CVSS: 8.0EPSS: 0%CPEs: 36EXPL: 0CVE-2024-31081 – Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice
https://notcve.org/view.php?id=CVE-2024-31081
04 Apr 2024 — A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a c... • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-126: Buffer Over-read •
CVSS: 8.0EPSS: 0%CPEs: 37EXPL: 0CVE-2024-31080 – Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
https://notcve.org/view.php?id=CVE-2024-31080
04 Apr 2024 — A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a c... • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-126: Buffer Over-read •
CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2024-28219 – python-pillow: buffer overflow in _imagingcms.c
https://notcve.org/view.php?id=CVE-2024-28219
03 Apr 2024 — In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del búfer porque se usa strcpy en lugar de strncpy. A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service. • https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 16EXPL: 0CVE-2024-0075
https://notcve.org/view.php?id=CVE-2024-0075
27 Mar 2024 — NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where a user may cause a NULL-pointer dereference by accessing passed parameters the validity of which has not been checked. A successful exploit of this vulnerability may lead to denial of service and limited information disclosure. NVIDIA GPU Display Driver para Windows y Linux contiene una vulnerabilidad en la que un usuario puede provocar una desreferencia de puntero NULL al acceder a parámetros pasados cuya validez no se ha verifi... • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 0CVE-2024-0074
https://notcve.org/view.php?id=CVE-2024-0074
27 Mar 2024 — NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. NVIDIA GPU Display Driver para Linux contiene una vulnerabilidad en la que un atacante puede acceder a una ubicación de memoria después del final del búfer. Una explotación exitosa de esta vulnerabilidad puede provocar denegación de servicio y manipulación de datos. • https://nvidia.custhelp.com/app/answers/detail/a_id/5520 • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 6.2EPSS: 0%CPEs: 19EXPL: 2CVE-2024-28085 – util-linux wall Escape Sequence Injection
https://notcve.org/view.php?id=CVE-2024-28085
27 Mar 2024 — wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. wall en util-linux hasta 2.40, a menudo instalado con permisos setgid tty, permite enviar secuencias de escape a terminales de otros usuarios a través de argv. (Espe... • https://github.com/skyler-ferrante/CVE-2024-28085 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-29025 – Netty HttpPostRequestDecoder can OOM
https://notcve.org/view.php?id=CVE-2024-29025
25 Mar 2024 — Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the `bodyListHttpData` list. The decoder cumulates bytes in the `undecoded... • https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2024-30203 – emacs: Gnus treats inline MIME contents as trusted
https://notcve.org/view.php?id=CVE-2024-30203
25 Mar 2024 — In Emacs before 29.3, Gnus treats inline MIME contents as trusted. En Emacs anterior a 29.3, Gnus trata el contenido MIME en línea como confiable. A flaw was found in Emacs. When Emacs is used as an email client, inline MIME attachments are considered to be trusted by default, allowing a crafted LaTeX document to exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30204 – emacs: LaTeX preview is enabled by default for e-mail attachments
https://notcve.org/view.php?id=CVE-2024-30204
25 Mar 2024 — In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. En Emacs anterior a 29.3, la vista previa de LaTeX está habilitada de forma predeterminada para los archivos adjuntos de correo electrónico. A flaw was found in Emacs. When Emacs is used as an email client, a preview of a crafted LaTeX document attached to an email can exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-276: Incorrect Default Permissions CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-30205 – emacs: Org mode considers contents of remote files to be trusted
https://notcve.org/view.php?id=CVE-2024-30205
25 Mar 2024 — In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. En Emacs anterior a 29.3, el modo Org considera que el contenido de los archivos remotos es confiable. Esto afecta al modo de organización anterior a la versión 9.6.23. A flaw was found in Emacs. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data CWE-494: Download of Code Without Integrity Check •