CVSS: 8.8EPSS: 10%CPEs: 10EXPL: 1CVE-2020-7065 – mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full
https://notcve.org/view.php?id=CVE-2020-7065
27 Mar 2020 — In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution. En PHP versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, mientras se usa la función mb_strtolower() con codificación UTF-32LE, determinadas cadenas no comprobadas pueden causar que PHP sobrescriba el búfer asigna... • https://bugs.php.net/bug.php?id=79371 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 2%CPEs: 14EXPL: 1CVE-2020-7064 – Use-of-uninitialized-value in exif
https://notcve.org/view.php?id=CVE-2020-7064
27 Mar 2020 — In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. En PHP versiones 7.2.x por debajo de 7.2.9, versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, al analizar datos EXIF ??con la función exif_read_data(), es posible que unos datos maliciosos causen que ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 1CVE-2020-10942 – kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field
https://notcve.org/view.php?id=CVE-2020-10942
24 Mar 2020 — In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. En el kernel de Linux versiones anteriores a 5.5.8, la función get_raw_socket en el archivo drivers/vhost/net.c carece de una comprobación de un campo sk_family, que podría permitir a atacantes desencadenar una corrupción de pila del kernel por medio de llamadas de sistema diseñadas. A stack buffer overflow is... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 5%CPEs: 8EXPL: 0CVE-2019-18860 – squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour
https://notcve.org/view.php?id=CVE-2019-18860
20 Mar 2020 — Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. Squid versiones anteriores a 4.9, cuando determinados navegadores web son usados, maneja inapropiadamente HTML en el parámetro host (también se conoce como hostname) en el archivo cachemgr.cgi. A flaw was found in squid. Squid, when certain web browsers are used, mishandles HTML in the host parameter to cachemgr.cgi which could result in squid behaving in unsecure way. Jeriko One disco... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 63EXPL: 0CVE-2020-8832 – Ubuntu 18.04 Linux kernel i915 incomplete fix for CVE-2019-14615
https://notcve.org/view.php?id=CVE-2020-8832
17 Mar 2020 — The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. Se detectó que la solución para el kernel de Linux en Ubuntu versión 18.04 LTS para CVE-2019-14615 ("El kernel de Linux no borró apropiadamente las estructura... • https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-0556 – bluez: Improper access control in subsystem could result in privilege escalation and DoS
https://notcve.org/view.php?id=CVE-2020-0556
12 Mar 2020 — Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access El control de acceso incorrecto en el subsistema para BlueZ anterior a la versión 5.54 puede permitir que un usuario no autenticado permita potencialmente la escalada de privilegios y la denegación de servicio a través del acceso adyacente It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A lo... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html • CWE-266: Incorrect Privilege Assignment •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
12 Mar 2020 — An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 1CVE-2020-10108 – python-twisted: HTTP request smuggling when presented with two Content-Length headers
https://notcve.org/view.php?id=CVE-2020-10108
12 Mar 2020 — In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. En Twisted Web versiones hasta 19.10.0, se presentó una vulnerabilidad de división de petición HTTP. Cuando se le presentan dos encabezados content-length, ignora el primer encabezado. • https://know.bishopfox.com/advisories • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-10109 – python-twisted: HTTP request smuggling when presented with a Content-Length and a chunked Transfer-Encoding header
https://notcve.org/view.php?id=CVE-2020-10109
12 Mar 2020 — In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. En Twisted Web versiones hasta 19.10.0, se presentó una vulnerabilidad de división de petición HTTP. Cuando se presentó con un encabezado content-length y chunked encoding, el content-length tomó precedencia y el resto del cuerpo de la petición se ... • https://know.bishopfox.com/advisories • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-6805 – Mozilla: Use-after-free when removing data about origins
https://notcve.org/view.php?id=CVE-2020-6805
12 Mar 2020 — When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. Cuando se eliminan datos sobre un origen cuya pestaña se cerró recientemente, podría presentarse un uso de la memoria previamente liberada en el administrador de Quota, resultando en un bloqueo potencialmente explotable. Esta vulnerabilidad afec... • https://bugzilla.mozilla.org/show_bug.cgi?id=1610880 • CWE-416: Use After Free •