CVSS: 5.3EPSS: 3%CPEs: 56EXPL: 0CVE-2018-20685 – openssh: scp client improper directory name validation
https://notcve.org/view.php?id=CVE-2018-20685
10 Jan 2019 — In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. En OpenSSH 7.9, scp.c en el cliente scp permite que los servidores SSH omitan las restricciones de acceso planeadas mediante un nombre de archivo "." o un nombre de archivo vacío. El impacto consiste en modificar los permisos del directorio objetivo en el lado del cliente. Many ... • http://www.securityfocus.com/bid/106531 • CWE-20: Improper Input Validation CWE-863: Incorrect Authorization •
CVSS: 5.9EPSS: 0%CPEs: 1095EXPL: 0CVE-2018-3693 – Kernel: speculative bounds check bypass store
https://notcve.org/view.php?id=CVE-2018-3693
10 Jul 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y la predicción de ramas podría permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un desbordamiento de búfer especulativo y el análisis de canal lateral. ... • https://access.redhat.com/errata/RHSA-2018:2384 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 38EXPL: 0CVE-2018-1000007 – curl: HTTP authentication leak in redirects
https://notcve.org/view.php?id=CVE-2018-1000007
24 Jan 2018 — libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers... • http://www.openwall.com/lists/oss-security/2022/04/27/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 69%CPEs: 87EXPL: 1CVE-2016-8610 – SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
https://notcve.org/view.php?id=CVE-2016-8610
30 Jan 2017 — A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. Se ha encontrado un fallo de denegación de servicio en OpenSSL en las versiones 0.9.8, 1.0.1, 1.0.2 hasta la 1.0.2h y la 1.1.0 en la forma en la que el protocolo TLS/SSL de... • https://github.com/cujanovic/CVE-2016-8610-PoC • CWE-400: Uncontrolled Resource Consumption •