CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 2CVE-2019-5010 – python: NULL pointer dereference using a specially crafted X509 certificate
https://notcve.org/view.php?id=CVE-2019-5010
04 Mar 2019 — An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explotable en el analizador de certificados X509 de Python.org Python versión 2.7.11 / 3.6.6. Un certificado X509 e... • https://github.com/JonathanWilbur/CVE-2019-5010 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 1%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •
CVSS: 9.8EPSS: 1%CPEs: 18EXPL: 1CVE-2019-7164 – python-sqlalchemy: SQL Injection when the order_by parameter can be controlled
https://notcve.org/view.php?id=CVE-2019-7164
20 Feb 2019 — SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. SQLAlchemy, hasta la versión 1.2.17 y las 1.3.x hasta la 1.3.0b2, permite Inyección SQL mediante el parámetro "order_by". Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlche... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00087.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.0EPSS: 0%CPEs: 55EXPL: 1CVE-2019-6454 – systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash
https://notcve.org/view.php?id=CVE-2019-6454
18 Feb 2019 — An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). Se ha descubierto un problema en sd-bus en... • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 2CVE-2019-7222 – Kernel: KVM: leak of uninitialized stack contents to guest
https://notcve.org/view.php?id=CVE-2019-7222
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información. An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory co... • https://packetstorm.news/files/id/151712 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 2CVE-2019-7665 – elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c
https://notcve.org/view.php?id=CVE-2019-7665
09 Feb 2019 — In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes. En elfutils 0.175, existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función elf32_xlatetom en elf32_xlatetom.c. Una entrada ELF manipulada puede provocar un fallo de segmentación que conduce a una dene... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 1CVE-2019-7664 – elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h
https://notcve.org/view.php?id=CVE-2019-7664
09 Feb 2019 — In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash). En elfutils 0.175, se intenta realizar un memcpy de tamaño negativo en elf_cvt_note en libelf/note_xlate.h debido a una comprobación de desbordamiento incorrecta. Las entradas elf manipuladas provocan un fallo de segmentación, que conduce a una denegación de servicio (cierre inespera... • https://access.redhat.com/errata/RHSA-2019:2197 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 1CVE-2019-7548 – python-sqlalchemy: SQL Injection when the group_by parameter can be controlled
https://notcve.org/view.php?id=CVE-2019-7548
06 Feb 2019 — SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. SQLAlchemy 1.2.17 tiene una inyección SQL cuando el parámetro group_by se puede controlar. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlchemy is an Object Relational Mapper that provides a... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00087.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 1CVE-2019-7310 – poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
https://notcve.org/view.php?id=CVE-2019-7310
03 Feb 2019 — In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. En la versión 0.73.0 de Poppler, una sobrelectura de búfer (debido a un error en la propiedad signedness de un número entero en la función XRef::getEntry function en XRef.cc) basada en memoria dinámica (heap) p... • http://www.securityfocus.com/bid/106829 • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2018-18506 – Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied
https://notcve.org/view.php?id=CVE-2018-18506
31 Jan 2019 — When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •