CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 2CVE-2020-24379 – Yaws 2.0.7 XML Injection / Command Injection
https://notcve.org/view.php?id=CVE-2020-24379
WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. Una implementación de WebDAV en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de tipo XXE. Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities. • https://github.com/erlyaws/yaws/commits/master https://github.com/vulnbe/poc-yaws-dav-xxe https://lists.debian.org/debian-lts-announce/2020/09/msg00022.html https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html https://usn.ubuntu.com/4569-1 https://vuln.be/post/yaws-xxe-and-shell-injections https://www.debian.org/security/2020/dsa-4773 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 57%CPEs: 4EXPL: 3CVE-2020-24916 – Yaws 2.0.7 XML Injection / Command Injection
https://notcve.org/view.php?id=CVE-2020-24916
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. la implementación de CGI en el servidor web Yaws. (CVE-2020-24916) Una implementación de CGI en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de comandos del Sistema Operativo. Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities. • https://github.com/erlyaws/yaws/commits/master https://github.com/vulnbe/poc-yaws-cgi-shell-injection https://lists.debian.org/debian-lts-announce/2020/09/msg00022.html https://packetstormsecurity.com/files/159106/Yaws-2.0.7-XML-Injection-Command-Injection.html https://usn.ubuntu.com/4569-1 https://vuln.be/post/yaws-xxe-and-shell-injections https://www.debian.org/security/2020/dsa-4773 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14345 – X.Org Server XkbSetNames Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14345
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en X.Org Server versiones anteriores a xorg-x11-server 1.20.9. Un acceso fuera de límites en la función XkbSetNames puede conllevar a una vulnerabilidad de escalada de privilegios. • http://www.openwall.com/lists/oss-security/2021/01/15/1 https://bugzilla.redhat.com/show_bug.cgi?id=1862241 https://lists.x.org/archives/xorg-announce/2020-August/003058.html https://security.gentoo.org/glsa/202012-01 https://usn.ubuntu.com/4488-2 https://usn.ubuntu.com/4490-1 https://www.zerodayinitiative.com/advisories/ZDI-20-1416 https://access.redhat.com/security/cve/CVE-2020-14345 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2020-7729 – Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2020-7729
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML. El paquete grunt versiones anteriores a 1.3.0, es vulnerable a una ejecución de código arbitraria debido al uso predeterminado de la función load() en lugar de su reemplazo seguro safeLoad() del paquete js-yaml dentro de grunt.file.readYAML • https://github.com/gruntjs/grunt/blob/master/lib/grunt/file.js%23L249 https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7 https://lists.debian.org/debian-lts-announce/2020/09/msg00008.html https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-607922 https://snyk.io/vuln/SNYK-JS-GRUNT-597546 https://usn.ubuntu.com/4595-1 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2020-24654
https://notcve.org/view.php?id=CVE-2020-24654
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. En KDE Ark versiones anteriores a 20.08.1, un archivo TAR diseñado con enlaces simbólicos puede instalar archivos fuera del directorio de extracción, como es demostrado mediante una operación de escritura en el directorio de inicio del usuario • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00001.html https://bugzilla.suse.com/show_bug.cgi?id=1175857 https://github.com/KDE/ark/commit/8bf8c5ef07b0ac5e914d752681e470dea403a5bd https://kde.org/info/security/advisory-20200827-1.txt https://lists.debian.org/debian-lts-announce/2022/05/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXMMXNJDYOCJRZTESIUGHG6CS4RJKECX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro • CWE-59: Improper Link Resolution Before File Access ('Link Following') •