CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0305 – kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c
https://notcve.org/view.php?id=CVE-2020-0305
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 En la función cdev_get del archivo char_dev.c, se presenta un posible uso de la memoria previamente liberada debido a una condición de carrera. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System necesarios. No es necesaria una interacción del usuario para su explotación. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html https://source.android.com/security/bulletin/pixel/2020-06-01 https://access.redhat.com/security/cve/CVE-2020-0305 https://bugzilla.redhat.com/show_bug.cgi?id=1860065 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14039
https://notcve.org/view.php?id=CVE-2020-14039
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete. En Go versiones anteriores a 1.13.13 y versiones 1.14.x anteriores a 1.14.5, Certificate.Verify puede carecer de una comprobación en los requisitos VerifyOptions.KeyUsages EKU (si VerifyOptions.Roots es igual a cero y la instalación está en Windows). Entonces, la verificación del certificado X.509 está incompleta • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html https://groups.google.com/forum/#%21forum/golang-announce https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w https://security.netapp.com/advisory/ntap-20200731-0005 https://www.ora • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 1%CPEs: 10EXPL: 0CVE-2020-15586 – golang: data race in certain net/http servers including ReverseProxy can lead to DoS
https://notcve.org/view.php?id=CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. Go versiones anteriores a 1.13.13 y versiones 1.14.x anteriores a 1.14.5, presenta una carrera de datos en algunos servidores net/http, como es demostrado por el Manejador httputil.ReverseProxy, porque lee un cuerpo de petición y escribe una respuesta al mismo tiempo A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g https://lists.debian.org/debian-lts-announce/2020/11/msg00037& • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 4%CPEs: 18EXPL: 0CVE-2020-15803
https://notcve.org/view.php?id=CVE-2020-15803
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. Zabbix versiones anteriores a 3.0.32rc1, versiones 4.x anteriores a 4.0.22rc1, versiones 4.1.x hasta 4.4.x anteriores a 4.4.10rc1 y versiones 5.x anteriores a 5.0.2rc1, permite un ataque de tipo XSS almacenado en el widget URL • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2020-15780 – kernel: lockdown: bypass through ACPI write via acpi_configfs
https://notcve.org/view.php?id=CVE-2020-15780
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. Se detectó un problema en el archivo drivers/acpi/acpi_configfs.c en el kernel de Linux versiones anteriores a 5.7.7. Una inyección de tablas ACPI maliciosas por medio de configfs podría ser usada por atacantes para omitir el bloqueo y asegurar las restricciones de arranque, también se conoce como CID-75b0cea7bf30 A flaw was found in how the ACPI table loading through acpi_configfs was handled when the kernel was locked down. This flaw allows a (root) privileged local user to circumvent the kernel lockdown restrictions. • https://github.com/Annavid/CVE-2020-15780-exploit http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00047.html http://www.openwall.com/lists/oss-security/2020/07/20/7 http://www.openwall.com/lists/oss-security/2020/07/29/3 http://www.openwall.com/lists/oss-security/2020/07/30/2 http://www.openwall.com/lists/oss-security/2020/07/30/3 https://cdn.kernel.org/pub/linux/kernel&# • CWE-284: Improper Access Control CWE-862: Missing Authorization •