Page 24 of 348 results (0.011 seconds)

CVSS: 7.8EPSS: 96%CPEs: 39EXPL: 56

CVE-2021-3156 – Sudo Heap-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2021-3156

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de "sudoedit -s" y un argumento de línea de comandos que termina con un solo carácter de barra invertida A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command (by default, any local user can execute sudo) without authentication. Successful exploitation of this flaw could lead to privilege escalation. • https://www.exploit-db.com/exploits/49521 https://www.exploit-db.com/exploits/49522 https://github.com/blasty/CVE-2021-3156 https://github.com/worawit/CVE-2021-3156 https://github.com/stong/CVE-2021-3156 https://github.com/reverse-ex/CVE-2021-3156 https://github.com/CptGibbon/CVE-2021-3156 https://github.com/Rvn0xsy/CVE-2021-3156-plus https://github.com/mr-r3b00t/CVE-2021-3156 https://github.com/0xdevil/CVE-2021-3156 https://github.com/unauth401/CVE-20 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error •

CVSS: 2.5EPSS: 0%CPEs: 8EXPL: 1

CVE-2021-23239 – sudo: possible directory existence test due to race condition in sudoedit

https://notcve.org/view.php?id=CVE-2021-23239

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. La personalidad sudoedit de Sudo versiones anteriores a 1.9.5, puede permitir a un usuario local poco privilegiado llevar a cabo pruebas arbitrarias de existencia de directorio al ganar una condición de carrera en el archivo sudo_edit.c al reemplazar un directorio controlado por el usuario por un enlace simbólico a una ruta arbitraria A flaw was found in sudoedit. A race condition vulnerability and improper symbolic link resolution could be used by a local unprivileged user to test for the existence of directories and files not normally accessible to the user. This flaw cannot be used to read the content or write to arbitrary files on the file system. The highest threat from this vulnerability is to data confidentiality. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23239 https://lists.debian.org/debian-lts-announce/2022/11/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3 https://security.gentoo.org/glsa/202101-33 https://security.netapp.com/advisory/ntap-20210129-0010 https://www.sudo.ws/stable.html#1.9.5 h • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-203: Observable Discrepancy •

CVSS: 8.8EPSS: 0%CPEs: 68EXPL: 2

CVE-2020-36179 – jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

https://notcve.org/view.php?id=CVE-2020-36179

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.8, maneja inapropiadamente la interacción entre los gadgets de serialización y la escritura, relacionada con oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/Al1ex/CVE-2020-36179 https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://github.com/FasterXML/jackson-databind/issues/3004 https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html https://security.netapp.com/advisory/ntap-20210205-0005 https://www.oracle.com//security-alerts/cpujul2021.html https: • CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 0%CPEs: 75EXPL: 1

CVE-2020-36180 – jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

https://notcve.org/view.php?id=CVE-2020-36180

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.8, maneja inapropiadamente la interacción entre los gadgets de serialización y la escritura, relacionada con org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://github.com/FasterXML/jackson-databind/issues/3004 https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html https://security.netapp.com/advisory/ntap-20210205-0005 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022&# • CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 0%CPEs: 75EXPL: 1

CVE-2020-36182 – jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

https://notcve.org/view.php?id=CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.8, maneja inapropiadamente la interacción entre los gadgets de serialización y la escritura, relacionada con org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://github.com/FasterXML/jackson-databind/issues/3004 https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html https://security.netapp.com/advisory/ntap-20210205-0005 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022&# • CWE-502: Deserialization of Untrusted Data •