Page 22 of 315 results (0.008 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12164

https://notcve.org/view.php?id=CVE-2017-12164

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as another user' to unlock their screen. Se ha descubierto una vulnerabilidad en gdm 3.24.1, en donde gdm greeter no establecía el valor booleano ran_once durante el inicio automático de sesión. Si el inicio de sesión automático estaba habilitado para una víctima, un atacante podría simplemente seleccionar "login as another user" para desbloquear su pantalla. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12164 https://gitlab.gnome.org/GNOME/gdm/commit/ff98b28 • CWE-592: DEPRECATED: Authentication Bypass Issues CWE-665: Improper Initialization •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 3

CVE-2018-10900 – Network Manager VPNC 1.2.6 - 'Username' Local Privilege Escalation

https://notcve.org/view.php?id=CVE-2018-10900

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root. El plugin VPNC de Network Manager (también conocido como networkkmanager-vpnc) en versiones anteriores a la 1.2.6 es vulnerable a un ataque de escalado de privilegios. Un nuevo carácter de línea puede ser usado para inyectar un parámetro Password helper en los datos de configuración pasados a VPNC, permitiendo al atacante ejecutar comandos arbitrarios como root. Network Manager VPNC version 1.2.4 suffers from a privilege escalation vulnerability. • https://www.exploit-db.com/exploits/45313 https://bugzilla.novell.com/show_bug.cgi?id=1101147 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10900 https://download.gnome.org/sources/NetworkManager-vpnc/1.2/NetworkManager-vpnc-1.2.6.news https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4 https://lists.debian.org/debian-lts-announce/2018/07/msg00048.html https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc https://security.gentoo.org/glsa/201808-03 https: • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2016-10727

https://notcve.org/view.php?id=CVE-2016-10727

camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. The server code was intended to report an error and not proceed, but the code was written incorrectly. camel/providers/imapx/camel-imapx-server.c en el componente IMAPx en GNOME evolution-data-server en versiones anteriores a la 3.21.2 continúa con datos en texto claro que contienen una contraseña si el cliente desea emplear STARTTLS, pero el servidor no lo utiliza. Esto facilita que los atacantes remotos obtengan información sensible rastreando la red. El código del servidor debería reportar un error y no continuar, pero el código se escribió erróneamente. • https://bugzilla.redhat.com/show_bug.cgi?id=1334842 https://github.com/GNOME/evolution-data-server/releases/tag/EVOLUTION_DATA_SERVER_3_21_2 https://gitlab.gnome.org/GNOME/evolution-data-server/blob/master/NEWS#L1022 https://gitlab.gnome.org/GNOME/evolution-data-server/commit/f26a6f67 https://usn.ubuntu.com/3724-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2018-12910 – libsoup: Crash in soup_cookie_jar.c:get_cookies() on empty hostnames

https://notcve.org/view.php?id=CVE-2018-12910

The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. La función get_cookies en soup-cookie-jar.c en libsoup 2.63.2 permite que los atacantes provoquen un impacto no especificado mediante un nombre de host vacío. An out-of-bounds read has been discovered in libsoup when getting cookies from a URI with empty hostname. An attacker may use this flaw to cause a crash in the application. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00003.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3140 https://access.redhat.com/errata/RHSA-2018:3505 https://gitlab.gnome.org/GNOME/gnome-sdk-images/commit/4215b8a21b3b3055e947312a8920df94f93ba047 https://gitlab.gnome.org/GNOME/libsoup/commit/db2b0d5809d5f8226d47312b40992cadbcde439f https://gitlab.gnome.org/GNOME/libsoup/issues/3 https://lists.debian.org/debian-lts-announce/2018/07/msg00007. • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-12422

https://notcve.org/view.php?id=CVE-2018-12422

addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the required string length first, and then allocated a large-enough buffer on the heap. ** EN DISPUTA ** addressbook/backends/ldap/e-book-backend-ldap.c en Evolution-Data-Server en GNOME Evolution hasta la versión 3.29.2 podría permitir que atacantes desencadenen un desbordamiento de búfer mediante una consulta larga procesada por la función strcat. NOTA: el mantenedor de software discute este CVE debido a que "el código había calculado primero la longitud de la cadena requerida y después asignó un búfer lo suficientemente grande en la memoria dinámica (heap)". • https://bugzilla.gnome.org/show_bug.cgi?id=796174 https://gitlab.gnome.org/GNOME/evolution-data-server/commit/34bad6173 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •