Page 40 of 2247 results (0.009 seconds)

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-18922 – libvncserver: websocket decoding buffer overflow

https://notcve.org/view.php?id=CVE-2017-18922

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. Se detectó que el archivo websockets.c en LibVNCServer versiones anteriores a 0.9.12, no decodificaba apropiadamente determinados tramas de WebSocket. Un atacante malicioso podría explotar esto mediante el envío de tramas de WebSocket especialmente diseñadas hacia un servidor, causando un desbordamiento del búfer en la región heap de la memoria A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html http://www.openwall.com/lists/oss-security/2020/06/30/3 https://bugzilla.redhat.com/show_bug.cgi?id=1852356 https://cer • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-15393

https://notcve.org/view.php?id=CVE-2020-15393

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. En el kernel de Linux versión 4.4 hasta la versión 5.7.6, la función usbtest_disconnect en el archivo drivers/usb/misc/usbtest.c presenta una pérdida de memoria, también se conoce como CID-28ebeb8db770 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=831eebad70a25f55b5745453ac252d4afe997187 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=28ebeb8db77035e058a510ce9bd17c2b9a009dba https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2020-4067 – Improper Initialization in coturn

https://notcve.org/view.php?id=CVE-2020-4067

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3. En coturn anterior a la versión 4.5.1.3, se presenta un problema por el cual el búfer de respuesta STUN/TURN no se inicializa apropiadamente. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15 https://github.com/coturn/coturn/issues/583 https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM https://lists.fedoraproject.org/archives/list/p • CWE-665: Improper Initialization •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2020-15305

https://notcve.org/view.php?id=CVE-2020-15305

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. Se detectó un problema en OpenEXR versiones anteriores a v2.5.2. La entrada no válida podría causar un uso de la memoria previamente liberada de la función DeepScanLineInputFile::DeepScanLineInputFile() en el archivo IlmImf/ImfDeepScanLineInputFile.cpp • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00048.html https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md https://github.com/AcademySoftwareFoundation/openexr/pull/730 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.2 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://li • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2020-15306

https://notcve.org/view.php?id=CVE-2020-15306

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. Se detectó un problema en OpenEXR versiones anteriores a v2.5.2. Los atributos chunkCount no válidos pueden causar un desbordamiento del búfer de la pila en la función getChunkOffsetTableSize() en el archivo IlmImf/ImfMisc.cpp • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00048.html https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md https://github.com/AcademySoftwareFoundation/openexr/pull/738 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.2 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://li • CWE-787: Out-of-bounds Write •