CVE-2020-6514 – chromium-browser: Inappropriate implementation in WebRTC
https://notcve.org/view.php?id=CVE-2020-6514
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. Una implementación inapropiada en WebRTC en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante en una posición de red privilegiada potencialmente explotar una corrupción de la pila por medio de un flujo SCTP diseñado • https://github.com/hasan-khalil/CVE-2020-6514 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-15890
https://notcve.org/view.php?id=CVE-2020-15890
LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled. LuaJit versiones hasta 2.1.0-beta3, presenta una lectura fuera de límites, porque el salto de trama del manejador __gc es manejado inapropiadamente • https://github.com/LuaJIT/LuaJIT/issues/601 https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html https://usn.ubuntu.com/4501-1 • CWE-125: Out-of-bounds Read •
CVE-2020-14928 – evolution-data-server: Response injection via STARTTLS in SMTP and POP3
https://notcve.org/view.php?id=CVE-2020-14928
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection." evolution-data-server (eds) versiones hasta 3.36.3, presenta un problema de almacenamiento en búfer STARTTLS que afecta a SMTP y POP3. Cuando un servidor envía una respuesta "begin TLS", eds lee datos adicionales y los evalúa en un contexto TLS, también se conoce como "response injection" • https://bugzilla.suse.com/show_bug.cgi?id=1173910 https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/f404f33fb01b23903c2bbb16791c7907e457fbac https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/226 https://lists.debian.org/debian-lts-announce/2020/07/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMBEZWA22EAYAZQWUX4KPEBER726KSIG https://sec • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2020-3481 – Clam AntiVirus (ClamAV) Software Null Pointer Dereference Vulnerability
https://notcve.org/view.php?id=CVE-2020-3481
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference. An attacker could exploit this vulnerability by sending a crafted EGG file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Una vulnerabilidad en el módulo de análisis de archivo EGG en Clam AntiVirus (ClamAV) Software versiones 0.102.0 - 0.102.3, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio en un dispositivo afectado. • https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN https://security.gentoo.org/glsa/202007-23 https://usn.ubuntu.com/4435-1 https://usn.ubuntu.com/4435-2 • CWE-476: NULL Pointer Dereference •
CVE-2020-11933 – local snapd exploit through cloud-init
https://notcve.org/view.php?id=CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption. This issue did not affect traditional Ubuntu systems. Fixed in snapd version 2.45.2, revision 8539 and core version 2.45.2, revision 9659. cloud-init administrado por snapd en los dispositivos Ubuntu Core 16 y Ubuntu Core 18, se ejecutó sin restricciones en cada arranque, que un atacante físico podría explotar mediante el diseño de user-data/meta-data de cloud-init por medio de medios externos para llevar a cabo cambios arbitrarios en el dispositivo para omitir los mecanismos de seguridad previstos, como el cifrado de disco completo. Este problema no afectó a los sistemas tradicionales de Ubuntu. Se corrigió en snapd versión 2.45.2, revisión 8539 y core versión 2.45.2, revisión 9659 • https://launchpad.net/bugs/1879530 https://ubuntu.com/USN-4424-1 • CWE-264: Permissions, Privileges, and Access Controls •