CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30204 – emacs: LaTeX preview is enabled by default for e-mail attachments
https://notcve.org/view.php?id=CVE-2024-30204
25 Mar 2024 — In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. En Emacs anterior a 29.3, la vista previa de LaTeX está habilitada de forma predeterminada para los archivos adjuntos de correo electrónico. A flaw was found in Emacs. When Emacs is used as an email client, a preview of a crafted LaTeX document attached to an email can exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results in a denial of service. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-276: Incorrect Default Permissions CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-30205 – emacs: Org mode considers contents of remote files to be trusted
https://notcve.org/view.php?id=CVE-2024-30205
25 Mar 2024 — In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. En Emacs anterior a 29.3, el modo Org considera que el contenido de los archivos remotos es confiable. Esto afecta al modo de organización anterior a la versión 9.6.23. A flaw was found in Emacs. • http://www.openwall.com/lists/oss-security/2024/03/25/2 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data CWE-494: Download of Code Without Integrity Check •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-30161
https://notcve.org/view.php?id=CVE-2024-30161
24 Mar 2024 — In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.) En Qt anterior a 6.5.6 y 6.6.x anterior a 6.6.3, el componente wasm puede acceder a los datos del encabezado QNetworkReply a través de un puntero colgante. • https://codereview.qt-project.org/c/qt/qtbase/+/544314 •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-29944 – Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2024-29944
22 Mar 2024 — An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1. Un atacante pudo inyectar un controlador de eventos en un objeto privilegiado que permitiría la ejecución arbitraria de JavaScript en el proceso principal. Nota: Esta vulnerabilidad afecta única... • http://www.openwall.com/lists/oss-security/2024/03/23/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.2EPSS: 0%CPEs: 24EXPL: 0CVE-2024-2494 – Libvirt: negative g_new0 length can lead to unbounded memory allocation
https://notcve.org/view.php?id=CVE-2024-2494
21 Mar 2024 — A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. Se encontró una falla en las API de la librería RPC de libvi... • https://access.redhat.com/errata/RHSA-2024:2560 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 0CVE-2024-28834 – Gnutls: vulnerable to minerva side-channel information leak
https://notcve.org/view.php?id=CVE-2024-28834
21 Mar 2024 — A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel. Se encontró una falla en GnuTLS. El ataque Minerva es una vulnerabilidad criptográfica que explota el comportamiento determinista en sistemas ... • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0CVE-2024-28835 – Gnutls: potential crash during chain building/verification
https://notcve.org/view.php?id=CVE-2024-28835
21 Mar 2024 — A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. Se ha descubierto una falla en GnuTLS donde se puede inducir una falla de la aplicación al intentar verificar un paquete .pem especialmente manipulado usando el comando "certtool --verify-chain". • http://www.openwall.com/lists/oss-security/2024/03/22/1 • CWE-248: Uncaught Exception •
CVSS: 7.7EPSS: 0%CPEs: 11EXPL: 0CVE-2024-0793 – Kube-controller-manager: malformed hpa v1 manifest causes crash
https://notcve.org/view.php?id=CVE-2024-0793
20 Mar 2024 — A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn. • https://access.redhat.com/errata/RHSA-2024:0741 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-46841 – x86: shadow stack vs exceptions from emulation stubs
https://notcve.org/view.php?id=CVE-2023-46841
20 Mar 2024 — Recent x86 CPUs offer functionality named Control-flow Enforcement Technology (CET). A sub-feature of this are Shadow Stacks (CET-SS). CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses are accompanied by so called "shadow stacks", holding little more than return addresses. Shadow stacks aren't writable by normal instructions, and upon function returns their contents are used to check for possi... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A •
CVSS: 4.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-46840 – VT-d: Failure to quarantine devices in !HVM builds
https://notcve.org/view.php?id=CVE-2023-46840
20 Mar 2024 — Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen. Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen. • https://xenbits.xenproject.org/xsa/advisory-450.html •