CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
14 May 2021 — A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una des... • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 13%CPEs: 205EXPL: 1CVE-2021-3449 – NULL pointer deref in signature_algorithms processing
https://notcve.org/view.php?id=CVE-2021-3449
25 Mar 2021 — An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS c... • https://github.com/riptl/cve-2021-3449 • CWE-476: NULL Pointer Dereference •
CVSS: 7.4EPSS: 0%CPEs: 56EXPL: 0CVE-2021-3450 – CA certificate check bypass with X509_V_FLAG_X509_STRICT
https://notcve.org/view.php?id=CVE-2021-3450
25 Mar 2021 — The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectivel... • http://www.openwall.com/lists/oss-security/2021/03/27/1 • CWE-295: Improper Certificate Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20227 – Ubuntu Security Notice USN-4732-1
https://notcve.org/view.php?id=CVE-2021-20227
11 Feb 2021 — A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la funcionalidad de consulta SELECT de SQLite (src/select.c). Este fallo permite a un atacante que es capaz de ejecutar consultas SQL localmente en la base... • https://bugzilla.redhat.com/show_bug.cgi?id=1924886 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2020-24977 – libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2020-24977
03 Sep 2020 — GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. El proyecto de GNOME libxml2 v2.9.10 tiene una vulnerabilidad de sobre lectura del buffer global en xmlEncodeEntitiesInternal en libxml2/entities.c. El problema ha sido corregido en el commit 50f06b3e Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 2CVE-2020-13871 – Gentoo Linux Security Advisory 202007-26
https://notcve.org/view.php?id=CVE-2020-13871
06 Jun 2020 — SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. SQLite versión 3.32.2, presenta un uso de la memoria previamente liberada en la función resetAccumulator en el archivo select.c porque la reescritura del árbol de análisis para funciones de ventana es demasiado tarde Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Versions less than 3.32.3 are affected. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-416: Use After Free •
CVSS: 7.5EPSS: 60%CPEs: 38EXPL: 2CVE-2020-1967 – Segmentation fault in SSL_check_chain
https://notcve.org/view.php?id=CVE-2020-1967
21 Apr 2020 — Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL ver... • https://packetstorm.news/files/id/157527 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 7%CPEs: 27EXPL: 1CVE-2020-11655 – Gentoo Linux Security Advisory 202007-26
https://notcve.org/view.php?id=CVE-2020-11655
09 Apr 2020 — SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. SQLite versiones hasta 3.31.1, permite a atacantes causar una denegación de servicio (fallo de segmentación) por medio de una consulta de una función de window malformada porque la inicialización el objeto AggInfo es manejada inapropiadamente. It was discovered that SQLite incorrectly handled certain corrupted schemas. An at... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 11%CPEs: 15EXPL: 0CVE-2020-11656 – Gentoo Linux Security Advisory 202007-26
https://notcve.org/view.php?id=CVE-2020-11656
09 Apr 2020 — In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. En SQLite versiones hasta 3.31.1, la implementación de ALTER TABLE presenta un uso de la memoria previamente liberada, como es demostrado por una cláusula ORDER BY que pertenece a una sentencia SELECT compuesta. Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Versions less than... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2020-1730 – libssh: denial of service when handling AES-CTR (or DES) ciphers
https://notcve.org/view.php?id=CVE-2020-1730
09 Apr 2020 — A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability. Se detectó un fallo en libssh versiones anteriores a 0.8.9 y versiones anteriores a 0.9.4, en la manera en que se manejaron los cifrados AES-CTR (o DES si e... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730 • CWE-476: NULL Pointer Dereference •