Page 30 of 4202 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-28040 – WordPress Core < 5.5.2 - Cross-Site Request Forgery to Theme Image Change

https://notcve.org/view.php?id=CVE-2020-28040

WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. WordPress versiones anteriores a 5.5.2, permite ataques de tipo CSRF que cambian la imagen de fondo del tema • https://blog.wpscan.com/2020/10/30/wordpress-5.5.2-security-release.html https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y https://wordpress.org&# • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-28039 – WordPress Core < 5.5.2 - Arbitrary File Deletion

https://notcve.org/view.php?id=CVE-2020-28039

is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. La función is_protected_meta en el archivo wp-includes/meta.php en WordPress versiones anteriores a 5.5.2, permite la eliminación arbitraria de archivos porque no determina apropiadamente si una clave meta es considerada protegida • https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y https://wordpress.org • CWE-285: Improper Authorization •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-14837 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)

https://notcve.org/view.php?id=CVE-2020-14837

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.gentoo.org/glsa/202105-27 https://security.netapp.com/advisory/ntap-20201023-0003 https://www.oracle.com/security-alerts/cpuoct2020.html https://access.redhat.com/security/cve/CVE-2020-14837 https://bugzilla.redhat.com/show_bug.cgi?id=1890764 •

CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0

CVE-2020-15157 – containerd can be coerced into leaking credentials during image pull

https://notcve.org/view.php?id=CVE-2020-15157

In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a “foreign layer”), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user's username and password for the registry. • https://github.com/containerd/containerd/releases/tag/v1.2.14 https://github.com/containerd/containerd/security/advisories/GHSA-742w-89gc-8m9c https://usn.ubuntu.com/4589-1 https://usn.ubuntu.com/4589-2 https://www.debian.org/security/2021/dsa-4865 https://access.redhat.com/security/cve/CVE-2020-15157 https://bugzilla.redhat.com/show_bug.cgi?id=1888248 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-16119 – DCCP CCID structure use-after-free

https://notcve.org/view.php?id=CVE-2020-16119

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196. Una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux explotable por un atacante local debido a la reutilización de un socket DCCP con un objeto dccps_hc_tx_ccid adjunto como oyente después de ser liberado.&#xa0;Corregido en el kernel de Ubuntu Linux versiones 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 y 3.2.0-149.196 • https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695 https://launchpad.net/bugs/1883840 https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza%40canonical.com/T https://security.netapp.com/advisory/ntap-20210304-0006 https://ubuntu.com/USN-4576-1 https://ubuntu.com/USN-4 • CWE-416: Use After Free •