CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-27351 – python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()
https://notcve.org/view.php?id=CVE-2024-27351
05 Mar 2024 — In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665. En Django 3.2 anterior a 3.2.25, 4.2 anterior a 4.2.11 y 5.0 anterior a 5.0.3, el método django.utils.text.Truncator.words() (con html=True) y el filt... • http://www.openwall.com/lists/oss-security/2024/03/04/1 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22188
https://notcve.org/view.php?id=CVE-2024-22188
05 Mar 2024 — TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, and 13.0.1. TYPO3 anterior a 13.0.1 permite a un usuario administrador autenticado (con privilegios de mantenimiento del sistema) ejecutar comandos de shell arbitrarios (con los priv... • https://github.com/TYPO3/typo3/security/advisories/GHSA-5w2h-59j3-8x5w • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-1622 – Routinator terminates when RTR connection is reset too quickly after opening
https://notcve.org/view.php?id=CVE-2024-1622
26 Feb 2024 — Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the peer too quickly after opening. Debido a un error en la verificación de errores, Routinator finalizará cuando el interlocutor restablezca una conexión RTR entrante demasiado rápido después de abrirla. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HPRUIPAI2BBDGFVLN733JLIUJWLEBLF • CWE-253: Incorrect Check of Function Return Value •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25941 – jail(2) information leak
https://notcve.org/view.php?id=CVE-2024-25941
14 Feb 2024 — The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "pstat -t" may be leaked. La llamada al sistema jail(2) no ha limitado la visibilidad de los TTY asignados (el sysctl kern.ttys). • https://security.freebsd.org/advisories/FreeBSD-SA-24:02.tty.asc •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25940 – bhyveload(8) host file access
https://notcve.org/view.php?id=CVE-2024-25940
14 Feb 2024 — `bhyveload -h
CVSS: 7.8EPSS: 48%CPEs: 39EXPL: 1CVE-2023-50868 – bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources
https://notcve.org/view.php?id=CVE-2023-50868
13 Feb 2024 — The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations. El aspecto Closest Encloser Proof del protocolo DNS (en RFC 5155 cuando se omite la guía RFC 9276) permite a a... • https://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-21885 – Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent
https://notcve.org/view.php?id=CVE-2024-21885
17 Jan 2024 — A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. Se encontró una falla en el servidor X.Org. En la función XISendDeviceHierarchyEvent, es posible exceder la longitud de la matriz asignada cuando se agregan cier... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2024-21886 – Xorg-x11-server: heap buffer overflow in disabledevice
https://notcve.org/view.php?id=CVE-2024-21886
17 Jan 2024 — A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. Se encontró una falla de desbordamiento de búfer de almacenamiento dinámico en la función DisableDevice en el servidor X.Org. Este problema puede provocar un bloqueo de la aplicación o, en algunas circunstancias, la ejecución remota de código en entornos de reenvío SSH X11. This vulnerability ... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-0229 – Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
https://notcve.org/view.php?id=CVE-2024-0229
17 Jan 2024 — An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. Se encontró una falla de acceso a la memoria fuera de los límites en el servidor X.Org. Este problema puede desencadenarse cuando un dispositivo congelado po... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.3EPSS: 1%CPEs: 4EXPL: 1CVE-2023-51765 – SUSE Security Advisory - SUSE-SU-2024:0743-1
https://notcve.org/view.php?id=CVE-2023-51765
24 Dec 2023 — sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features. sendmail hasta al menos 8.14.7 permite el contrabando SMTP en ciertas configuraciones. • http://www.openwall.com/lists/oss-security/2023/12/24/1 • CWE-345: Insufficient Verification of Data Authenticity •