CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 0CVE-2020-28036 – WordPress Core < 5.5.2 - Privilege Escalation via XML-RPC
https://notcve.org/view.php?id=CVE-2020-28036
29 Oct 2020 — wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post. El archivo wp-includes/class-wp-xmlrpc-server.php en WordPress versiones anteriores a 5.5.2, permite a atacantes conseguir privilegios mediante el uso de XML-RPC para comentar una publicación Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scr... • https://github.com/WordPress/wordpress-develop/commit/c9e6b98968025b1629015998d12c3102165a7d32 • CWE-269: Improper Privilege Management CWE-862: Missing Authorization •
CVSS: 6.4EPSS: 16%CPEs: 6EXPL: 0CVE-2020-28038 – WordPress Core < 5.5.2 - Stored Cross-Site Scripting via post slugs
https://notcve.org/view.php?id=CVE-2020-28038
29 Oct 2020 — WordPress before 5.5.2 allows stored XSS via post slugs. WordPress versiones anteriores a 5.5.2, permite un ataque de tipo XSS almacenado por medio de slugs de publicaciones Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site Request Forgery (CSRF) attacks, escalate privileges, run arbitrary code, and delete arbitrary files. • https://blog.ripstech.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 2%CPEs: 6EXPL: 0CVE-2020-28034 – WordPress Core < 5.5.2 - Reflected Cross-Site Scripting via Global Variables
https://notcve.org/view.php?id=CVE-2020-28034
29 Oct 2020 — WordPress before 5.5.2 allows XSS associated with global variables. WordPress versiones anteriores a 5.5.2, permite un ataque de tipo XSS asociado con variables globales Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site Request Forgery (CSRF) attacks, escalate privileges, run arbitrary code, and delete arbitrary files. • https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 9%CPEs: 5EXPL: 0CVE-2020-28037 – WordPress Core < 5.5.2 - Misconfiguration That Allows Trigger of New Installation
https://notcve.org/view.php?id=CVE-2020-28037
29 Oct 2020 — is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation). La función is_blog_installed en el archivo wp-includes/functions.php en WordPress versiones anteriores a 5.5.2, determina inapropiadamente si WordPress ya está instalado, lo que podría permitir a un atacante llevar a cabo un... • https://github.com/WordPress/wordpress-develop/commit/2ca15d1e5ce70493c5c0c096ca0c76503d6da07c • CWE-285: Improper Authorization CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 4CVE-2020-15238 – Local privilege escalation Blueman
https://notcve.org/view.php?id=CVE-2020-15238
27 Oct 2020 — Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. • https://packetstorm.news/files/id/159740 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-16000 – chromium-browser: Inappropriate implementation in Blink
https://notcve.org/view.php?id=CVE-2020-16000
27 Oct 2020 — Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en Blink en Google Chrome anterior a versión 86.0.4240.111, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed inc... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 1CVE-2020-16001 – chromium-browser: Use after free in media
https://notcve.org/view.php?id=CVE-2020-16001
27 Oct 2020 — Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome anterior a versión 86.0.4240.111, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed includ... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 1CVE-2020-16002 – chromium-browser: Use after free in PDFium
https://notcve.org/view.php?id=CVE-2020-16002
27 Oct 2020 — Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un uso de la memoria previamente liberada en PDFium en Google Chrome anterior a versión 86.0.4240.111, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed includ... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 1CVE-2020-16003 – chromium-browser: Use after free in printing
https://notcve.org/view.php?id=CVE-2020-16003
27 Oct 2020 — Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente en printing liberada en Google Chrome anterior a versión 86.0.4240.111, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 86.0.4240.111. Issues addressed ... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27670 – Debian Security Advisory 4804-1
https://notcve.org/view.php?id=CVE-2020-27670
22 Oct 2020 — An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. Se detectó un problema en Xen versiones hasta 4.14.x, permitiendo a usuarios del Sistema Operativo invitado x86 causar una denegación de servicio (corrupción de datos), causar una filtración de datos o posiblemente alcanzar privilegios porque una entrada de la tabla de páginas IOMMU ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00075.html • CWE-345: Insufficient Verification of Data Authenticity •