CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-3748 – QEMU: virtio-net: heap use-after-free in virtio_net_receive_rcu
https://notcve.org/view.php?id=CVE-2021-3748
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. Se ha encontrado una vulnerabilidad de uso de memoria previamente liberada en el dispositivo virtio-net de QEMU. Podría ocurrir cuando la dirección del descriptor pertenece a la región de acceso no directo, debido a que num_buffers es establecido después de que el elemento virtqueue haya sido desmapeado. • https://bugzilla.redhat.com/show_bug.cgi?id=1998514 https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6 https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20220425-0004 https://ubuntu.com/security/CVE-2021-3748 https://access. • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20319 – coreos-installer: incorrect signature verification on gzip-compressed install images
https://notcve.org/view.php?id=CVE-2021-20319
An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed. Se ha encontrado una vulnerabilidad de verificación de firma inapropiada en coreos-installer. Una imagen de instalación gzip especialmente diseñada puede omitir la verificación de la firma de la imagen y, como consecuencia, puede conllevar a una instalación de contenido no firmado. • https://bugzilla.redhat.com/show_bug.cgi?id=2011862 https://github.com/coreos/coreos-installer/pull/659/commits/ad243c6f0eff2835b2da56ca5f7f33af76253c89 https://github.com/coreos/coreos-installer/security/advisories/GHSA-3r3g-g73x-g593 https://access.redhat.com/security/cve/CVE-2021-20319 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38911
https://notcve.org/view.php?id=CVE-2021-38911
IBM Security Risk Manager on CP4S 1.7.0.0 stores user credentials in plain clear text which can be read by a an authenticatedl privileged user. IBM X-Force ID: 209940. IBM Security Risk Manager on CP4S versión 1.7.0.0, almacena las credenciales de usuarios en texto sin cifrar que puede ser leído por un usuario privilegiado autenticado. IBM X-Force ID: 209940 • https://exchange.xforce.ibmcloud.com/vulnerabilities/209940 https://www.ibm.com/support/pages/node/6505281 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29912
https://notcve.org/view.php?id=CVE-2021-29912
IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828. IBM Security Risk Manager on CP4S versión 1.7.0.0, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista y conllevando potencialmente a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/207828 https://www.ibm.com/support/pages/node/6505283 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3746
https://notcve.org/view.php?id=CVE-2021-3746
A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability is to system availability. This issue affects libtpms versions before 0.8.5, before 0.7.9 and before 0.6.6. Se ha encontrado un fallo en el código de libtpms que puede causar un acceso más allá de los límites de los búferes internos. • https://bugzilla.redhat.com/show_bug.cgi?id=1998588 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •