CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2020-15960 – chromium-browser: Out of bounds read in storage
https://notcve.org/view.php?id=CVE-2020-15960
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Un desbordamiento del búfer de la pila en storage en Google Chrome versiones anteriores a 85.0.4183.121, permitía a un atacante remoto llevar a cabo potencialmente un acceso a la memoria fuera de límites por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00087.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00095.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00096.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00049.html https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html https://crbug.com/1100136 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FN7HZI • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-8201 – nodejs: HTTP request smuggling due to CR-to-Hyphen conversion
https://notcve.org/view.php?id=CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. Node.js versiones anteriores a 12.18.4 y versiones anteriores a 14.11, pueden ser explotado para llevar a cabo ataques de desincronización HTTP y entregar cargas útiles maliciosas a usuarios desprevenidos. Las cargas útiles pueden ser diseñadas por un atacante para secuestrar sesiones de usuario, envenenar cookies, llevar a cabo secuestro del click y una multitud de otros ataques dependiendo de la arquitectura del sistema subyacente. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html https://hackerone.com/reports/922597 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6 https://nodejs.org/en/blog/vulnerability/september-2020-security-releases https://security.gentoo.org/glsa/202101-07 https://security.netapp.com/advisory/ntap-20201009-0004 https://access.redhat.com/security/cve/CVE-2020-8201 https://bugzilla.redhat.com/show_bug.cgi?id=18 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-8252 – libuv: buffer overflow in realpath
https://notcve.org/view.php?id=CVE-2020-8252
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes. La implementación de realpath en libuv versiones anteriores a versiones anteriores a 10.22.1, versiones anteriores a 12.18.4 y versiones anteriores a 14.9.0, usada dentro de Node.js determinó incorrectamente el tamaño del búfer, lo que puede resultar en un desbordamiento del búfer si la ruta resuelta tiene más de 256 bytes A flaw has been found in libuv. The realpath() implementation performs an incorrect calculation when allocating a buffer, leading to a potential buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html https://hackerone.com/reports/965914 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6 https://nodejs.org/en/blog/vulnerability/september-2020-security-releases https://security.gentoo.org/glsa/202009-15 https://security.netapp.com/advisory/ntap-20201009-0004 https://usn.ubuntu.com/4548- • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0432
https://notcve.org/view.php?id=CVE-2020-0432
In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807 En la función skb_to_mamac del archivo networking.c, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. Esto podría conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://source.android.com/security/bulletin/pixel/2020-09-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0431 – kernel: possible out of bounds write in kbd_keycode of keyboard.c
https://notcve.org/view.php?id=CVE-2020-0431
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459 En la función kbd_keycode del archivo keyboard.c, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00021.html https://source.android.com/security/bulletin/pixel/2020-09-01 https://access.redhat.com/security/cve/CVE-2020-0431 https://bugzilla.redhat.com/show_bug.cgi?id=1919889 • CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •