Page 39 of 2118 results (0.033 seconds)

CVSS: 9.8EPSS: 1%CPEs: 19EXPL: 0

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Se detectó un problema de Escritura Polimórfica en FasterXML jackson-databind versiones anteriores a 2.9.10. Está relacionado con net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. • https://access.redhat.com/errata/RHSA-2019:3200 https://access.redhat.com/errata/RHSA-2020:0159 https://access.redhat.com/errata/RHSA-2020:0160 https://access.redhat.com/errata/RHSA-2020:0161 https://access.redhat.com/errata/RHSA-2020:0164 https://access.redhat.com/errata/RHSA-2020:0445 https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10 https://github.com/FasterXML/jackson-databind/issues/2460 https://lists.apache.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. El analizador IEEE 802.11 en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en el archivo print-802_11.c para el subcampo Mesh Flags. An out-of-bounds read vulnerability was discovered in tcpdump while printing IEEE 802.11 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). El analizador LMP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-lmp.c:lmp_print_data_link_subobjs(). An out-of-bounds read vulnerability was discovered in tcpdump while printing LMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). El analizador Rx en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en las funciones print-rx.c:rx_cache_find() y rx_cache_insert(). • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/c24922e692a52121e853a84ead6b9337f4c08a94 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). El analizador RSVP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-rsvp.c:rsvp_obj_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing RSVP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •