Page 29 of 580 results (0.008 seconds)

CVSS: 8.1EPSS: 90%CPEs: 6EXPL: 2

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. SQLite anterior a la versión 3.25.3, cuando la extensión FTS3 está habilitada, encuentra un desbordamiento de enteros (y el desbordamiento del búfer resultante) para las consultas FTS3 que ocurren después de los cambios especialmente diseñados en las tablas de sombra FTS3, lo que permite a los atacantes remotos ejecutar código arbitrario aprovechando la capacidad de ejecutar arbitrariamente Sentencias SQL (como en ciertos casos de uso de WebSQL), también conocido como Magellan. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html http://www.securityfocus.com/bid/106323 https://access.redhat.com/articles/3758321 https://blade.tencent.com/magellan/index_en.html https://bugzilla.redhat.com/show_bug.cgi?id=1659379 https://bugzilla.redhat.com/show_bug.cgi?id=1659677 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://chromium.googlesou • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.1EPSS: 21%CPEs: 8EXPL: 0

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). Using custom domains, it's possible to arrange things so that a Git repository is cloned to a folder named ".git" by using a vanity import path that ends with "/.git". If the Git repository root contains a "HEAD" file, a "config" file, an "objects" directory, a "refs" directory, with some work to ensure the proper ordering of operations, "go get -u" can be tricked into considering the parent directory as a repository root, and running Git commands on it. That will use the "config" file in the original Git repository root for its configuration, and if that config file contains malicious commands, they will execute on the system running "go get -u". • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html http://www.securityfocus.com/bid/106226 https://bugzilla&# • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution. En Go en versiones anteriores a la 1.10.6 y versiones 1.11.x anteriores a la 1.11.3, el comando "go get" es vulnerable a un salto de directorio cuando se ejecuta con la ruta de importación de un paquete Go malicioso que contiene llaves (ambos caracteres "{" y "}"). Específicamente, solo es vulnerable en modo GOPATH, pero no en modo módulo (la diferencia está documentada en https://golang.org/cmd/go/#hdr-Module_aware_go_get). • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html http://www.securityfocus.com/bid/106228 https://bugzilla&# • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. En Qemu 3.0.0, lsi_do_msgin en hw/scsi/lsi53c895a.c permite el acceso fuera de límites desencadenando un valor msg_len inválido. • http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2018-12/msg00043.html http://www.openwall.com/lists/oss-security/2018/11/01/1 https://lists.debian.org/debian-lts-announce/2019/05/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQIBTGNRDQEXGAAYHE4JIWFAYFNHZ6QP https://lists.gnu.org/archive/html • CWE-125: Out-of-bounds Read •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad Cross-Site Scripting (XSS) en el diálogo de enlaces en el editor de la interfaz gráfica de MoinMoin en versiones anteriores a la 1.9.10 permite a atacantes remotos inyectar scripts web o HTML arbitrarios utilizando vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html http://moinmo.in/SecurityFixes https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024 https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html https://usn.ubuntu.com/3794-1 https://www.debian.org/security/2018/dsa-4318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •