CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2020-24977 – libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2020-24977
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. El proyecto de GNOME libxml2 v2.9.10 tiene una vulnerabilidad de sobre lectura del buffer global en xmlEncodeEntitiesInternal en libxml2/entities.c. El problema ha sido corregido en el commit 50f06b3e • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/ • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 21EXPL: 0CVE-2020-16166 – kernel: information exposure in drivers/char/random.c and kernel/time/timer.c
https://notcve.org/view.php?id=CVE-2020-16166
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. El kernel de Linux versiones hasta 5.7.11, permite a atacantes remotos realizar observaciones que ayudan a obtener información confidencial sobre el estado interno de la red RNG, también se conoce como CID-f227e3ec3b5c. Esto está relacionado con los archivos drivers/char/random.c y kernel/time/timer.c A flaw was found in the Linux kernel. The generation of the device ID from the network RNG internal state is predictable. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html https://arxiv.org/pdf/2012.07432.pdf https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f227e3ec3b5cad859ad15666874405e8c1bbc1d4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c51f8f88d705e06bd696d7510aff22b33eb8e638 https://github.com/torvalds/linux/commit/f227e3ec3b5cad859ad15666874405e8c1bbc1d4 https://lists.debian& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-330: Use of Insufficiently Random Values •
CVSS: 4.9EPSS: 0%CPEs: 32EXPL: 0CVE-2020-15025
https://notcve.org/view.php?id=CVE-2020-15025
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. ntpd en ntp versión 4.2.8 versiones anteriores a 4.2.8p15 y versiones 4.3.x anteriores a 4.3.101, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria) mediante el envío de paquetes, porque la memoria no es liberada en situaciones donde se usa una clave CMAC y está asociada con un algoritmo CMAC en el archivo ntp.keys • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html https://bugs.gentoo.org/729458 https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200702-0002 https://support.ntp.org/bin/view/Main/NtpBug3661 https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea https://www.oracle.com/security-alerts/cpujan2021.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 27EXPL: 0CVE-2020-14155 – pcre: Integer overflow when parsing callout numeric arguments
https://notcve.org/view.php?id=CVE-2020-14155
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. libpcre en PCRE versiones anteriores a 8.44, permite un desbordamiento de enteros por medio de un número grande después de una subcadena (?C • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release https://bugs.gentoo.org/717920 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://security.netapp.com/advisory/ntap-20221028-0010 https://support.apple.com/kb/HT211931 https://support.apple.com/kb/HT212147 https://www.oracle.com/security-alerts/cp • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 41EXPL: 0CVE-2020-10732 – kernel: uninitialized kernel data leak in userspace coredumps
https://notcve.org/view.php?id=CVE-2020-10732
A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. Se encontró un fallo en la implementación de los volcados de núcleo del Userspace del kernel de Linux. Este fallo permite a un atacante con una cuenta local bloquear un programa trivial y exfiltrar datos privados del kernel A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10732 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=aca969cacf07f41070d788ce2b8ca71f09d5207d https://github.com/google/kmsan/issues/76 https://github.com/ruscur/linux/commit/a95cdec9fa0c08e6eeb410d461c03af8fd1fef0a https://lore.kernel.org/lkml/CAG_fn=VZZ7yUxtOGzuTLkr7wmfXWtKK9BHHYawj • CWE-908: Use of Uninitialized Resource •