CVSS: 8.1EPSS: 0%CPEs: 28EXPL: 0CVE-2019-9499 – The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
https://notcve.org/view.php?id=CVE-2019-9499
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. Las implementaciones del componente EAP-PWD en wpa_supplicant EAP Peer, cuando se construyen contra una biblioteca criptográfica que carece de comprobación explícita en elementos importados, no comprueban los valores escalares y de elementos en EAP-pwd-Commit. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ https://seclists.org/bugtraq& • CWE-287: Improper Authentication CWE-346: Origin Validation Error •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 1CVE-2019-3870
https://notcve.org/view.php?id=CVE-2019-3870
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3870 https://bugzilla.samba.org/show_bug.cgi?id=13834 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6354GALK73CZWQKFUG7AWB6EIEGFMF62 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTJVFA3RZ6G2IZDTVKLHRMX6QBYA4GPA https://support.f5.com/csp/article/K20804356 https://www.samba.org/samba/security/CVE-2019-3870.html https://www.synology.com/security/advisory/Synology_SA_19 • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13299
https://notcve.org/view.php?id=CVE-2018-13299
Relative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter. Una vulnerabilidad de salto de directorio relativo en el actualizador de adjuntos en Synology Calendar, en versiones anteriores a la 2.2.2-0532, permite a los usuarios remotos autenticados subir archivos arbitrarios mediante el parámetro "filename". • https://www.synology.com/security/advisory/Synology_SA_18_54 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13298
https://notcve.org/view.php?id=CVE-2018-13298
Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors. Una vulnerabilidad de canal accesible por "non-endpoint" en la página de privacidad de Synology Android Moments, en versiones anteriores a la 1.2.3-199, permite a los atacantes Man-in-the-Middle (MitM) ejecutar código arbitrario mediante vectores sin especificar. • https://www.synology.com/security/advisory/Synology_SA_18_52 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-13297
https://notcve.org/view.php?id=CVE-2018-13297
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter. Vulnerabilidad de exposición de la información en la función SYNO.SynologyDrive.Files en Synology Drive anterior a la versión 1.1.2-10562 permite a los atacantes remotos obtener información confidencial del sistema por medio del parámetro dsm_path. • https://www.synology.com/security/advisory/Synology_SA_18_50 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •