CVSS: 6.8EPSS: 1%CPEs: 8EXPL: 0CVE-2024-6237 – 389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request
https://notcve.org/view.php?id=CVE-2024-6237
09 Jul 2024 — A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. • https://access.redhat.com/security/cve/CVE-2024-6237 • CWE-230: Improper Handling of Missing Values •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2024-6604 – Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13
https://notcve.org/view.php?id=CVE-2024-6604
09 Jul 2024 — Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13. Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these coul... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1748105%2C1837550%2C1884266 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-6603 – Mozilla: Memory corruption in thread creation
https://notcve.org/view.php?id=CVE-2024-6603
09 Jul 2024 — In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13. In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. The Mozilla Foundation Security Advisory describes t... • https://bugzilla.mozilla.org/show_bug.cgi?id=1895081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-6601 – Mozilla: Race condition in permission assignment
https://notcve.org/view.php?id=CVE-2024-6601
09 Jul 2024 — A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13. A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. The Mozilla Foundation Security Advisory describes this flaw as: A race condition could lead to a cross-origin container obtaining... • https://bugzilla.mozilla.org/show_bug.cgi?id=1890748 • CWE-281: Improper Preservation of Permissions CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 1CVE-2024-3596 – RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.
https://notcve.org/view.php?id=CVE-2024-3596
09 Jul 2024 — RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. El protocolo RADIUS según RFC 2865 es susceptible a ataques de falsificación por parte de un atacante local que puede modificar cualquier respuesta válida (acceso-aceptación, acceso-rechazo o acceso-desafío) a cualquier otra respuesta... • https://github.com/alperenugurlu/CVE-2024-3596-Detector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-328: Use of Weak Hash CWE-354: Improper Validation of Integrity Check Value CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.6EPSS: 70%CPEs: 14EXPL: 0CVE-2024-6409 – Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9
https://notcve.org/view.php?id=CVE-2024-6409
08 Jul 2024 — A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd serve... • http://www.openwall.com/lists/oss-security/2024/07/08/2 • CWE-364: Signal Handler Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-4467 – Qemu-kvm: 'qemu-img info' leads to host file read/write
https://notcve.org/view.php?id=CVE-2024-4467
02 Jul 2024 — A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. Se encontró una falla en el comando 'info' de la utilidad de imagen de disco QEMU (qemu-img). Un archivo de imagen especialmente manipulado que contenga un valor `json:{}` que des... • http://www.openwall.com/lists/oss-security/2024/07/23/2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-37371 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37371
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede provocar lecturas de memoria no válidas durante el manejo de tokens de mensajes GSS al enviar tokens de mensajes con campos de longitud no válidos. A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the pla... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 32EXPL: 0CVE-2024-37370 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37370
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede modificar el campo Extra Count de texto plano de un token de envoltura GSS krb5 confidencial, lo que hace que el token desenvuelto aparezca truncado para la aplicación. A vulnerability was found in the MIT Kerberos 5 GSS k... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-39331 – emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
https://notcve.org/view.php?id=CVE-2024-39331
23 Jun 2024 — In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5. En Emacs anterior a 29.4, org-link-expand-abbrev en lisp/ol.el expande una abreviatura de enlace %(...) incluso cuando especifica una función no segura, como shell-command-to-string. Esto afecta al modo de organización anterior a 9.7.5. A flaw was found in Emacs. • https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •