Page 4 of 209 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

29 Sep 2020 — url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. El archivo url.cpp en libproxy versiones hasta 0.4.15, es propenso a un desbordamiento del búfer cuando PAC está habilitado, como es demostrado por un archivo PAC grande que es entregado sin un encabezado Content-length An update that fixes two vulnerabilities is now available. This update for libproxy fixes the following issues. Rewrote... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

10 Sep 2020 — An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability. Se presenta una vulnerabilidad de denegación de servicio explotable en la funcionalidad del demonio de atftpd de atftp versión 0.7.git20120829-3.1+b1. Una secuencia especialmente diseñada d... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00058.html • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1

09 Sep 2020 — url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. La función url::recvline en el archivo url.cpp en libproxy versiones 0.4.x hasta 0.4.15, permite a un servidor HTTP remoto activar una recursividad no controlada por medio de una respuesta compuesta por una transmisión infinita que carece de un carácter newline. Esto conlleva ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00030.html • CWE-674: Uncontrolled Recursion •

CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0

31 Aug 2020 — An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. Se detectó un problema en Flask-CORS (también se conoce como CORS Middleware para Flask) versiones anteriores a 3.0.9. Permite que un salto de directorios ../ acceda a recursos privados porque la coincidencia de recursos no garantiza que los nombres de ruta estén en un formato canó... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00028.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 21%CPEs: 4EXPL: 2

29 Aug 2020 — The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL. El componente Kleopatra versiones anteriores a 3.1.12 (y versiones anteriores a 20.07.80) para GnuPG, permite a atacantes remotos ejecutar código arbitrario porque las URL openpgp4fpr: son compatibles sin un manejo seguro... • https://github.com/SpiralBL0CK/CVE-2020-24972 • CWE-116: Improper Encoding or Escaping of Output •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

06 Aug 2020 — Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. Firejail versiones hasta 0.9.62, no respeta el indicador -- end-of-options después de la opción --output, lo que puede conllevar a una inyección de comandos Multiple vulnerabilities have been found in Firejail, the worst of which could result in the arbitrary execution of code. Versions less than 0.9.64 are affected. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00036.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •

CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 0

06 Aug 2020 — Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. Firejail versiones hasta 0.9.62, maneja inapropiadamente los metacaracteres de shell durante el uso de la opción --output o --output-stderr, lo que puede conllevar a una inyección de comandos Multiple vulnerabilities have been found in Firejail, the worst of which could result in the arbitrary execution of code. Versions less than 0.9.64 are affected. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00036.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

09 Jul 2020 — An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. Se encontró una vulnerabilidad de lectura fuera de límites en la implementación de red SLiRP del emulador QEMU. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00035.html • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

30 Jun 2020 — In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. En HylaFAX+ versiones hasta 7.0.2 y HylaFAX Enterprise, la utilidad de configuración del fax llama chown sobre archivos en directorios propiedad del usuario. Al ganar una carrera, un atacante local podría usar esto para escalar sus privilegios para root Multiple vulnerabilities have been found in HylaFAX,... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.8EPSS: 4%CPEs: 21EXPL: 0

30 Jun 2020 — It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. Se detectó que el archivo websockets.c en LibVNCServer versiones anteriores a 0.9.12, no decodificaba apropiadamente determinados tramas de WebSocket. Un atacante malicioso podría explotar esto mediante el envío de tramas de WebSocket especialmente diseñada... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00020.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •