CVSS: 6.5EPSS: 94%CPEs: 13EXPL: 10CVE-2020-11652 – SaltStack Salt Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2020-11652
30 Apr 2020 — An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users. Se descubrió un problema en SaltStack Salt versiones anteriores a la versión 2019.2.4 y versiones 3000 anteriores a 3000.2. La clase ClearFuncs del proceso Salt-master permite acceder a algunos métodos que sanean inapropiadamente las rutas. • https://packetstorm.news/files/id/180608 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 94%CPEs: 10EXPL: 19CVE-2020-11651 – SaltStack Salt Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-11651
30 Apr 2020 — An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions. Se ha descubierto un fallo de salto de archivo en todas las versiones de ansible-engine 2.9.x anteriores a la versión 2.9.7, cuando se ejecuta una instalació... • https://packetstorm.news/files/id/180608 •
CVSS: 6.9EPSS: 2%CPEs: 206EXPL: 6CVE-2020-11022 – Potential XSS vulnerability in jQuery
https://notcve.org/view.php?id=CVE-2020-11022
29 Apr 2020 — In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. En las versiones de jQuery mayores o iguales a 1.2 y anteriores a la versión 3.5.0, se puede ejecutar HTML desde fuentes no seguras, incluso después de desinfectarlo, a uno de los métodos de manipulación DOM de jQuery (es decir .h... • https://packetstorm.news/files/id/162159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 5%CPEs: 10EXPL: 1CVE-2020-10663 – rubygem-json: Unsafe object creation vulnerability in JSON
https://notcve.org/view.php?id=CVE-2020-10663
28 Apr 2020 — The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. La gema JSON versiones hasta 2.2.0 para Ruby, como es usado en Ruby versiones 2.4 ha... • https://github.com/rails-lts/json_cve_2020_10663 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 4%CPEs: 67EXPL: 1CVE-2020-12243 – openldap: denial of service via nested boolean expressions in LDAP search filters
https://notcve.org/view.php?id=CVE-2020-12243
28 Apr 2020 — In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). En el archivo filter.c en slapd en OpenLDAP versiones anteriores a 2.4.50, los filtros de búsqueda de LDAP con expresiones booleanas anidadas pueden resultar en una denegación de servicio (bloqueo del demonio). Red Hat OpenShift Do is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00016.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-12268 – jbig2dec: heap-based buffer overflow in jbig2_image_compose in jbig2_image.c
https://notcve.org/view.php?id=CVE-2020-12268
27 Apr 2020 — jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. La función jbig2_image_compose en el archivo jbig2_image.c en Artifex jbig2dec versiones anteriores a la versión 0.18, tiene un desbordamiento de búfer en la región heap de la memoria. An integer overflow was found in jbig2dec, which causes an out-of-bounds read/write in the jbig2_image_compose function. This flaw could potentially result in the execution of code on the system. Applications that use jbig2d... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00034.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-12105 – Gentoo Linux Security Advisory 202006-15
https://notcve.org/view.php?id=CVE-2020-12105
23 Apr 2020 — OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks. OpenConnect versiones hasta 8.08, maneja inapropiadamente los valores de retorno negativos a partir de llamadas de la función X509_check_, lo que podría ayudar a atacantes a llevar a cabo ataques de tipo man-in-the-middle . Multiple vulnerabilities have been found in OpenConnect, the worst of which could result in the arbitrary execution of code. V... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00039.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.8EPSS: 34%CPEs: 13EXPL: 0CVE-2020-11945 – squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution
https://notcve.org/view.php?id=CVE-2020-11945
23 Apr 2020 — An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials). Se detectó un problema en Squid versiones anteriores a 5.0.2. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html • CWE-190: Integer Overflow or Wraparound CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-1983 – libslirp: use after free vulnerability cause a denial of service.
https://notcve.org/view.php?id=CVE-2020-1983
22 Apr 2020 — A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. Una vulnerabilidad de uso de la memoria previamente liberada en la función ip_reass() en el archivo ip_input.c de libslirp versiones 4.2.0 y anteriores permite que paquetes especialmente diseñados causen una denegación de servicio. A use-after-free flaw was found in the SLiRP networking implementation of the QEMU emulator. Specifically, this flaw occurs in the ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 5%CPEs: 6EXPL: 0CVE-2020-12066 – Debian Security Advisory 4763-1
https://notcve.org/view.php?id=CVE-2020-12066
22 Apr 2020 — CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. La función CServer::SendMsg en el archivo engine/server/server.cpp en Teeworlds versiones 0.7.x anteriores a 0.7.5, permite a atacantes remotos apagar el servidor. It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html • CWE-20: Improper Input Validation •