CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15011 – mailman: arbitrary content injection via the private archive login page
https://notcve.org/view.php?id=CVE-2020-15011
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. GNU Mailman versiones anteriores a 2.1.33, permite una inyección de contenido arbitrario por medio de la página de inicio de sesión del archivo privado Cgi/private.py • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00063.html https://bugs.launchpad.net/mailman/+bug/1877379 https://lists.debian.org/debian-lts-announce/2020/06/msg00036.html https://lists.debian.org/debian-lts-announce/2020/07/msg00007.html https://usn.ubuntu.com/4406-1 https://www.debian.org/security/2021/dsa-4991 https://access.redhat.com/security/cve/CVE-2020-15011 https://bugzilla. • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-12861 – sane-backends: Heap buffer overflow in epsonds_net_read in epsonds-net.c
https://notcve.org/view.php?id=CVE-2020-12861
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. Un desbordamiento del búfer de la pila en SANE Backends versiones anteriores a 1.0.30, permite a un dispositivo malicioso conectado a la misma red local que la víctima ejecutar código arbitrario, también se conoce como GHSL-2020-080 A flaw was found in sane-backends in versions prior to 1.0.30. A heap buffer overflow in epsonds_net_read function could lead to a remote denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html http://packetstormsecurity.com/files/172841/SANE-Backends-Memory-Corruption-Code-Execution.html https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html https://securitylab.github.com/advisories/GHSL-2020-075-libsane https://usn.ubuntu.com/4470-1 https://access.redhat.com/security/cve/CVE-2020-12861 https://bugzilla.redhat.com/show_bug& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 14EXPL: 0CVE-2020-14954
https://notcve.org/view.php?id=CVE-2020-14954
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection." Mutt versiones anteriores a 1.14.4 y NeoMutt antes del 19-06-2020, presentan un problema de almacenamiento de STARTTLS que afecta a IMAP, SMTP y POP3. Cuando un servidor envía una respuesta "begin TLS", el cliente lee datos adicionales (por ejemplo, a partir de un atacante man-in-the-middle) y los evalúa en un contexto TLS, también se conoce como "response injection" • http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200615/000023.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00070.html http://www.mutt.org https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc https://github.com/neomutt/neomutt/releases/tag/20200619 https://gitlab.com/muttmua/mutt/-/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4 https://gitlab.com/muttmua/mutt/-/issues& • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.3EPSS: 0%CPEs: 11EXPL: 0CVE-2020-3350 – Cisco AMP for Endpoints and ClamAV Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3350
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working. Una vulnerabilidad en el software de endpoint de Cisco AMP para Endpoints y Clam AntiVirus, podría permitir a un atacante local autenticado causar que el software en ejecución elimine archivos arbitrarios en el sistema. • https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN https://security.gentoo.org/glsa/202007-23 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy https://usn.ubuntu.com/4435-1 https://usn.ubuntu.com/4435-2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-14396
https://notcve.org/view.php?id=CVE-2020-14396
An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. Se detectó un problema en LibVNCServer versiones anteriores a 0.9.13. La biblioteca libvncclient/tls_openssl.c presenta una desreferencia del puntero NULL • https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553 https://github.com/LibVNC/libvncserver/compare/LibVNCServer-0.9.12...LibVNCServer-0.9.13 https://usn.ubuntu.com/4434-1 • CWE-476: NULL Pointer Dereference •