CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-33871 – ghostscript: OPVP device arbitrary code execution via custom Driver library
https://notcve.org/view.php?id=CVE-2024-33871
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. Se descubrió un problema en Artifex Ghostscript antes de la versión 10.03.1. contrib/opvp/gdevopvp.c permite la ejecución de código arbitrario a través de una librería d... • https://bugs.ghostscript.com/show_bug.cgi?id=707754 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0CVE-2024-25743 – hw: amd: Instruction raise #VC exception at exit
https://notcve.org/view.php?id=CVE-2024-25743
15 May 2024 — In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. En el kernel de Linux hasta 6.7.2, un hipervisor que no es de confianza puede inyectar interrupciones virtuales 0 y 14 en cualquier momento y puede activar el controlador de señales SIGFPE en aplicaciones de espacio de usuario. Esto afecta a AMD SEV-SNP y AMD SEV-ES. A vulnerability w... • https://bugzilla.redhat.com/show_bug.cgi?id=2270836 •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4777 – Mozilla: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11
https://notcve.org/view.php?id=CVE-2024-4777
14 May 2024 — Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Errores de seguridad de la memoria presentes en Firefox 125, Firefox ESR 115.10 y Thunderbird 115.10. Algunos de estos errores mostraron evidencia de corrupción de memoria y sup... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4770 – Mozilla: Use-after-free could occur when printing to PDF
https://notcve.org/view.php?id=CVE-2024-4770
14 May 2024 — When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Al guardar una página en PDF, ciertos estilos de fuente podrían haber provocado un posible bloqueo del use-after-free. Esta vulnerabilidad afecta a Firefox < 126, Firefox ESR < 115.11 y Thunderbird < 115.11. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1893270 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4769 – Mozilla: Cross-origin responses could be distinguished between script and non-script content-types
https://notcve.org/view.php?id=CVE-2024-4769
14 May 2024 — When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Al importar recursos utilizando Web Workers, los mensajes de error distinguirían la diferencia entre respuestas `aplicación/javascript` y respuestas sin script. Se podría haber abusado de esto para ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1886108 • CWE-351: Insufficient Type Distinction CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4768 – Mozilla: Potential permissions request bypass via clickjacking
https://notcve.org/view.php?id=CVE-2024-4768
14 May 2024 — A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Un error en la interacción de las notificaciones emergentes con WebAuthn facilitó que un atacante engañara a un usuario para que concediera permisos. Esta vulnerabilidad afecta a Firefox < 126, Firefox ESR < 115.11 y Thunderbird < 115.11. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1886082 • CWE-281: Improper Preservation of Permissions CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4767 – Mozilla: IndexedDB files retained in private browsing mode
https://notcve.org/view.php?id=CVE-2024-4767
14 May 2024 — If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Si la preferencia `browser.privatebrowsing.autostart` está habilitada, los archivos IndexedDB no se eliminaron correctamente cuando se cerró la ventana. Esta preferencia está deshabilitada de forma predeterminada en Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1878577 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2024-26306 – iperf3: vulnerable to marvin attack if the authentication option is used
https://notcve.org/view.php?id=CVE-2024-26306
13 May 2024 — iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. iPerf3 anterior a 3.17, cuando se usa con OpenSSL anterior a 3.2.0 como servidor con autenticación RSA, permite un canal late... • https://downloads.es.net/pub/iperf/esnet-secadv-2024-0001.txt.asc • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-34459 – Ubuntu Security Notice USN-7240-1
https://notcve.org/view.php?id=CVE-2024-34459
13 May 2024 — An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. Se descubrió un problema en xmllint (de libxml2) anterior a 2.11.8 y 2.12.x anterior a 2.12.7. Formatear mensajes de error con xmllint --htmlout puede provocar una lectura excesiva del búfer en xmlHTMLPrintFileContext en xmllint.c. It was discovered that libxml2 incorrectly handled certain memory o... • https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.7EPSS: 0%CPEs: 10EXPL: 0CVE-2024-33875
https://notcve.org/view.php?id=CVE-2024-33875
09 May 2024 — HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer. La librería HDF5 hasta la versión 1.14.3 tiene un desbordamiento de búfer de almacenamiento dinámico en H5O__layout_encode en H5Olayout.c, lo que provoca la corrupción del puntero de instrucción. • https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •