CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2019-20010
https://notcve.org/view.php?id=CVE-2019-20010
27 Dec 2019 — An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c. Se detectó un problema en GNU LibreDWG versión 0.92. Se presenta un uso de la memoria previamente liberada en la función resolve_objectref_vector en el archivo decode.c. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-14865 – grub2: grub2-set-bootflag utility causes grubenv corruption rendering the system non-bootable
https://notcve.org/view.php?id=CVE-2019-14865
29 Nov 2019 — A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure (for example by setting RLIMIT), causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots. Se encontró un fallo en la utilidad grub2-set-bootflag de grub2. Un atacante local podría ejecutar esta utilidad bajo la presión de recursos (por ejemplo, configurando RLIMIT), causando que archivos de configuración de grub2 sean truncados y dejan... • http://www.openwall.com/lists/oss-security/2024/02/06/3 • CWE-267: Privilege Defined With Unsafe Actions •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 5CVE-2019-18276 – bash: when effective UID is not equal to its real UID the saved UID is not dropped
https://notcve.org/view.php?id=CVE-2019-18276
28 Nov 2019 — An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls... • https://packetstorm.news/files/id/155498 • CWE-271: Privilege Dropping / Lowering Errors CWE-273: Improper Check for Dropped Privileges •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-16200
https://notcve.org/view.php?id=CVE-2019-16200
20 Nov 2019 — GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the http_cgi_write function under http-cgi.c; however, exploitation might show svz_envblock_add in libserveez/passthrough.c as the location of the heap-based buffer over-read. GNU Serveez versiones hasta 0.2.2, tiene u... • https://github.com/agadient/SERVEEZ-CVE • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0824
https://notcve.org/view.php?id=CVE-2012-0824
19 Nov 2019 — gnusound 0.7.5 has format string issue gnusound versión 0.7.5, presenta un problema de cadena de formato. • http://www.openwall.com/lists/oss-security/2012/01/31/3 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-19126 – glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries
https://notcve.org/view.php?id=CVE-2019-19126
19 Nov 2019 — On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. En la arquitectura de x86-64, la Biblioteca GNU C (también se conoce como glibc) versiones anteriores a 2.31 no omite la variable de entorno de LD_PREFER_MAP_32BIT_EXEC durante la ejecución ... • https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html • CWE-20: Improper Input Validation CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-18862 – GNU Mailutils 3.7 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-18862
11 Nov 2019 — maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode. maidag en GNU Mailutils versiones anteriores 3.8, se instaló un setuid y permite una escalada de privilegios locales en el modo url. A vulnerability has been found in GNU Mailutils allowing privilege escalation. Versions less than 3.8 are affected. • https://packetstorm.news/files/id/155425 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-18397 – fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leading to denial of service and possible code execution
https://notcve.org/view.php?id=CVE-2019-18397
08 Nov 2019 — A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For exampl... • https://access.redhat.com/errata/RHSA-2019:4326 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 2CVE-2019-14866 – cpio: improper input validation when writing tar header fields leads to unexpected tar generation
https://notcve.org/view.php?id=CVE-2019-14866
07 Nov 2019 — In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. En todas las versiones de cpio anteriores a la versión 2.13, no comprueba aprop... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14866 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2013-4412
https://notcve.org/view.php?id=CVE-2013-4412
04 Nov 2019 — slim has NULL pointer dereference when using crypt() method from glibc 2.17 slim presenta una desreferencia del puntero NULL cuando es usado el método crypt() de glibc versión 2.17. • http://www.openwall.com/lists/oss-security/2013/10/09/6 • CWE-476: NULL Pointer Dereference •