CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2020-10803
https://notcve.org/view.php?id=CVE-2020-10803
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. En phpMyAdmin versiones 4.x anteriores a 4.9.5 y versiones 5.x anteriores a 5.0.2, se detectó una vulnerabilidad de inyección SQL donde un código malicioso podría ser usado para desencadenar un ataque de tipo XSS mediante la recuperación y visualización de resultados (en archivo tbl_get_field.php y biblioteca libraries/clases/Display/Results.php). El atacante debe poder insertar datos diseñados en determinadas tablas de la base de datos, que cuando se recuperaban (por ejemplo, por medio de la pestaña Browse) pueden desencadenar el ataque de tipo XSS. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.0EPSS: 0%CPEs: 10EXPL: 0CVE-2020-10804
https://notcve.org/view.php?id=CVE-2020-10804
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges). En phpMyAdmin versiones 4.x anteriores a 4.9.5 y versiones 5.x anteriores a 5.0.2, se encontró una vulnerabilidad de inyección SQL en la recuperación del nombre de usuario actual (en las bibliotecas libraries/classes/Server/Privileges.php y libraries/classes/UserPassword.php). Un usuario malicioso con acceso al servidor podría crear un nombre de usuario diseñado y luego engañar a la víctima para que realice acciones específicas con esa cuenta de usuario (tal y como editar sus privilegios). • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK https://lists.fedoraproject.org/archives/list/package-announce%40 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10593
https://notcve.org/view.php?id=CVE-2020-10593
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_circ because a circuit-padding machine can be negotiated twice on the same circuit. Tor versiones anteriores a 0.3.5.10, versiones 0.4.x anteriores a 0.4.1.9 y versiones 0.4.2.x anteriores a 0.4.2.7, permite a atacantes remotos causar una Denegación de servicio (pérdida de memoria), también se conoce como TROVE-2020-004. Esto ocurre en la función circpad_setup_machine_on_circ porque una máquina de circuit-padding se puede negociar dos veces en el mismo circuito. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html https://security.gentoo.org/glsa/202003-50 https://trac.torproject.org/projects/tor/ticket/33619 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 3%CPEs: 6EXPL: 0CVE-2019-12921
https://notcve.org/view.php?id=CVE-2019-12921
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. En GraphicsMagick versiones anteriores a 1.3.32, el componente text filename permite a atacantes remotos leer archivos arbitrarios por medio de una imagen diseñada debido a TranslateTextEx para SVG. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html http://www.graphicsmagick.org https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md https://lists.debian.org/debian-lts-announce/2020/03/msg00026.html https://www.debian.org/security/2020/dsa-4675 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 13EXPL: 1CVE-2019-3696 – pcp: Local privilege escalation from user pcp to root through migrate_tempdirs
https://notcve.org/view.php?id=CVE-2019-3696
A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. • https://bugzilla.suse.com/show_bug.cgi?id=1153921 https://access.redhat.com/security/cve/CVE-2019-3696 https://bugzilla.redhat.com/show_bug.cgi?id=1811707 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •