CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 1CVE-2020-8023 – Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
https://notcve.org/view.php?id=CVE-2020-8023
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. • https://bugzilla.suse.com/show_bug.cgi?id=1172698 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2020-25032
https://notcve.org/view.php?id=CVE-2020-25032
An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. Se detectó un problema en Flask-CORS (también se conoce como CORS Middleware para Flask) versiones anteriores a 3.0.9. Permite que un salto de directorios ../ acceda a recursos privados porque la coincidencia de recursos no garantiza que los nombres de ruta estén en un formato canónico • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00048.html https://github.com/corydolphin/flask-cors/releases/tag/3.0.9 https://www.debian.org/security/2020/dsa-4775 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2020-24972
https://notcve.org/view.php?id=CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL. El componente Kleopatra versiones anteriores a 3.1.12 (y versiones anteriores a 20.07.80) para GnuPG, permite a atacantes remotos ejecutar código arbitrario porque las URL openpgp4fpr: son compatibles sin un manejo seguro de las opciones de la línea de comandos. La opción de línea de comando Qt platformpluginpath puede ser usada para cargar una DLL arbitraria • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00064.html https://dev.gnupg.org/rKLEOPATRAb4bd63c1739900d94c04da03045e9445a5a5f54b https://dev.gnupg.org/source/kleo/browse/master/CMakeLists.txt https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRIPL72WMXTVWS2M7WYV5SNPETYJ2YI7 https://security.gentoo.org/glsa/202008-21 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 6.5EPSS: 2%CPEs: 7EXPL: 0CVE-2020-6562 – chromium-browser: Insufficient policy enforcement in Blink
https://notcve.org/view.php?id=CVE-2020-6562
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una aplicación insuficiente de la política en Blink en Google Chrome versiones anteriores a 85.0.4183.83, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html https://crbug.com/1086845 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT https://security.gentoo.org/glsa/202101-30 https:/&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2020-6571 – chromium-browser: Incorrect security UI in Omnibox
https://notcve.org/view.php?id=CVE-2020-6571
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Una comprobación insuficiente de datos en Omnibox en Google Chrome versiones anteriores a 85.0.4183.83, permitía a un atacante remoto llevar a cabo una suplantación de dominio por medio de homógrafos de IDN mediante un nombre de dominio diseñado • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html https://crbug.com/1085315 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT https://security.gentoo.org/glsa/202101-30 https:/&# • CWE-20: Improper Input Validation •