CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9189
https://notcve.org/view.php?id=CVE-2016-9189
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component. Pillow en versiones anteriores a 3.3.2 permite a atacantes dependientes de contexto obtener información sensible utilizando la aproximación "archivo de imagen manipulado", relacionado con un problema "Integer Overflow" que afecta a Image.core.map_buffer en el componente map.c. • http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html http://www.debian.org/security/2016/dsa-3710 http://www.securityfocus.com/bid/94234 https://github.com/python-pillow/Pillow/issues/2105 https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f https://security.gentoo.org/glsa/201612-52 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9190
https://notcve.org/view.php?id=CVE-2016-9190
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. Pillow en versiones anteriores a 3.3.2 permite a atacantes dependientes de contexto ejecutar código arbitrario utilizando la aproximación "archivo de imagen manipulado", relacionado con un problema "Insecure Sign Extension" que afecta a ImagingNew en el componente Storage.c. • http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html http://www.debian.org/security/2016/dsa-3710 http://www.securityfocus.com/bid/94234 https://github.com/python-pillow/Pillow/issues/2105 https://github.com/python-pillow/Pillow/pull/2146/commits/5d8a0be45aad78c5a22c8d099118ee26ef8144af https://security.gentoo.org/glsa/201612-52 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1000032
https://notcve.org/view.php?id=CVE-2016-1000032
TGCaptcha2 version 0.3.0 is vulnerable to a replay attack due to a missing nonce allowing attackers to use a single solved CAPTCHA multiple times. TGCaptcha2 en la versión 0.3.0 es vulnerable a ataques repetitivos debido a un nonce perdido que permite a atacantes usar un único CAPTCHA resuelto múltiples veces. • https://bugzilla.redhat.com/show_bug.cgi?id=1316083 https://patrick.uiterwijk.org/2016/03/09/fedora-spam-dwf-2016-89000 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 2%CPEs: 30EXPL: 1CVE-2016-5636 – python: Heap overflow in zipimporter module
https://notcve.org/view.php?id=CVE-2016-5636
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función get_data en zipimport.c en CPython (también conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones anteriores a 3.5.2 permite a atacantes remotos tener impacto no especificado a través de un valor de tamaño de datos negativo, lo que desencadena un desbordamiento de búfer basado en memoria dinámica. A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution. • https://github.com/insuyun/CVE-2016-5636 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://rhn.redhat.com/errata/RHSA-2016-2586.html http://www.openwall.com/lists/oss-security/2016/06/15/15 http://www.openwall.com/lists/oss-security/2016/06/16/1 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/91247 http://www.securitytracker.com/id/1038138 http://www.splunk.com/view/SP-CAAAP • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 45EXPL: 1CVE-2016-2183 – SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
https://notcve.org/view.php?id=CVE-2016-2183
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen una cota de cumpleaños de aproximadamente cuatro mil millones de bloques, lo que facilita a atacantes remotos obtener datos de texto plano a través de un ataque de cumpleaños contra una sesión cifrada de larga duración, según lo demostrado por una sesión HTTPS usando Triple DES en modo CBC, también conocido como un ataque "Sweet32". A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.h • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •