CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 1CVE-2019-10223
https://notcve.org/view.php?id=CVE-2019-10223
05 Nov 2019 — A security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default `kubectl` behavior and this new feature can cause the entire secret content to end up in metric labels thus inadvertently exposing the secret content in metrics. This feature has been reverted and relea... • http://www.openwall.com/lists/oss-security/2019/08/15/8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2019-14815 – kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS
https://notcve.org/view.php?id=CVE-2019-14815
17 Oct 2019 — A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. Se encontró una vulnerabilidad en Linux Kernel, donde se encontró un desbordamiento de pila en la función mwifiex_set_wmm_params () del controlador Marvell Wifi. A vulnerability found in the Linux kernel's WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attack... • https://access.redhat.com/errata/RHSA-2020:0174 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 32EXPL: 1CVE-2019-14823 – JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
https://notcve.org/view.php?id=CVE-2019-14823
14 Oct 2019 — A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle. Se detectó un fallo en la implementación de la política OCSP "Leaf and Chain" en las versiones de CryptoManager de JSS versiones posteriores a 4.4.6, 4.5.3, 4.6.0, donde confiaba implíci... • https://access.redhat.com/errata/RHSA-2019:3067 • CWE-295: Improper Certificate Validation CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 4.0EPSS: 0%CPEs: 12EXPL: 0CVE-2019-17055 – kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol
https://notcve.org/view.php?id=CVE-2019-17055
01 Oct 2019 — base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. La función base_sock_create en el archivo drivers/isdn/mISDN/socket.c en el módulo de red AF_ISDN en el kernel de Linux versiones hasta 5.3.2 no aplica CAP_NET_RAW, lo que significa que los usuarios no privilegiados pueden crear un socket en bruto, también se conoce como CID-b91ee4aa2a2... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html • CWE-250: Execution with Unnecessary Privileges CWE-862: Missing Authorization •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 1CVE-2019-16994 – kernel: Memory leak in sit_init_net() in net/ipv6/sit.c
https://notcve.org/view.php?id=CVE-2019-16994
30 Sep 2019 — In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. En el kernel de Linux versiones anteriores a 5.0, se presenta una pérdida de memoria en la función sit_init_net() en el archivo net/ipv6/sit.c cuando la función register_netdev() no puede registrar sitn-)fb_tunnel_dev, lo que puede causar una denegación de servicio, también se conoce como CID-07f12b26e2... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 3CVE-2019-14814 – kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS
https://notcve.org/view.php?id=CVE-2019-14814
20 Sep 2019 — There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloq... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 88EXPL: 3CVE-2019-14816 – kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
https://notcve.org/view.php?id=CVE-2019-14816
20 Sep 2019 — There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. Se presenta un desbordamiento del búfer en la región heap de la memoria en el kernel, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistem... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0CVE-2019-14821 – Kernel: KVM: OOB memory access via mmio ring buffer
https://notcve.org/view.php?id=CVE-2019-14821
19 Sep 2019 — An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potenti... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 82EXPL: 1CVE-2019-14835 – kernel: vhost-net: guest to host kernel escape during migration
https://notcve.org/view.php?id=CVE-2019-14835
17 Sep 2019 — A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. Se encontró un fallo de desbordamiento de búfer, en las versiones desde 2.6.34 hasta 5.2.x, en la manera en que la funcionalidad vhost d... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 1CVE-2019-15031 – kernel: powerpc: local user can read vector registers of other users' processes via an interrupt
https://notcve.org/view.php?id=CVE-2019-15031
13 Sep 2019 — In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c. En el kernel de Linux versiones hast... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-662: Improper Synchronization •