CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10995
https://notcve.org/view.php?id=CVE-2020-10995
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the resulting traffic between the recursive and other authoritative name servers. Both types of service can suffer degraded performance as an effect. This is triggered by random subdomains in the NSDNAME in NS records. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00052.html http://www.nxnsattack.com https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMP72NJGKBWR5WEBXAWX5KSLQUDFTG6S https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PS4ZN5XGENYNFKX7QIIOUCQQHXE37GJF https://www.debian.org/security/2020/dsa-4691 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-12244
https://notcve.org/view.php?id=CVE-2020-12244
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. Se detectó un problema en PowerDNS Recursor versiones 4.1.0 hasta 4.3.0, donde los registros en la sección de respuestas de una respuesta NXDOMAIN que carece de SOA no fueron comprobados apropiadamente en las función SyncRes::processAnswer, permitiendo a un atacante omitir la comprobación DNSSEC. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00052.html http://www.openwall.com/lists/oss-security/2020/05/19/3 https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMP72NJGKBWR5WEBXAWX5KSLQUDFTG6S https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PS4ZN5XGENYNFKX7QIIOUCQQHXE37GJF https://www.debian.org/security/2020/dsa-4691 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 6.3EPSS: 0%CPEs: 117EXPL: 0CVE-2020-1945 – ant: insecure temporary file vulnerability
https://notcve.org/view.php?id=CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. Apache Ant versiones 1.1 hasta 1.9.14 y versiones 1.10.0 hasta 1.10.7, utiliza el directorio temporal por defecto identificado por la propiedad del sistema Java java.io.tmpdir para varias tareas y puede, por tanto, filtrar información confidencial. Las tareas fixcrlf y replaceregexp también copian los archivos desde el directorio temporal de nuevo en el árbol de compilación, lo que permite a un atacante inyectar archivos fuente modificados en el proceso de compilación. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00053.html http://www.openwall.com/lists/oss-security/2020/09/30/6 http://www.openwall.com/lists/oss-security/2020/12/06/1 https://lists.apache.org/thread.html/r0d08a96ba9de8aa435f32944e8b2867c368a518d4ff57782e3637335%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r1863b9ce4c3e4b1e5b0c671ad05545ba3eb8399616aa746af5dfe1b1%40%3Cdev.crea • CWE-377: Insecure Temporary File CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-12108 – mailman: arbitrary content injection via the options login page
https://notcve.org/view.php?id=CVE-2020-12108
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. El archivo /options/mailman en GNU Mailman versiones anteriores a 2.1.31, permite una Inyección de Contenido Arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00063.html https://bugs.launchpad.net/mailman/+bug/1873722 https://code.launchpad.net/mailman https://lists.debian.org/debian-lts-announce/2020/05/msg00007.html https://lists.debian.org/debian-lts-announce/202 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-12672
https://notcve.org/view.php?id=CVE-2020-12672
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. GraphicsMagick versiones hasta 1.3.35, presenta un desbordamiento del búfer en la región heap de la memoria en la función ReadMNGImage en el archivo coders/png.c. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00012.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025 https://lists.debian.org/debian-lts-announce/2020/06/msg00004.html https://security.gentoo.org/glsa/202209-19 • CWE-787: Out-of-bounds Write •