME contents as trusted. En Emacs anterior a 29.3, Gnus trata el contenido MIME en línea como confiable. A flaw was found in Emacs. When Emacs is used as an email client, inline MIME attachments are considered to be trusted by default, allowing a crafted LaTeX document to exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-30205 – emacs: Org mode considers contents of remote files to be trusted
https://notcve.org/view.php?id=CVE-2024-30205
25 Mar 2024 — In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. En Emacs anterior a 29.3, el modo Org considera que el contenido de los archivos remotos es confiable. Esto afecta al modo de organización anterior a la versión 9.6.23. A flaw was found in Emacs. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data CWE-494: Download of Code Without Integrity Check •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-30156 – varnish: HTTP/2 Broken Window Attack may result in denial of service
https://notcve.org/view.php?id=CVE-2024-30156
24 Mar 2024 — Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack. Varnish Cache anterior a 7.3.2 y 7.4.x anterior a 7.4.3 (y anterior a 6.0.13 LTS), y Varnish Enterprise 6 anterior a 6.0.12r6, permite el agotamiento de los créditos para una ventana de flujo de control de conexión HTTP/2, también conocido como ataque de ventana rota. A flaw was found in the Var... • https://varnish-cache.org/docs/7.5/whats-new/changes-7.5.html#security • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 0CVE-2024-28834 – Gnutls: vulnerable to minerva side-channel information leak
https://notcve.org/view.php?id=CVE-2024-28834
21 Mar 2024 — A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. Se encontró una falla en GnuTLS. El ataque Minerva es una vulnerabilidad criptográfica que explota el comportamiento determinista en sistemas ... • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-1394 – Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads
https://notcve.org/view.php?id=CVE-2024-1394
21 Mar 2024 — A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fa... • https://access.redhat.com/errata/RHSA-2024:1462 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-28835 – Gnutls: potential crash during chain building/verification
https://notcve.org/view.php?id=CVE-2024-28835
21 Mar 2024 — A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. Se ha descubierto una falla en GnuTLS donde se puede inducir una falla de la aplicación al intentar verificar un paquete .pem especialmente manipulado usando el comando "certtool --verify-chain". • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-248: Uncaught Exception •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-2609 – Mozilla: Permission prompt input delay could expire when not in focus
https://notcve.org/view.php?id=CVE-2024-2609
19 Mar 2024 — The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10. El retraso en la entrada del mensaje de permiso podría haber expirado mientras la ventana no estaba enfocada, lo que hizo que el mensaje fuera vulnerable al clickjacking por parte de sitios web maliciosos. Esta vulnerabilidad afecta a Firefox < 124. • https://bugzilla.mozilla.org/show_bug.cgi?id=1866100 • CWE-356: Product UI does not Warn User of Unsafe Actions •
CVSS: 8.6EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1753 – Buildah: full container escape at build time
https://notcve.org/view.php?id=CVE-2024-1753
18 Mar 2024 — A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. Se encontró una fa... • https://access.redhat.com/errata/RHSA-2024:2049 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-7250 – Iperf3: possible denial of service
https://notcve.org/view.php?id=CVE-2023-7250
18 Mar 2024 — A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service. Se encontró una falla en iperf, una utilidad para probar el rendimiento de la red mediante TCP, UDP y SCTP. Un cliente... • https://access.redhat.com/errata/RHSA-2024:4241 • CWE-183: Permissive List of Allowed Inputs •