Page 39 of 226 results (0.008 seconds)

CVSS: 5.5EPSS: 0%CPEs: 41EXPL: 1

CVE-2020-12771

https://notcve.org/view.php?id=CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. Se detectó un problema en el kernel de Linux versiones hasta 5.6.11. La función btree_gc_coalesce en el archivo drivers/md/bcache/btree.c, presenta un punto muerto si se produce un fallo de la operación de coalescencia. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html https://lkml.org/lkml/2020/4/26/87 https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4462-1 https: • CWE-667: Improper Locking •

CVSS: 6.5EPSS: 0%CPEs: 35EXPL: 0

CVE-2020-10690 – kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open

https://notcve.org/view.php?id=CVE-2020-10690

There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode. Se presenta un uso de la memoria previamente liberada en kernel versiones anteriores a 5.5, debido a una condición de carrera entre la liberación de ptp_clock y cdev durante la desasignación de recursos. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10690 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200608-0001 https://usn.ubuntu.com/4419-1 https://access.redhat.com/security/cve/CVE-2020-10690 https://bugzilla.redhat.com/show_bug.cgi?id=1817141 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0

CVE-2020-12653 – kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c

https://notcve.org/view.php?id=CVE-2020-12653

An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. Se detectó un problema en el kernel de Linux versiones anteriores a 5.5.4. La función mwifiex_cmd_append_vsie_tlv() en el archivo drivers/net/wireless/marvell/mwifiex/scan.c permite a usuarios locales alcanzar privilegios o causar una denegación de servicio debido a una memcpy incorrecta y al desbordamiento del búfer, también se conoce como CID-b70261a288ea. A flaw was found in the way the mwifiex_cmd_append_vsie_tlv() in Linux kernel's Marvell WiFi-Ex driver handled vendor specific information elements. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html http://www.openwall.com/lists/oss-security/2020/05/08/2 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.4 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d https://github.com/torvalds/linux/commit/b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce&# • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2020-1752 – glibc: use-after-free in glob() function when expanding ~user

https://notcve.org/view.php?id=CVE-2020-1752

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32. Una vulnerabilidad de uso de la memoria previamente liberada introducida en glibc versiones anteriores a la versión 2.14, se descubrió en la manera en que se llevó a cabo la expansión de tilde. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://security.gentoo.org/glsa/202101-20 https://security.netapp.com/advisory/ntap-20200511-0005 https://sourceware.org/bugzilla/show_bug.cgi?id • CWE-416: Use After Free •

CVSS: 6.9EPSS: 2%CPEs: 81EXPL: 5

CVE-2020-11023 – Potential XSS vulnerability in jQuery

https://notcve.org/view.php?id=CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. En jQuery versiones mayores o iguales a 1.0.3 y anteriores a la versión 3.5.0, passing HTML contiene elementos de fuentes no seguras – incluso después de sanearlo – para uno de los métodos de manipulación de jQuery ´s DOM ( i.e. html t(), adjunto (), y otros ) podrían ejecutar códigos no seguros. Este problema está corregido en JQuery 3.5.0. A flaw was found in jQuery. • https://www.exploit-db.com/exploits/49767 https://github.com/0xAJ2K/CVE-2020-11022-CVE-2020-11023 https://github.com/Cybernegro/CVE-2020-11023 https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023 http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •