Page 18 of 156 results (0.017 seconds)

CVSS: 8.5EPSS: 0%CPEs: 17EXPL: 0

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. Se ha encontrado una vulnerabilidad en qemu-img, la biblioteca de cliente por defecto de PostgreSQL por la que libpq fracasa a la hora de restablecer su estado interno entre conexiones. Si se emplea una versión afectada de libpq se emplea con parámetros de conexión "host" o "hostaddr" desde entradas no fiables, los atacantes podrían omitir características de seguridad de conexión del lado del cliente, obtener acceso a conexiones con mayores privilegios o, posiblemente, provocar otro tipo de impacto mediante una inyección SQL. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html http://www.securityfocus.com/bid/105054 http://www.securitytracker.com/id/1041446 https://access.redhat.com/errata/RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2557 https://access.redhat.com/errata/RHSA-2018:2565 https://access.redhat.com/errata/RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2018:2721 https://access.redhat.com/errata&#x • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host. Se ha detectado que vdsm en versiones anteriores a la 4.20.37 invoca qemu-img en entradas no fiables sin limitar recursos. Mediante la subida de una imagen especialmente manipulada, un atacante podría provocar que el proceso qemu-img consuma cantidades ilimitadas de memoria del tiempo de CPU, provocando una denegación de servicio (DoS) que podría afectar a otros usuarios del host. • http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html https://access.redhat.com/errata/RHEA-2018:2624 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908 https://gerrit.ovirt.org/#/c/93195 • CWE-20: Improper Input Validation CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 74%CPEs: 127EXPL: 0

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/104976 http://www.securitytracker.com/id/1041424 http://www.securitytracker.com/id/1041434 https://access.redhat.co • CWE-400: Uncontrolled Resource Consumption •

CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected. Se ha detectado un problema de salto de directorio en reposync, de yum-utils, en el que reposync falla a la hora de sanear rutas en los archivos de configuración del repositorio remoto. • http://www.securitytracker.com/id/1041594 https://access.redhat.com/errata/RHSA-2018:2284 https://access.redhat.com/errata/RHSA-2018:2285 https://access.redhat.com/errata/RHSA-2018:2626 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897 https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c https://github.com/rpm-software-management/yum-utils/pull/43 https&# • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.6EPSS: 0%CPEs: 8EXPL: 0

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. WildFly Core en versiones anteriores a la 6.0.0.0.Alpha3 no valida correctamente las rutas de los archivos en los archivos .war, lo que permite la extracción de archivos .war manipulados para sobrescribir archivos arbitrarios. Este es un ejemplo de la vulnerabilidad 'Zip Slip'. It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. • https://access.redhat.com/errata/RHSA-2018:2276 https://access.redhat.com/errata/RHSA-2018:2277 https://access.redhat.com/errata/RHSA-2018:2279 https://access.redhat.com/errata/RHSA-2018:2423 https://access.redhat.com/errata/RHSA-2018:2424 https://access.redhat.com/errata/RHSA-2018:2425 https://access.redhat.com/errata/RHSA-2018:2428 https://access.redhat.com/errata/RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2019:0877 https://bugzilla.redhat.com/show_bug. • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •