CVSS: 5.9EPSS: 0%CPEs: 20EXPL: 0CVE-2020-10711 – Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic
https://notcve.org/view.php?id=CVE-2020-10711
12 May 2020 — A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NU... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2015-5741 – golang: HTTP request smuggling in net/http library
https://notcve.org/view.php?id=CVE-2015-5741
08 Feb 2020 — The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields. La biblioteca net/http en el archivo net/http/transfer.go en Go versiones anteriores a 1.4.3, no analiza apropiadamente los encabezados HTTP, lo que permite a atacantes remotos llevar a cabo ataques de tráfico no autorizado de peticiones HTTP por medio de un... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167997.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2020-1711 – QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server
https://notcve.org/view.php?id=CVE-2020-1711
03 Feb 2020 — An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. Se detectó una fallo de acceso al búfer de la pila fuera de l... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2019-14818 – dpdk: possible memory leak leads to denial of service
https://notcve.org/view.php?id=CVE-2019-14818
13 Nov 2019 — A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. Se encontró un fallo en todas las versiones de dpdk 17.xx anteriores a 17.11.8, versiones 16.xx anteriores a 16.11.10, versiones 18.xx anteriore... • https://access.redhat.com/errata/RHSA-2020:0165 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2019-14846 – ansible: secrets disclosed on logs when no_log enabled
https://notcve.org/view.php?id=CVE-2019-14846
08 Oct 2019 — In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process. En Ansible, todas las versiones de Ansible Engine hasta ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, se registraban en el nivel DEBUG, lo que ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 11%CPEs: 55EXPL: 0CVE-2019-9514 – Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9514
13 Aug 2019 — Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Algunas implementaciones de HTTP / 2 son vulnerables a una inundación de reinicio, lo que puede conducir a una denegación de servicio. El atacante abre una... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2019-10141 – openstack-ironic-inspector: SQL Injection vulnerability when receiving introspection data
https://notcve.org/view.php?id=CVE-2019-10141
02 Jul 2019 — A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. A SQL-injection vulnerability was found in openstack-ironic-inspector's node_cache.find_node(). This function makes a SQL query using unfiltered data from a server reporting inspection results (by a POST to the /v1/continue endpoint). Because the API is unauthenticated, the flaw could be exploited by an attacker with access to the network on which ironic-inspector is listening. Because of how... • https://access.redhat.com/errata/RHSA-2019:2505 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.4EPSS: 0%CPEs: 33EXPL: 0CVE-2019-0223 – qpid-proton: TLS Man in the Middle Vulnerability
https://notcve.org/view.php?id=CVE-2019-0223
23 Apr 2019 — While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic. Mientras investigábamos el error PROTON-2014, descubrimos que en algunas circ... • http://www.openwall.com/lists/oss-security/2019/04/23/4 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.3EPSS: 1%CPEs: 17EXPL: 0CVE-2018-16876 – ansible: Information disclosure in vvv+ mode with no_log on
https://notcve.org/view.php?id=CVE-2018-16876
18 Dec 2018 — ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. ansible en versiones anteriores a las 2.5.14, 2.6.11 y 2.7.5 es vulnerable a un fallo de divulgación de información en el modo vvv+ con "no_log" habilitado, el cual podría provocar el filtrado de datos sensibles. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-18438
https://notcve.org/view.php?id=CVE-2018-18438
19 Oct 2018 — Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. Qemu tiene desbordamientos de enteros debido a que IOReadHandler y sus funciones asociadas emplean un tipo de datos de enteros firmados para un valor tamaño. • http://www.openwall.com/lists/oss-security/2018/10/17/3 • CWE-190: Integer Overflow or Wraparound •