CVSS: 6.2EPSS: 0%CPEs: 18EXPL: 0CVE-2024-5569 – Denial of Service via crafted zip file in jaraco/zipp
https://notcve.org/view.php?id=CVE-2024-5569
09 Jul 2024 — A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp... • https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.6EPSS: 69%CPEs: 14EXPL: 0CVE-2024-6409 – Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9
https://notcve.org/view.php?id=CVE-2024-6409
08 Jul 2024 — A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd serve... • http://www.openwall.com/lists/oss-security/2024/07/08/2 • CWE-364: Signal Handler Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-4467 – Qemu-kvm: 'qemu-img info' leads to host file read/write
https://notcve.org/view.php?id=CVE-2024-4467
02 Jul 2024 — A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. Se encontró una falla en el comando 'info' de la utilidad de imagen de disco QEMU (qemu-img). Un archivo de imagen especialmente manipulado que contenga un valor `json:{}` que des... • http://www.openwall.com/lists/oss-security/2024/07/23/2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 32EXPL: 0CVE-2024-37370 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37370
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede modificar el campo Extra Count de texto plano de un token de envoltura GSS krb5 confidencial, lo que hace que el token desenvuelto aparezca truncado para la aplicación. A vulnerability was found in the MIT Kerberos 5 GSS k... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.4EPSS: 0%CPEs: 23EXPL: 0CVE-2024-38428 – wget: Misinterpretation of input may lead to improper behavior
https://notcve.org/view.php?id=CVE-2024-38428
16 Jun 2024 — url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. url.c en GNU Wget hasta 1.24.5 maneja mal los puntos y comas en el subcomponente de información de usuario de un URI y, por lo tanto, puede haber un comportamiento inseguro en el que los datos que se suponía que estaban en el subcomponente de información d... • https://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37388
https://notcve.org/view.php?id=CVE-2024-37388
07 Jun 2024 — An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. Una vulnerabilidad de entidad externa XML (XXE) en la función ebookmeta.get_metadata de lxml anterior a v4.9.1 permite a los atacantes acceder a información confidencial o provocar una denegación de servicio (DoS) a través de una entrada XML manipulada. • https://github.com/dnkorpushov/ebookmeta/issues/16#issue-2317712335 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-49441
https://notcve.org/view.php?id=CVE-2023-49441
06 Jun 2024 — dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. dnsmasq 2.9 es vulnerable al desbordamiento de enteros a través de forward_query. • https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 1%CPEs: 25EXPL: 0CVE-2024-5564 – Libndp: buffer overflow in route information length field
https://notcve.org/view.php?id=CVE-2024-5564
31 May 2024 — A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. Se encontró una vulnerabilidad en libndp. Esta falla permite que un usuario malintencionado local provoque un desbordamiento del búfer en NetworkManager, provocado al enviar un paquete de publicidad de enrutador IPv6 con formato inco... • https://access.redhat.com/errata/RHSA-2024:4618 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.0EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1298 – Integer Overflow caused by divide by zero during S3 suspension
https://notcve.org/view.php?id=CVE-2024-1298
30 May 2024 — EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability. EDK2 contiene una vulnerabilidad cuando se activa la suspensión de S3 donde un atacante puede causar una división por cero debido a un desbordamiento de UNIT32 a través del acceso local. Una explotación exitosa de esta vulnerabilidad puede provocar una pérdida de disponibilidad. A divi... • https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53 • CWE-369: Divide By Zero •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35221 – Denial of service when publishing a package on rubygems.org
https://notcve.org/view.php?id=CVE-2024-35221
29 May 2024 — Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby reads the Manifest of Gem files when using Gem::Specification.from_yaml. from_yaml makes use of SafeYAML.load which allows YAML aliases inside the YAML-based metadata of a gem. YAML aliases allow for Denial of Service attacks with so-called `YAML-bombs` (comparable to Billion laughs attacks). This was patched. • https://en.wikipedia.org/wiki/Billion_laughs_attack • CWE-400: Uncontrolled Resource Consumption •