CVSS: 6.2EPSS: 0%CPEs: 8EXPL: 1CVE-2021-4115 – polkit: file descriptor leak allows an unprivileged user to cause a crash
https://notcve.org/view.php?id=CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned Se presenta un fallo en polkit que puede permitir a un usuario no privilegiado causar un bloqueo de polkit, debido al agotamiento del descriptor de archivos del proceso. La mayor amenaza de esta vulnerabilidad es la disponibilidad. NOTA: La duración de la interrupción del proceso de polkit está ligada al proceso que falla y a la creación de uno nuevo There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. • http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html https://access.redhat.com/security/cve/cve-2021-4115 https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat • CWE-400: Uncontrolled Resource Consumption CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-44141 – samba: Information leak via symlinks of existance of files or directories outside of the exported share
https://notcve.org/view.php?id=CVE-2021-44141
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. Todas las versiones de Samba anteriores a 4.15.5, son vulnerables a que un cliente malicioso use un enlace simbólico del servidor para determinar si un archivo o directorio se presenta en un área del sistema de archivos del servidor no exportada bajo la definición de recurso compartido. SMB1 con extensiones unix debe estar habilitado para que este ataque tenga éxito A vulnerability was found in Samba due to an insecure link following. By querying a symlink inside the exported share using SMB1 with unix extensions turned on, an attacker can discover if a named or directory exists on the filesystem outside the exported share. • https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2021-44141.html https://access.redhat.com/security/cve/CVE-2021-44141 https://bugzilla.redhat.com/show_bug.cgi?id=2046120 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45083
https://notcve.org/view.php?id=CVE-2021-45083
An issue was discovered in Cobbler before 3.3.1. Files in /etc/cobbler are world readable. Two of those files contain some sensitive information that can be exposed to a local user who has non-privileged access to the server. The users.digest file contains the sha2-512 digest of users in a Cobbler local installation. In the case of an easy-to-guess password, it's trivial to obtain the plaintext string. • https://bugzilla.suse.com/show_bug.cgi?id=1193671 https://github.com/cobbler/cobbler/releases https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE https://www.openwall.com/lists/oss-security/2022/02/18/3 • CWE-276: Incorrect Default Permissions •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0685 – Use of Out-of-range Pointer Offset in vim/vim
https://notcve.org/view.php?id=CVE-2022-0685
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. Un Uso de un Desplazamiento de Puntero Fuera de Rango en el repositorio de GitHub vim/vim versiones anteriores a 8.2.4418 • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87 https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782 https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF https://security.gentoo. • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2021-45082
https://notcve.org/view.php?id=CVE-2021-45082
An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the "#from MODULE import" substring. (Only lines beginning with #import are blocked.) Se ha detectado un problema en Cobbler versiones hasta 3.3.0. En el archivo templar.py, la función check_for_invalid_imports puede permitir que el código Cheetah importe módulos de Python por medio de la subcadena "#from MODULE import". • https://bugzilla.suse.com/show_bug.cgi?id=1193678 https://github.com/cobbler/cobbler/releases https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •