Page 40 of 733 results (0.014 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

CVE-2019-19918

https://notcve.org/view.php?id=CVE-2019-19918

Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. Lout versión 3.40, presenta un desbordamiento de búfer en la región heap de la memoria en la función srcnext() en el archivo z02.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00069.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OXECUBSXEO7S3TCLSBCITLQIMOCL6MV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEJVEIQMRXJ26ZT • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 80%CPEs: 28EXPL: 2

CVE-2019-17571 – log4j: deserialization of untrusted data in SocketServer

https://notcve.org/view.php?id=CVE-2019-17571

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Incluido en Log4j versión 1.2 existe una clase SocketServer que es vulnerable a la deserialización de datos no confiables, que pueden ser explotada para ejecutar código arbitrario remotamente cuando se combina con un dispositivo de deserialización al escuchar el tráfico de red no confiable para datos de registro. Esto afecta a Log4j versiones desde 1.2 hasta 1.2.17. A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. • https://github.com/shadow-horse/CVE-2019-17571 https://github.com/Al1ex/CVE-2019-17571 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E https://lists.apache& • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

CVE-2019-19880 – sqlite: invalid pointer dereference in exprListAppendList in window.c

https://notcve.org/view.php?id=CVE-2019-19880

exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. La función exprListAppendList en el archivo window.c en SQLite versión 3.30.1, permite a atacantes desencadenar una desreferencia del puntero no válida porque los valores enteros constantes en las cláusulas ORDER BY de las definiciones de ventana son manejados inapropiadamente. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 https://security.netapp.com/advisory/ntap-20200114-0001 https://usn.ubuntu.com/4298-1 https • CWE-476: NULL Pointer Dereference •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-16779 – In RubyGem excon, interrupted Persistent Connections May Leak Response Data

https://notcve.org/view.php?id=CVE-2019-16779

In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this. En RubyGem excon versiones anteriores a 0.71.0, se presentó una condición de carrera alrededor de conexiones persistentes, donde una conexión que es interrumpida (tal y como, mediante un tiempo de espera) dejaría datos en el socket. Las peticiones posteriores entonces leerían estos datos y devolverían el contenido de la respuesta anterior. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00062.html https://github.com/excon/excon/commit/ccb57d7a422f020dc74f1de4e8fb505ab46d8a29 https://github.com/excon/excon/security/advisories/GHSA-q58g-455p-8vw9 https://lists.debian.org/debian-lts-announce/2020/01/msg00015.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-664: Improper Control of a Resource Through its Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2019-5164

https://notcve.org/view.php?id=CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability. Hay una vulnerabilidad de ejecución de código explotable en el binario ss-manager de Shadowsocks-libev versión 3.3.2. Unos paquetes de red especialmente diseñados enviados a ss-manager pueden causar que un binario arbitrario se ejecute, resultando en la ejecución de código y la escalada de privilegios. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html https://talosintelligence.com/vulnerability_reports/TALOS-2019-0958 • CWE-306: Missing Authentication for Critical Function •