CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-13723 – chromium-browser: use-after-free in bluetooth
https://notcve.org/view.php?id=CVE-2019-13723
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebBluetooth en Google Chrome versiones anteriores a 78.0.3904.108, permitió a un atacante remoto, que había comprometido el proceso del renderizador, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html https://access.redhat.com/errata/RHSA-2019:3955 https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html https://crbug.com/1024121 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH https://security.gentoo.org/glsa/202003- • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2012-5630
https://notcve.org/view.php?id=CVE-2012-5630
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. libuser versiones 0.56 y 0.57, presenta una condición de carrera TOCTOU (de tiempo de comprobación y de tiempo de uso) cuando se copia y elimina árboles de directorios. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html https://access.redhat.com/security/cve/cve-2012-5630 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5630 https://security-tracker.debian.org/tracker/CVE-2012-5630 https://www.securityfocus.com/bid/59285 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-5521
https://notcve.org/view.php?id=CVE-2012-5521
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal quagga (ospf6d) versión 0.99.21, presenta un fallo de tipo DoS en la manera en que el demonio ospf6d realiza la eliminación de rutas. • http://www.openwall.com/lists/oss-security/2012/11/13/14 http://www.securityfocus.com/bid/56530 https://access.redhat.com/security/cve/cve-2012-5521 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521 https://exchange.xforce.ibmcloud.com/vulnerabilities/80096 https://security-tracker.debian.org/tracker/CVE-2012-5521 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0877
https://notcve.org/view.php?id=CVE-2012-0877
PyXML: Hash table collisions CPU usage Denial of Service PyXML: la CPU de colisiones de tablas hash usa una Denegación de Servicio • http://seclists.org/oss-sec/2014/q3/96 http://www.openwall.com/lists/oss-security/2014/07/08/11 https://access.redhat.com/security/cve/cve-2012-0877 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0877 https://security-tracker.debian.org/tracker/CVE-2012-0877 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-3585
https://notcve.org/view.php?id=CVE-2014-3585
redhat-upgrade-tool: Does not check GPG signatures when upgrading versions redhat-upgrade-tool: no comprueba las firmas GPG al actualizar versiones. • https://access.redhat.com/security/cve/cve-2014-3585 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3585 • CWE-347: Improper Verification of Cryptographic Signature •