CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-9108
https://notcve.org/view.php?id=CVE-2017-9108
18 Jun 2020 — An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte. Se detectó un problema en adns versiones anteriores a 1.5.2. adnshost maneja inapropiadamente una falta ... • http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-9109
https://notcve.org/view.php?id=CVE-2017-9109
18 Jun 2020 — An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00037.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14150
https://notcve.org/view.php?id=CVE-2020-14150
15 Jun 2020 — GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison. GNU Bison en versiones anteriores a la 3.5.4 permite a los atacantes causar una denegación de servicio (bloqueo de la aplic... • https://bugs.gentoo.org/717936 •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 3CVE-2020-13777 – gnutls: session resumption works without master key allowing MITM
https://notcve.org/view.php?id=CVE-2020-13777
04 Jun 2020 — GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. GnuTLS versiones 3.6.x anteriores a 3.6.14, usa una criptografía incorrecta para cifrar un ticket de sesión (una pérdida ... • https://github.com/0xxon/cve-2020-13777 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-12108 – mailman: arbitrary content injection via the options login page
https://notcve.org/view.php?id=CVE-2020-12108
06 May 2020 — /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. El archivo /options/mailman en GNU Mailman versiones anteriores a 2.1.31, permite una Inyección de Contenido Arbitrario. USN-5009-1 fixed vulnerabilities in Mailman. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that Mailman allows arbitrary content injection. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00036.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0CVE-2020-1752 – glibc: use-after-free in glob() function when expanding ~user
https://notcve.org/view.php?id=CVE-2020-1752
30 Apr 2020 — A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32. Una vulnerabilidad de uso de la memoria previamente liberada introducida e... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2020-12137 – mailman: XSS via file attachments in list archives
https://notcve.org/view.php?id=CVE-2020-12137
24 Apr 2020 — GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code. GNU Mailman versiones 2.x anteriores a la versión 2.1.30, usa una extensión .obj para partes MIME de aplications/octet-stream. Este ... • http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-1751 – glibc: array overflow in backtrace functions for powerpc
https://notcve.org/view.php?id=CVE-2020-1751
17 Apr 2020 — An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability. Se encontró una vulnerabilidad de escritura fuera de límites en glibc versiones anteriores a 2.31, cuando se manejaban trampolines de señal en PowerPC. Concre... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 0CVE-2020-11501 – gnutls: DTLS client hello contains a random value of all zeroes
https://notcve.org/view.php?id=CVE-2020-11501
03 Apr 2020 — GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks the security guarantees of the DTLS protocol. GnuTLS versiones 3.6.x anteriores a 3.6.13, usa una criptografía incorrecta para DTLS. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00015.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 4%CPEs: 4EXPL: 0CVE-2020-6096 – Ubuntu Security Notice USN-5310-1
https://notcve.org/view.php?id=CVE-2020-6096
01 Apr 2020 — An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementa... • https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •