CVSS: 9.8EPSS: 77%CPEs: 21EXPL: 4CVE-2017-17485 – jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)
https://notcve.org/view.php?id=CVE-2017-17485
10 Jan 2018 — FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. FasterXML jackson-databind hasta la versión 2.8.10 y 2.9.x hasta la 2.9.3 permite que se ejecute código de manera remota y ... • https://packetstorm.news/files/id/145805 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2017-12158 – keycloak: reflected XSS using HOST header
https://notcve.org/view.php?id=CVE-2017-12158
17 Oct 2017 — It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server. Se ha descubierto que Keycloak podría aceptar una URL de cabecera HOST en la consola de administración y emplearla para determinar localizaciones de recursos web. Un atacante podría usar este fallo contra un usuario autenticado para lograr un XSS reflejado mediante un servid... • http://www.securityfocus.com/bid/101618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2017-12159 – keycloak: CSRF token fixation
https://notcve.org/view.php?id=CVE-2017-12159
17 Oct 2017 — It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks. Se ha descubierto que la cookie empleada para la prevención de CSRF en Keycloak no era única para cada sesión. Un atacante podría usar este fallo para obtener acceso a una sesión de un usuario autenticado, conduciendo a una posible divulgación de información o a más ata... • http://www.securityfocus.com/bid/101601 • CWE-613: Insufficient Session Expiration •
CVSS: 7.5EPSS: 79%CPEs: 13EXPL: 0CVE-2017-13704
https://notcve.org/view.php?id=CVE-2017-13704
02 Oct 2017 — In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. En las versiones anteriores a la 2.78 de dnsmasq, si el tamaño del paquete DNS no coincide con el tamaño esperado, el parámetro size en una llamada memset obtiene un valor negativo. Como es un valor sin signo, memset acaba escribiend... • http://thekelleys.org.uk/dnsmasq/CHANGELOG • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 92%CPEs: 12EXPL: 2CVE-2017-14492 – Dnsmasq < 2.78 - Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14492
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario mediante una petición manipulada de anuncio de router IPv6. A heap buffer overflow was discovered in dnsmasq in... • https://packetstorm.news/files/id/144479 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 5%CPEs: 12EXPL: 3CVE-2017-14493 – Dnsmasq < 2.78 - Stack Overflow
https://notcve.org/view.php?id=CVE-2017-14493
02 Oct 2017 — Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. Un desbordamiento de búfer basado en pila en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario mediante una petición DHCPv6 manipulada. A stack buffer overflow was found in dnsmasq in the DHCPv6 code. An attacker on the local network could sen... • https://packetstorm.news/files/id/144473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 16%CPEs: 12EXPL: 2CVE-2017-14494 – Dnsmasq < 2.78 - Information Leak
https://notcve.org/view.php?id=CVE-2017-14494
02 Oct 2017 — dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. Las versiones anteriores a la 2.78 de dnsmasq, cuando se configuran como retransmisor, permiten que los atacantes remotos obtengan información sensible de la memoria mediante vectores relacionados con la gestión de peticiones DHCPv6 reenviadas. An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local netwo... • https://packetstorm.news/files/id/144471 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 16%CPEs: 21EXPL: 2CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
02 Oct 2017 — Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An intege... • https://packetstorm.news/files/id/144462 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 68%CPEs: 54EXPL: 4CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14491
02 Oct 2017 — Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replie... • https://packetstorm.news/files/id/144480 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 53%CPEs: 12EXPL: 2CVE-2017-14495 – Dnsmasq < 2.78 - Lack of free() Denial of Service
https://notcve.org/view.php?id=CVE-2017-14495
02 Oct 2017 — Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. Una fuga de memoria en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante vectores relacionados con la creació... • https://packetstorm.news/files/id/144468 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •