CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 2CVE-2020-27777 – kernel: powerpc: RTAS calls can be used to compromise kernel integrity
https://notcve.org/view.php?id=CVE-2020-27777
15 Dec 2020 — A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel. Se encontró un fallo en la manera en que RTAS manejaba los accesos a la memoria en el espacio de usuario para la comunicación del kernel. En un sistema invitado bloqueado (generalm... • https://bugzilla.redhat.com/show_bug.cgi?id=1900844 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 3%CPEs: 14EXPL: 5CVE-2020-27786 – kernel: use-after-free in kernel midi subsystem
https://notcve.org/view.php?id=CVE-2020-27786
11 Dec 2020 — A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en la implementaci... • https://github.com/kiks7/CVE-2020-27786-Kernel-Exploit • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-14336 – openshift: restricted SCC allows pods to craft custom network packets
https://notcve.org/view.php?id=CVE-2020-14336
26 Oct 2020 — A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en las Restricciones de Contexto de Seguridad (SCC), que permite a los pods diseñar paquetes de red personalizados. Este fallo permite a un atacante causar un... • https://bugzilla.redhat.com/show_bug.cgi?id=1858981 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10743 – kibana: X-Frame-Option not set by default might lead to clickjacking
https://notcve.org/view.php?id=CVE-2020-10743
16 Sep 2020 — It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking. Se detectó que la distribución Kibana OpenShift Container Platform (OCP) podía abrirse en un iframe, lo que permitía interceptar y manipular las peticiones. Este fallo permite a un atacante engañar a un usuari... • https://bugzilla.redhat.com/show_bug.cgi?id=1834550 • CWE-358: Improperly Implemented Security Check for Standard CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 4%CPEs: 21EXPL: 1CVE-2020-8945 – proglottis/gpgme: Use-after-free in GPGME bindings during container image pull
https://notcve.org/view.php?id=CVE-2020-8945
12 Feb 2020 — The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. El contenedor Proglottis Go versiones anteriores a 0.1.1 para la biblioteca GPGME, presenta un uso de la memoria previamente liberada, como es demostrado por el uso para las extracciones de imágenes de contenedores para Docker o CRI-O. Esto conlleva a un bloqueo o posible ej... • https://access.redhat.com/errata/RHSA-2020:0679 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 14%CPEs: 58EXPL: 0CVE-2018-14718 – jackson-databind: arbitrary code execution in slf4j-ext class
https://notcve.org/view.php?id=CVE-2018-14718
02 Jan 2019 — FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.7 podrían permitir a los atacantes remotos ejecutar código arbitrario aprovechando un fallo para bloquear la clase slf4j-ext de deserialización polimórfica. A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malic... • http://www.securityfocus.com/bid/106601 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 3%CPEs: 55EXPL: 0CVE-2018-14719 – jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes
https://notcve.org/view.php?id=CVE-2018-14719
02 Jan 2019 — FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.7 podrían permitir a los atacantes remotos ejecutar código arbitrario aprovechando un fallo para bloquear las clases blaze-ds-opt y blaze-ds-core de deserialización polimórfica. A flaw was discovered in jackson-databind, where it would p... • https://access.redhat.com/errata/RHBA-2019:0959 • CWE-502: Deserialization of Untrusted Data •