CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-38562 – Ubuntu Security Notice USN-6529-1
https://notcve.org/view.php?id=CVE-2021-38562
18 Oct 2021 — Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm. Best Practical Request Tracker (RT) versiones 4.2 anteriores a 4.2.17, versiones 4.4 anteriores a 4.4.5, y versiones 5.0 anteriores a 5.0.2, permite una divulgación de información confidencial por medio de un ataque de tiempo contra el archivo lib/RT/REST2/Middleware/Auth.pm It was discovered that Request Tracker in... • https://docs.bestpractical.com/release-notes/rt/index.html • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-38502 – Mozilla: Downgrade attack on SMTP STARTTLS connections
https://notcve.org/view.php?id=CVE-2021-38502
13 Oct 2021 — Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2. Thunderbird ignoró la configuración para requerir seguridad STARTTLS para una conexión S... • https://bugzilla.mozilla.org/show_bug.cgi?id=1733366 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42326
https://notcve.org/view.php?id=CVE-2021-42326
12 Oct 2021 — Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. Redmine versiones anteriores a 4.1.5 y versiones 4.2.x anteriores a 4.2.3, pueden revelar los nombres de usuarios en las vistas de actividad debido a un filtro de acceso insuficiente • https://lists.debian.org/debian-lts-announce/2021/10/msg00013.html •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-38496 – Mozilla: Use-after-free in MessageTask
https://notcve.org/view.php?id=CVE-2021-38496
11 Oct 2021 — During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93. Durante las operaciones en MessageTasks, una tarea puede haber sido eliminada mientras todavía estaba programada, resultando en una corrupción de memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1725335 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-38500 – Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
https://notcve.org/view.php?id=CVE-2021-38500
11 Oct 2021 — Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93. Los desarrolladores de Mozilla informaron de bugs de seguridad de memoria presentes en Firefox 92 y Firefox ESR 91.1. Algunos de estos b... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1725854%2C1728321 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2021-42260 – Ubuntu Security Notice USN-6542-1
https://notcve.org/view.php?id=CVE-2021-42260
11 Oct 2021 — TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. TinyXML versiones hasta 2.6.2, presenta un bucle infinito en la función TiXmlParsingData::Stamp en el archivo tinyxmlparser.cpp por medio del caso TIXML_UTF_LEAD_0. Puede ser activado por un mensaje XML diseñado y conlleva una denegación de servicio Wang Zhong discovered that TinyXML incorrectly handled certai... • https://github.com/vm2mv/tinyxml • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-41125 – HTTP authentication credential leak to target websites in scrapy
https://notcve.org/view.php?id=CVE-2021-41125
06 Oct 2021 — Scrapy is a high-level web crawling and scraping framework for Python. If you use `HttpAuthMiddleware` (i.e. the `http_user` and `http_pass` spider attributes) for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, such as `robots.txt` requests sent by Scrapy when the `ROBOTSTXT_OBEY` setting is set to `True`, or as requests reached through redirects. Upgrade to Scrapy 2.5.1 and use the new `http_auth_domain` spider at... • http://doc.scrapy.org/en/latest/topics/downloader-middleware.html#module-scrapy.downloadermiddlewares.httpauth • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28702 – Gentoo Linux Security Advisory 202208-23
https://notcve.org/view.php?id=CVE-2021-28702
06 Oct 2021 — PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). These are typically used for platform tasks such as legacy USB emulation. If such a device is passed through to a guest, then on guest shutdown the device is not properly deassigned. The IOMMU configuration for these devices which are not properly deassigned ends up pointing to a freed data structure, including the IO Pagetables. ... • http://www.openwall.com/lists/oss-security/2021/10/07/2 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 3CVE-2021-42008 – Ubuntu Security Notice USN-5116-1
https://notcve.org/view.php?id=CVE-2021-42008
04 Oct 2021 — The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. La función decode_data en el archivo drivers/net/hamradio/6pack.c en el kernel de Linux versiones anteriores a 5.13.13, presenta una escritura fuera de límites. La entrada desde un proceso que tiene la capacidad CAP_NET_ADMIN puede conllevar a un acceso de root It was discovered that a race condition ex... • https://github.com/0xdevil/CVE-2021-42008 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32765 – Integer Overflow to Buffer Overflow in Hiredis
https://notcve.org/view.php?id=CVE-2021-32765
04 Oct 2021 — Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check if `count * sizeof(redisReply*)` can be represented in `SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. Users of hiredis who are... • https://github.com/redis/hiredis/commit/76a7b10005c70babee357a7d0f2becf28ec7ed1e • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •