CVSS: 8.8EPSS: 0%CPEs: 32EXPL: 0CVE-2019-13734 – sqlite: fts3: improve shadow table corruption detection
https://notcve.org/view.php?id=CVE-2019-13734
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de limites en SQLite en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML especialmente diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://access.redhat.com/errata/RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2020:0227 https://access.redhat.com/errata/RHSA-2020:0229 https://access.redhat.com/errata/RHSA-2020:0273 https://access.redhat.com/errata/RHSA-2020:0451 https://access.redhat.com/errata/RHSA-2020:0463 https://access.redhat.com/errata/RHSA-2020:0 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2515
https://notcve.org/view.php?id=CVE-2011-2515
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. PackageKit versión 0.6.17, permite la instalación de paquetes RPM sin firmar como si estuvieran firmados, lo que puede permitir la instalación de paquetes no seguros y la ejecución de código arbitrario. • https://access.redhat.com/security/cve/cve-2011-2515 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2515 https://security-tracker.debian.org/tracker/CVE-2011-2515 https://www.securityfocus.com/bid/48557/info • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 324EXPL: 0CVE-2019-11135 – hw: TSX Transaction Asynchronous Abort (TAA)
https://notcve.org/view.php?id=CVE-2019-11135
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Una condición de tipo TSX Asynchronous Abort en algunas CPU que utilizan ejecución especulativa puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un canal lateral con acceso local. A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing. Intel's Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/12/10/3 http://www.openwall.com/lists/oss-security/2019/12/10/4 http://www.openwall.com/lists/oss-security/2019/12 • CWE-203: Observable Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-14824 – 389-ds-base: Read permission check bypass via the deref plugin
https://notcve.org/view.php?id=CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes. Se detectó un fallo en el plugin "deref" de 389-ds-base, donde podría usar el permiso "search" para mostrar los valores de los atributos. En algunas configuraciones, esto podría permitir a un atacante autenticado visualizar atributos privados, tales como hashes de contraseñas. • https://access.redhat.com/errata/RHSA-2019:3981 https://access.redhat.com/errata/RHSA-2020:0464 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14824 https://lists.debian.org/debian-lts-announce/2019/11/msg00036.html https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html https://access.redhat.com/security/cve/CVE-2019-14824 https://bugzilla.redhat.com/show_bug.cgi?id=1747448 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-0205 – thrift: Endless loop when feed with specific input data
https://notcve.org/view.php?id=CVE-2019-0205
In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings. En Apache Thrift, todas las versiones hasta 0.12.0 incluyéndola, un servidor o cliente pueden correr en un bucle sin fin cuando es alimentado con datos de entrada específicos. Debido a que el problema ya se había solucionado parcialmente en la versión 0.11.0, dependiendo de la versión instalada, solo afecta a determinados enlaces de idiomas. • http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E https://access.redhat.com/errata/RHSA-2020:0804 https://access.redhat.com/errata/RHSA-2020:0805 https://access.redhat.com/errata/RHSA-2020:0806 https://access.redhat.com/errata/RHSA-2020:0811 https://lists.apache.org/thread.html/003ac686189e6ce7b99267784d04bf60059a8c323eeda5a79a0309b8%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/07bd68ad237a5d • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •