CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2020-6512 – chromium-browser: Type Confusion in V8
https://notcve.org/view.php?id=CVE-2020-6512
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un Confusión de Tipo en V8 en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html https://crbug.com/1084820 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6510 – chromium-browser: Heap buffer overflow in background fetch
https://notcve.org/view.php?id=CVE-2020-6510
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer en la región heap de la memoria en background fetch en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html https://crbug.com/1103195 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 1%CPEs: 3EXPL: 0CVE-2020-15121 – Command injection in Radare2
https://notcve.org/view.php?id=CVE-2020-15121
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory. En radare2 versiones anteriores a 4.5.0, los nombres de archivo PDB malformado en la ruta del servidor PDB causa una inyección de shell. Para desencadenar el problema, se requiere abrir el ejecutable en radare2 y ejecutar idpd para desencadenar la descarga. • https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 https://github.com/radareorg/radare2/issues/16945 https://github.com/radareorg/radare2/pull/16966 https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.9EPSS: 1%CPEs: 10EXPL: 0CVE-2020-15586 – golang: data race in certain net/http servers including ReverseProxy can lead to DoS
https://notcve.org/view.php?id=CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. Go versiones anteriores a 1.13.13 y versiones 1.14.x anteriores a 1.14.5, presenta una carrera de datos en algunos servidores net/http, como es demostrado por el Manejador httputil.ReverseProxy, porque lee un cuerpo de petición y escribe una respuesta al mismo tiempo A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g https://lists.debian.org/debian-lts-announce/2020/11/msg00037& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 1CVE-2020-14928 – evolution-data-server: Response injection via STARTTLS in SMTP and POP3
https://notcve.org/view.php?id=CVE-2020-14928
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection." evolution-data-server (eds) versiones hasta 3.36.3, presenta un problema de almacenamiento en búfer STARTTLS que afecta a SMTP y POP3. Cuando un servidor envía una respuesta "begin TLS", eds lee datos adicionales y los evalúa en un contexto TLS, también se conoce como "response injection" • https://bugzilla.suse.com/show_bug.cgi?id=1173910 https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/f404f33fb01b23903c2bbb16791c7907e457fbac https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/226 https://lists.debian.org/debian-lts-announce/2020/07/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMBEZWA22EAYAZQWUX4KPEBER726KSIG https://sec • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •