Page 20 of 1223 results (0.041 seconds)

CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 1

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el código de transformación de IPsec ESP en net/ipv4/esp4.c y net/ipv6/esp6.c. Este fallo permite a un atacante local con un privilegio de usuario normal sobrescribir los objetos de la pila del núcleo y puede causar una amenaza de escalada de privilegios local • https://github.com/plummm/CVE-2022-27666 https://bugzilla.redhat.com/show_bug.cgi?id=2061633 https://github.com/torvalds/linux/commit/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 https://security.netapp.com/advisory/ntap-20220429-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-27666 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. ALPACA es un ataque de confusión de contenido de protocolo de capa de aplicación, que explota servidores TLS que implementan diferentes protocolos pero que usan certificados compatibles, como certificados multidominio o comodín. Un atacante de tipo MiTM que tenga acceso al tráfico de la víctima en la capa TCP/IP puede redirigir el tráfico de un subdominio a otro, resultando en a una sesión TLS válida. • https://alpaca-attack.com https://bugzilla.redhat.com/show_bug.cgi?id=1975623 https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html • CWE-295: Improper Certificate Validation •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. OpenVPN versiones 2.1 hasta v2.4.12 y versión v2.5.6, puede permitir una omisión de autenticación en los complementos de autenticación externa cuando más de uno de ellos hace uso de las respuestas de autenticación diferida, lo que permite que sea concedido acceso a un usuario externo con credenciales sólo parcialmente correctas • https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJ35WKPME4HYNQCQNAJHLCZOJL2SAE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R36OYC5SJ6FLPVAYJYYT4MOJ2I7MGYFF https://openvpn.net/community-downloads • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. El paquete golang.org/x/crypto/ssh anterior a 0.0.0-20220314234659-1baeb1ce4c0b para Go permite a un atacante bloquear un servidor en ciertas circunstancias que implican AddHostKey A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. • https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/-cp44ypCT5s https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF https://lists.fedoraproject.org/archives/list/package-announce%40lis • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 1

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. Se ha encontrado un fallo de uso después de libre en el sistema de archivos FUSE del kernel de Linux en la forma en que un usuario activa write(). Este defecto permite a un usuario local obtener acceso no autorizado a los datos del sistema de archivos FUSE, lo que resulta en una escalada de privilegios Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. • https://github.com/xkaneiki/CVE-2022-1011 https://bugzilla.redhat.com/show_bug.cgi?id=2064855 https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://www.debian.org/security/2022/dsa-5173 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-1011 • CWE-416: Use After Free •