CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-12086 – Rsync: rsync server leaks arbitrary client files
https://notcve.org/view.php?id=CVE-2024-12086
14 Jan 2025 — A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte ba... • https://access.redhat.com/security/cve/CVE-2024-12086 • CWE-390: Detection of Error Condition Without Action •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-12085 – Rsync: info leak via uninitialized stack contents
https://notcve.org/view.php?id=CVE-2024-12085
14 Jan 2025 — A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitializ... • https://access.redhat.com/security/cve/CVE-2024-12085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53566
https://notcve.org/view.php?id=CVE-2024-53566
02 Dec 2024 — An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal. Un problema en la función action_listcategories() de Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 permite a los atacantes ejecutar un path traversal. • https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2024-53920 – Debian Security Advisory 5871-1
https://notcve.org/view.php?id=CVE-2024-53920
27 Nov 2024 — In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.) In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on un... • https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-10979 – PostgreSQL PL/Perl environment variable changes execute arbitrary code
https://notcve.org/view.php?id=CVE-2024-10979
14 Nov 2024 — Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. A flaw was found in PostgreSQL PL/Perl. • https://www.postgresql.org/support/security/CVE-2024-10979 • CWE-15: External Control of System or Configuration Setting •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10978 – PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID
https://notcve.org/view.php?id=CVE-2024-10978
14 Nov 2024 — Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker. If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE ... • https://www.postgresql.org/support/security/CVE-2024-10978 • CWE-266: Incorrect Privilege Assignment •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10977 – PostgreSQL libpq retains an error message from man-in-the-middle
https://notcve.org/view.php?id=CVE-2024-10977
14 Nov 2024 — Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results. This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text. Versions before PostgreSQL 17.1, 16.5, 15... • https://www.postgresql.org/support/security/CVE-2024-10977 • CWE-348: Use of Less Trusted Source •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10976 – PostgreSQL row security below e.g. subqueries disregards user ID changes
https://notcve.org/view.php?id=CVE-2024-10976
14 Nov 2024 — Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy. This has the same consequences as the two earlier CVEs. That is to say, it leads to potentially incorrect policies being applied... • https://www.postgresql.org/support/security/CVE-2024-10976 • CWE-1250: Improper Preservation of Consistency Between Independent Representations of Shared State •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45289 – Unbounded allocation in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-45289
12 Nov 2024 — The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option. • https://security.freebsd.org/advisories/FreeBSD-SA-24:18.ctl.asc • CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39281 – Unbounded allocation in ctl(4) CAM Target Layer
https://notcve.org/view.php?id=CVE-2024-39281
12 Nov 2024 — The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will be passed to the kernel's memory allocator. • https://security.freebsd.org/advisories/FreeBSD-SA-24:18.ctl.asc • CWE-20: Improper Input Validation •