CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-37535 – Ubuntu Security Notice USN-6833-1
https://notcve.org/view.php?id=CVE-2024-37535
09 Jun 2024 — GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. GNOME VTE anterior a 0.76.3 permite a un atacante provocar una denegación de servicio (consumo de memoria) mediante una secuencia de escape de cambio de tamaño de ventana, un problema relacionado con CVE-2000-0476. Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this... • http://www.openwall.com/lists/oss-security/2024/06/09/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5206 – Sensitive Data Leakage in sklearn.feature_extraction.text.TfidfVectorizer in scikit-learn/scikit-learn
https://notcve.org/view.php?id=CVE-2024-5206
06 Jun 2024 — A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the `stop_words_` attribute, rather than only storing the subset of tokens required for the TF-IDF technique to function. This behavior leads to the potential leakage of sensitive information, as the `stop_words_` attribute coul... • https://github.com/scikit-learn/scikit-learn/commit/70ca21f106b603b611da73012c9ade7cd8e438b8 • CWE-921: Storage of Sensitive Data in a Mechanism without Access Control •
CVSS: 8.1EPSS: 3%CPEs: 25EXPL: 0CVE-2024-5564 – Libndp: buffer overflow in route information length field
https://notcve.org/view.php?id=CVE-2024-5564
31 May 2024 — A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. Se encontró una vulnerabilidad en libndp. Esta falla permite que un usuario malintencionado local provoque un desbordamiento del búfer en NetworkManager, provocado al enviar un paquete de publicidad de enrutador IPv6 con formato inco... • https://access.redhat.com/errata/RHSA-2024:4618 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.0EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1298 – Integer Overflow caused by divide by zero during S3 suspension
https://notcve.org/view.php?id=CVE-2024-1298
30 May 2024 — EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability. EDK2 contiene una vulnerabilidad cuando se activa la suspensión de S3 donde un atacante puede causar una división por cero debido a un desbordamiento de UNIT32 a través del acceso local. Una explotación exitosa de esta vulnerabilidad puede provocar una pérdida de disponibilidad. A divi... • https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53 • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2024-36472 – gnome-shell: code execution in portal helper
https://notcve.org/view.php?id=CVE-2024-36472
28 May 2024 — In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior. En GNOME Shell hasta la versión 45.7, se puede iniciar automáticamente un asistente de portal (sin confirmación del usuario) en función de las resp... • https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7688 • CWE-83: Improper Neutralization of Script in Attributes in a Web Page CWE-346: Origin Validation Error •
CVSS: 7.8EPSS: 2%CPEs: 24EXPL: 0CVE-2024-3657 – 389-ds-base: potential denial of service via specially crafted kerberos as-req request
https://notcve.org/view.php?id=CVE-2024-3657
28 May 2024 — A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service Se encontró una falla en 389-ds-base. Una consulta LDAP especialmente manipulada puede causar potencialmente una falla en el servidor de directorio, lo que lleva a una denegación de servicio. An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 for RHEL 8. Issues addressed include a denial of service vulnerability. • https://access.redhat.com/errata/RHSA-2024:3591 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-2199 – 389-ds-base: malformed userpassword may cause crash at do_modify in slapd/modify.c
https://notcve.org/view.php?id=CVE-2024-2199
28 May 2024 — A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. Se encontró una vulnerabilidad de denegación de servicio en el servidor ldap 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una falla del servidor al modificar "userPassword" utilizando una entrada con formato incorrecto. An update for the redhat-ds:11 module is now available for Red Hat... • https://access.redhat.com/errata/RHSA-2024:3591 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2024-36039 – python-pymysql: SQL injection if used with untrusted JSON input
https://notcve.org/view.php?id=CVE-2024-36039
21 May 2024 — PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict. PyMySQL hasta 1.1.0 permite la inyección de SQL si se usa con entradas JSON que no son de confianza porque escape_dict no escapa las claves. A flaw was found in PyMySQL. When processing untrusted JSON input, keys are not escaped by the escape_dict function due to insufficient input sanitization, allowing an attacker to inject malicious SQL queries. It was discovered that PyMySQL incorrec... • https://github.com/PyMySQL/PyMySQL/releases/tag/v1.1.1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36048
https://notcve.org/view.php?id=CVE-2024-36048
18 May 2024 — QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values. QAbstractOAuth en Qt Network Authorization en Qt antes de 5.15.17, 6.x antes de 6.2.13, 6.3.x hasta 6.5.x antes de 6.5.6 y 6.6.x hasta 6.7.x antes de 6.7.1 usa solo el tiempo de inicialización PRNG, lo que puede dar como resultado valores adivinables. • https://codereview.qt-project.org/c/qt/qtnetworkauth/+/560317 • CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
17 May 2024 — GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of EXIF metadata. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before... • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 • CWE-190: Integer Overflow or Wraparound •