CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36328 – libwebp: heap-based buffer overflow in WebPDecode*Into functions
https://notcve.org/view.php?id=CVE-2020-36328
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en libwebp en versiones anteriores a 1.0.1. Un desbordamiento del búfer en la región heap de la memoria en la función WebPDecodeRGBInto es posible debido a una verificación no válida del tamaño del búfer. • http://seclists.org/fulldisclosure/2021/Jul/54 https://bugzilla.redhat.com/show_bug.cgi?id=1956829 https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html https://security.netapp.com/advisory/ntap-20211112-0001 https://support.apple.com/kb/HT212601 https://www.debian.org/security/2021/dsa-4930 https://access.redhat.com/security/cve/CVE-2020-36328 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-20201 – spice: Client initiated renegotiation denial of service
https://notcve.org/view.php?id=CVE-2021-20201
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. Se encontró un fallo en spice en versiones anteriores a 0.14.92. Una herramienta DoS podría facilitar a atacantes remotos causar una denegación de servicio (consumo de CPU) al llevar a cabo muchas renegociaciones dentro de una sola conexión A flaw was found in spice. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. • https://blog.qualys.com/product-tech/2011/10/31/tls-renegotiation-and-denial-of-service-attacks https://bugzilla.redhat.com/show_bug.cgi?id=1921846 https://security.gentoo.org/glsa/202208-10 https://access.redhat.com/security/cve/CVE-2021-20201 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27769
https://notcve.org/view.php?id=CVE-2020-27769
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. En ImageMagick versiones anteriores a 7.0.9-0, están fuera del rango de valores representables de tipo "float" en el archivo MagickCore/quantize.c • https://bugzilla.redhat.com/show_bug.cgi?id=1894690 https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0CVE-2021-20292
https://notcve.org/view.php?id=CVE-2021-20292
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Se presenta un fallo reportado en el kernel de Linux en versiones anteriores a 5.9, en el archivo drivers/gpu/drm/nouveau/nouveau_sgdma.c en la función nouveau_sgdma_create_ttm en el subsistema Nouveau DRM. El problema es debido a una falta de comprobación de la existencia de un objeto antes de llevar a cabo operaciones en el objeto. • https://bugzilla.redhat.com/show_bug.cgi?id=1939686 https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html • CWE-416: Use After Free •