CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-17052
https://notcve.org/view.php?id=CVE-2019-17052
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. ax25_create en net / ax25 / af_ax25.c en el módulo de red AF_AX25 en el kernel de Linux versión 3.16 hasta la la versión 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también conocido como CID-0614e2b73768 • http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=2c675dab816278a1724c1e93b384c2f05a11cb31 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0614e2b73768b502fc32a75349823356d98aae2c https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html • CWE-276: Incorrect Default Permissions •
CVSS: 4.0EPSS: 0%CPEs: 12EXPL: 0CVE-2019-17055 – kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
https://notcve.org/view.php?id=CVE-2019-17055
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. La función base_sock_create en el archivo drivers/isdn/mISDN/socket.c en el módulo de red AF_ISDN en el kernel de Linux versiones hasta 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también se conoce como CID-b91ee4aa2a21. A vulnerability was found in the Linux kernel’s implementation of the AF_ISDN protocol, which does not enforce the CAP_NET_RAW capability. This flaw can allow unprivileged users to create a raw socket for this protocol. This could further allow the user to control the availability of an existing ISDN circuit. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://access.redhat.com/errata/RHSA-2020:0790 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b91ee4aa2 • CWE-250: Execution with Unnecessary Privileges CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16993
https://notcve.org/view.php?id=CVE-2019-16993
In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting them. En phpBB versiones anteriores a 3.1.7-PL1, el archivo includes/acp/acp_bbcodes.php presenta una comprobación inapropiada de un token de CSRF en la página BBCode en el Panel de Control de Administración. Un ataque de tipo CSRF real es posible si un atacante también logra recuperar el id de sesión de un administrador reautenticado antes de que sea atacado. • https://github.com/phpbb/phpbb/commit/18abef716ecf42a35416444f3f84f5459d573789 https://lists.debian.org/debian-lts-announce/2019/09/msg00036.html https://lists.debian.org/debian-lts-announce/2019/10/msg00006.html https://www.phpbb.com/community/viewtopic.php?t=2352606 https://www.phpbb.com/support/documents.php?mode=changelog&version=3#v317 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2019-16276 – golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling
https://notcve.org/view.php?id=CVE-2019-16276
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Go versiones anteriores a 1.12.10 y versiones 1.13.x anteriores a 1.13.1, permitir el Trafico No Autorizado de Peticiones HTTP. It was discovered that net/http (through net/textproto) in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server implemented in Go or to filter bypasses depending on the specific network configuration. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html https://access.redhat.com/errata/RHSA-2020:0101 https://access.redhat.com/errata/RHSA-2020:0329 https://access.redhat.com/errata/RHSA-2020:0652 https://github.com/golang/go/issues/34540 https://groups.google.com/forum/#%21msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ https://lists.debian.org/debian-lts-announce/2021/03/msg00014.html https&# • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 0CVE-2019-9433 – libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c
https://notcve.org/view.php?id=CVE-2019-9433
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 En libvpx, se presenta una posible divulgación de información debido a una comprobación de entrada inapropiada. Esto podría conllevar a una divulgación de información remota sin ser necesarios privilegios de ejecución adicionales. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html http://www.openwall.com/lists/oss-security/2019/10/25/17 http://www.openwall.com/lists/oss-security/2019/10/27/1 http://www.openwall.com/lists/oss-security/2019/11/07/1 https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN https://lists.fedoraproject.org/archives/list/package-an • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •