CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2022-22844 – libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c
https://notcve.org/view.php?id=CVE-2022-22844
08 Jan 2022 — LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. LibTIFF versión 4.3.0, presenta una lectura fuera de límites en la función _TIFFmemcpy en el archivo tif_unix.c en determinadas situaciones que implican una etiqueta personalizada y 0x0200 como la segunda palabra del campo DE A buffer overflow vulnerability was found in libtiff. This flaw allows an attacker with network access to pass specially craf... • https://gitlab.com/libtiff/libtiff/-/issues/355 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-29050 – Debian Security Advisory 5036-1
https://notcve.org/view.php?id=CVE-2020-29050
07 Jan 2022 — SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). NOTE: this is unrelated to CMUSphinx. SphinxSearch en Sphinx Technologies Sphinx versiones hasta 3.1.1, permite un salto de directorio (en conjunto con CVE-2019-14511) porque el cliente mysql puede ser usado para operaciones CALL SNIPPETS y load_file en ... • https://blog.wirhabenstil.de/2019/08/19/sphinxsearch-0-0-0-09306-cve-2019-14511 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22815 – python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c
https://notcve.org/view.php?id=CVE-2022-22815
07 Jan 2022 — path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. La función path_getbbox en el archivo path.c en Pillow versiones anteriores a 9.0.0 inicializa incorrectamente ImagePath.Path A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to improperly initializing the ImagePath. This flaw allows an attacker to access unauthorized memory that causes memory access errors, incorrect results, or crashes. USN-5227-1 fixed vul... • https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331 • CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 1CVE-2022-22817 – python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions
https://notcve.org/view.php?id=CVE-2022-22817
07 Jan 2022 — PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used. PIL.ImageMath.eval en Pillow antes de la versión 9.0.0 permite la evaluación de expresiones arbitrarias, como las que utilizan el método exec de Python. También se puede utilizar una expresión lambda, A flaw was found in python-pillow. The vulnerability occurs due to Improper Neutralization, leading to command injection. • https://github.com/JawadPy/CVE-2022-22817-Exploit • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22816 – python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c
https://notcve.org/view.php?id=CVE-2022-22816
07 Jan 2022 — path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. La función path_getbbox en el archivo path.c en Pillow versiones anteriores a 9.0.0, presenta una lectura excesiva del buffer durante la inicialización de ImagePath.Path A flaw was found in python-pillow. The vulnerability occurs due to improper initialization of image paths, leading to a buffer over-read and improper initialization. This flaw allows an attacker to unauthorized memory access that ca... • https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 90%CPEs: 5EXPL: 2CVE-2021-42392 – h2: Remote Code Execution in Console
https://notcve.org/view.php?id=CVE-2021-42392
07 Jan 2022 — The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. El método org.h2.util.JdbcUtils.getConnection de la base de datos H2 toma como parámetros el nombre de la clase d... • https://github.com/cybersecurityworks553/CVE-2021-42392-Detect • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28715 – Ubuntu Security Notice USN-5337-1
https://notcve.org/view.php?id=CVE-2021-28715
06 Jan 2022 — Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop cons... • https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 1%CPEs: 5EXPL: 0CVE-2021-46144 – Debian Security Advisory 5037-1
https://notcve.org/view.php?id=CVE-2021-46144
06 Jan 2022 — Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences. Roundcube versiones anteriores a 1.4.13 y versiones 1.5.x anteriores a 1.5.2, permite una vulnerabilidad de tipo XSS por medio de un mensaje de correo electrónico HTML con secuencias de tokens de hojas de estilo en cascada (CSS) diseñadas. It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messa... • https://bugs.debian.org/1003027 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46141 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46141
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones inválidas en uriFreeUriMembers y uriMakeOwner. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46142 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46142
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones libres no válidas en uriNormalizeSyntax. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •