CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0CVE-2024-44244 – webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2024-44244
28 Oct 2024 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. Processing maliciously crafted web content may lead to an unexpected process crash. A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. • https://support.apple.com/en-us/121563 • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •
CVSS: 6.9EPSS: 0%CPEs: 29EXPL: 0CVE-2024-50602 – libexpat: expat: DoS via XML_ResumeParser
https://notcve.org/view.php?id=CVE-2024-50602
27 Oct 2024 — An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. This update for mozjs115 fixes the following issues. • https://github.com/libexpat/libexpat/pull/915 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-9050 – Networkmanager-libreswan: local privilege escalation via leftupdown
https://notcve.org/view.php?id=CVE-2024-9050
22 Oct 2024 — A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to speci... • https://access.redhat.com/errata/RHSA-2024:8312 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-9774 – Python-sql: python-sql unary operators does not escape non-expression
https://notcve.org/view.php?id=CVE-2024-9774
22 Oct 2024 — A vulnerability was found in python-sql where unary operators do not escape non-Expression. Se encontró una vulnerabilidad en python-sql donde los operadores unarios no escapan a expresiones no expresadas. An update that fixes one vulnerability is now available. This update for python-python-sql fixes the following issues. Fixed that unary operators does not escape non-Expression. • https://discuss.tryton.org/t/security-release-for-issue-93/7889/3 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 6.8EPSS: 2%CPEs: 38EXPL: 0CVE-2024-9676 – Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)
https://notcve.org/view.php?id=CVE-2024-9676
15 Oct 2024 — A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to r... • https://access.redhat.com/errata/RHSA-2024:10289 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.4EPSS: 0%CPEs: 11EXPL: 0CVE-2024-48949 – elliptic: Missing Validation in Elliptic's EDDSA Signature Verification
https://notcve.org/view.php?id=CVE-2024-48949
10 Oct 2024 — The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation. A flaw was found in the Elliptic package. This vulnerability allows attackers to bypass EDDSA signature validation via improper handling of signature values where the S() component of the signature is not properly checked for being non-negative or smaller than the curve order. This update for pgadmin4 fixes the following issues. Fixed socke... • https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-48957 – SUSE Security Advisory - SUSE-SU-2024:3675-1
https://notcve.org/view.php?id=CVE-2024-48957
10 Oct 2024 — execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. This update for libarchive fixes the following issues. Fixed out-of-bounds access in execute_filter_audio in archive_read_support_format_rar.c. • https://github.com/libarchive/libarchive/compare/v3.7.4...v3.7.5 • CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-9675 – Buildah: buildah allows arbitrary directory mount
https://notcve.org/view.php?id=CVE-2024-9675
09 Oct 2024 — A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. This update for podman fixes the following issues. Github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denia... • https://access.redhat.com/security/cve/CVE-2024-9675 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 11%CPEs: 36EXPL: 2CVE-2024-9680 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-9680
09 Oct 2024 — An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. • https://github.com/tdonaworth/Firefox-CVE-2024-9680 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-47191 – oath-toolkit: Local root exploit in a PAM module
https://notcve.org/view.php?id=CVE-2024-47191
04 Oct 2024 — pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink. A vulnerability was found in a PAM module, the oath-toolkit. The module gained a feature that allowed placing the OTP state file, called the usersfile, in the home directory of the to-be-authenticated user. The PAM module performed unsafe file operations in the users' home d... • https://gitlab.com/oath-toolkit/oath-toolkit/-/commit/3235a52f6b87cd1c5da6508f421ac261f5e33a70 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •