CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-17368
https://notcve.org/view.php?id=CVE-2020-17368
Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. Firejail versiones hasta 0.9.62, maneja inapropiadamente los metacaracteres de shell durante el uso de la opción --output o --output-stderr, lo que puede conllevar a una inyección de comandos • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00036.html https://github.com/netblue30/firejail https://lists.debian.org/debian-lts-announce/2020/08/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JFXN3JJG4DIMN4TAHOTKFMS7SGM4EOTR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W66IR5YT4KG464SKEMQN2NP2LGATGEGS https://security.gentoo.org/glsa/202101-02 https://www.debian.org/security/2020/dsa-4742 https • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-17367
https://notcve.org/view.php?id=CVE-2020-17367
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. Firejail versiones hasta 0.9.62, no respeta el indicador -- end-of-options después de la opción --output, lo que puede conllevar a una inyección de comandos • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00036.html https://github.com/netblue30/firejail https://lists.debian.org/debian-lts-announce/2020/08/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JFXN3JJG4DIMN4TAHOTKFMS7SGM4EOTR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W66IR5YT4KG464SKEMQN2NP2LGATGEGS https://security.gentoo.org/glsa/202101-02 https://www.debian.org/security/2020/dsa-4742 https • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-10756 – QEMU SLiRP Networking Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-10756
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. Se encontró una vulnerabilidad de lectura fuera de límites en la implementación de red SLiRP del emulador QEMU. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00040.html https://bugzilla.redhat.com/show_bug.cgi?id=1835986 https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYTZ32P67PZER6P7TW6FQK3SZRKQLVEI https://security.netapp.com/advisory/ntap-20201001-0001 https://usn.ubuntu.com/4437-1 https://usn.ubuntu.com/ • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-15396
https://notcve.org/view.php?id=CVE-2020-15396
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. En HylaFAX+ versiones hasta 7.0.2 y HylaFAX Enterprise, la utilidad de configuración del fax llama chown sobre archivos en directorios propiedad del usuario. Al ganar una carrera, un atacante local podría usar esto para escalar sus privilegios para root • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00054.html https://bugzilla.suse.com/show_bug.cgi?id=1173521 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J52QFVREJWJ35YSEEDDRMZQ2LM2H2WE6 https://lists.fedoraproject.org/archives/list& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2017-18922 – libvncserver: websocket decoding buffer overflow
https://notcve.org/view.php?id=CVE-2017-18922
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. Se detectó que el archivo websockets.c en LibVNCServer versiones anteriores a 0.9.12, no decodificaba apropiadamente determinados tramas de WebSocket. Un atacante malicioso podría explotar esto mediante el envío de tramas de WebSocket especialmente diseñadas hacia un servidor, causando un desbordamiento del búfer en la región heap de la memoria A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html http://www.openwall.com/lists/oss-security/2020/06/30/3 https://bugzilla.redhat.com/show_bug.cgi?id=1852356 https://cer • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •