CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-5642 – Buffer overread when using an empty list with SSLContext.set_npn_protocols()
https://notcve.org/view.php?id=CVE-2024-5642
27 Jun 2024 — CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured). CPython 3.9 y versiones anteriores no permiten la configuración de una lista ... • http://www.openwall.com/lists/oss-security/2024/06/28/4 •
CVSS: 7.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22232 – Specially crafted url can be created which leads to a directory traversal in the salt file server
https://notcve.org/view.php?id=CVE-2024-22232
27 Jun 2024 — A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem. Se puede crear una URL especialmente manipulada que conduzca a directory traversal en el servidor de archivos salt. Un usuario malintencionado puede leer un archivo arbitrario del sistema de archivos de un maestro Salt. A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious u... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22231 – Syndic cache directory creation is vulnerable to a directory traversal attack
https://notcve.org/view.php?id=CVE-2024-22231
27 Jun 2024 — Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master. La creación de un directorio de caché síndico es vulnerable a un ataque de directory transversal en un proyecto Salt que puede llevar a un atacante malintencionado a crear un directorio arbitrario en un maestro Salt. Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a mal... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-39134
https://notcve.org/view.php?id=CVE-2024-39134
27 Jun 2024 — A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c. Una vulnerabilidad de desbordamiento de búfer de pila en zziplibv 0.13.77 permite a atacantes provocar una denegación de servicio a través de la función __zzip_fetch_disk_trailer() en /zzip/zip.c. • https://github.com/gdraheim/zziplib/issues/165 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2024-39705
https://notcve.org/view.php?id=CVE-2024-39705
27 Jun 2024 — NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt. NLTK hasta 3.8.1 permite la ejecución remota de código si los paquetes que no son de confianza tienen código Python encurtido y se utiliza la funcionalidad de descarga de paquetes de datos integrada. Esto afecta, por ejemplo, a Averaged_perceptron_tagger y punkt. • https://github.com/nltk/nltk/issues/2522 • CWE-300: Channel Accessible by Non-Endpoint CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-39331 – emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
https://notcve.org/view.php?id=CVE-2024-39331
23 Jun 2024 — In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5. En Emacs anterior a 29.4, org-link-expand-abbrev en lisp/ol.el expande una abreviatura de enlace %(...) incluso cuando especifica una función no segura, como shell-command-to-string. Esto afecta al modo de organización anterior a 9.7.5. A flaw was found in Emacs. • https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 10.0EPSS: 33%CPEs: 2EXPL: 3CVE-2024-28397 – Pyload Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-28397
20 Jun 2024 — An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. Un problema en el componente js2py.disable_pyimport() de js2py hasta v0.74 permite a atacantes ejecutar código arbitrario a través de una llamada API manipulada. CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to o... • https://packetstorm.news/files/id/182692 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-5953 – 389-ds-base: malformed userpassword hash may cause denial of service
https://notcve.org/view.php?id=CVE-2024-5953
18 Jun 2024 — A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. Se encontró una vulnerabilidad de denegación de servicio en el servidor LDAP 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una denegación de servicio del servidor al intentar iniciar sesión con un usuario con un hash mal formado en su contraseña... • https://access.redhat.com/errata/RHSA-2024:4633 • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 9.4EPSS: 0%CPEs: 23EXPL: 0CVE-2024-38428 – wget: Misinterpretation of input may lead to improper behavior
https://notcve.org/view.php?id=CVE-2024-38428
16 Jun 2024 — url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. url.c en GNU Wget hasta 1.24.5 maneja mal los puntos y comas en el subcomponente de información de usuario de un URI y, por lo tanto, puede haber un comportamiento inseguro en el que los datos que se suponía que estaban en el subcomponente de información d... • https://git.savannah.gnu.org/cgit/wget.git/commit/?id=ed0c7c7e0e8f7298352646b2fd6e06a11e242ace • CWE-115: Misinterpretation of Input CWE-436: Interpretation Conflict •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38448
https://notcve.org/view.php?id=CVE-2024-38448
16 Jun 2024 — htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may be used. htags en GNU Global hasta 6.6.12 permite la ejecución de código en situaciones en las que dbpath (también conocido como -d) no es de confianza, porque se pueden usar metacaracteres de shell. • https://cvs.savannah.gnu.org/viewvc/global/global/htags/htags.c?revision=1.236&view=markup • CWE-94: Improper Control of Generation of Code ('Code Injection') •