CVSS: 8.5EPSS: 94%CPEs: 36EXPL: 3CVE-2021-39144 – XStream Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39144
23 Aug 2021 — XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. XStream es una bibli... • https://packetstorm.news/files/id/169859 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-306: Missing Authentication for Critical Function CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 90%CPEs: 40EXPL: 1CVE-2021-29505 – XStream is vulnerable to a Remote Command Execution attack
https://notcve.org/view.php?id=CVE-2021-29505
28 May 2021 — XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. XStream es un software para serializar objetos Java a XML y vic... • https://github.com/MyBlackManba/CVE-2021-29505 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 5.8EPSS: 0%CPEs: 136EXPL: 1CVE-2021-29425 – Possible limited path traversal vulnerabily in Apache Commons IO
https://notcve.org/view.php?id=CVE-2021-29425
13 Apr 2021 — In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. En Apache Commons IO versiones anteriores a 2.7, Cuando se invoca el método FileNameUtils.normalize con una cadena de entrada inapropiada, como... • https://issues.apache.org/jira/browse/IO-556 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 1CVE-2020-24368 – Gentoo Linux Security Advisory 202208-05
https://notcve.org/view.php?id=CVE-2020-24368
19 Aug 2020 — Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2. Icinga Icinga Web 2 versiones 2.0.0 hasta 2.6.4, 2.7.4 y 2.8.2, presenta una vulnerabilidad de Salto de Directorio que permite a un atacante acceder a archivos arbitrarios que son legibles por el proceso que ejecuta Icinga Web 2. Este problema ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00026.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2020-14147 – Debian Security Advisory 4731-1
https://notcve.org/view.php?id=CVE-2020-14147
15 Jun 2020 — An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. Un desbordamiento de enteros en la función getnum en el archivo lua_struct.c en Redis versiones ... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 1CVE-2020-13434 – sqlite: integer overflow in sqlite3_str_vappendf function in printf.c
https://notcve.org/view.php?id=CVE-2020-13434
24 May 2020 — SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. SQLite versiones hasta 3.32.0, presenta un desbordamiento de enteros en la función sqlite3_str_vappendf en el archivo printf.c. An integer overflow flaw was found in the SQLite implementation of the printf() function. This flaw allows an attacker who can control the precision of floating-point conversions, to crash the application, resulting in a denial of service. Red Hat Advanced Cluster Management for Kubernetes 2.3.0 imag... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 8.0EPSS: 1%CPEs: 11EXPL: 0CVE-2020-10802 – Ubuntu Security Notice USN-4639-1
https://notcve.org/view.php?id=CVE-2020-10802
22 Mar 2020 — In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. En phpMyAdmin versiones 4.x anteriores a 4.9.5 y versiones 5.x anteriores ... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 3%CPEs: 11EXPL: 0CVE-2020-10803 – Ubuntu Security Notice USN-4639-1
https://notcve.org/view.php?id=CVE-2020-10803
22 Mar 2020 — In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. En phpMyAdmin versiones 4.x anteriores a 4.9.5 y versiones 5.x anteriores a 5.0... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 14CVE-2020-8813 – Cacti 1.2.8 - Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-8813
22 Feb 2020 — graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. El archivo graph_realtime.php en Cacti versión 1.2.8, permite a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en una cookie, si un usuario invitado posee el privilegio graph real-time. graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS comma... • https://packetstorm.news/files/id/156538 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1CVE-2020-6415 – chromium-browser: Inappropriate implementation in JavaScript
https://notcve.org/view.php?id=CVE-2020-6415
11 Feb 2020 — Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues a... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-787: Out-of-bounds Write •