CVSS: 10.0EPSS: 1%CPEs: 36EXPL: 3CVE-2024-28757 – expat: XML Entity Expansion
https://notcve.org/view.php?id=CVE-2024-28757
10 Mar 2024 — libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). libexpat hasta 2.6.1 permite un ataque de expansión de entidad XML cuando hay un uso aislado de analizadores externos (creados a través de XML_ExternalEntityParserCreate). An XML Entity Expansion flaw was found in libexpat. This flaw allows an attacker to cause a denial of service when there is an isolated use of external parsers. • https://github.com/RenukaSelvar/expat_CVE-2024-28757 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-45082 – Ubuntu Security Notice USN-6475-1
https://notcve.org/view.php?id=CVE-2021-45082
18 Feb 2022 — An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) Se ha detectado un problema en Cobbler versiones hasta 3.3.0. En el archivo templar.py, la función check_for_invalid_imports puede permitir que el código Cheetah importe módulos de Python por medio de la subcadena "#from MODULE import". • https://bugzilla.suse.com/show_bug.cgi?id=1193678 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46141 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46141
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones inválidas en uriFreeUriMembers y uriMakeOwner. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46142 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46142
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones libres no válidas en uriNormalizeSyntax. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-25322 – python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
https://notcve.org/view.php?id=CVE-2021-25322
10 Jun 2021 — A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1. Una vulnerabilidad de seguimiento de enlaces simbólicos UNIX (Symlink) en python-HyperKitty de openSUSE Leap 15.2, Factory permite a ataca... • https://bugzilla.suse.com/show_bug.cgi?id=1182373 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-28049 – Gentoo Linux Security Advisory 202402-02
https://notcve.org/view.php?id=CVE-2020-28049
04 Nov 2020 — An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation. Se detectó un problema en SDDM versiones anteriores a 0.19.0. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00031.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.6EPSS: 1%CPEs: 15EXPL: 0CVE-2020-14355 – spice: multiple buffer overflow vulnerabilities in QUIC decoding code
https://notcve.org/view.php?id=CVE-2020-14355
06 Oct 2020 — Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution. Se encontraron múltiples vulnerabilidades de desbordamiento de búfer en el proceso de decodif... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00000.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-26154 – libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow
https://notcve.org/view.php?id=CVE-2020-26154
29 Sep 2020 — url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could resul... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-6097 – Ubuntu Security Notice USN-6334-1
https://notcve.org/view.php?id=CVE-2020-6097
10 Sep 2020 — An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explotable en la funcionalidad del demonio de atftpd de atftp versión 0.7.git20120829-3.1+b1. Una secuencia especialmente diseñada d... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00058.html • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-2020-25219 – libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion
https://notcve.org/view.php?id=CVE-2020-25219
09 Sep 2020 — url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. La función url::recvline en el archivo url.cpp en libproxy versiones 0.4.x hasta 0.4.15, permite a un servidor HTTP remoto activar una recursividad no controlada por medio de una respuesta compuesta por una transmisión infinita que carece de un carácter newline. Esto conlleva ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-674: Uncontrolled Recursion •