Page 48 of 1834 results (0.015 seconds)

CVSS: 9.3EPSS: 0%CPEs: 9EXPL: 1

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Al intentar conectarse a un servidor STUN, una condición de carrera podría haber causado un uso de la memoria previamente liberada de un puntero, conllevando a una corrupción de la memoria y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 68.10, Firefox versiones anteriores a 78 y Thunderbird versiones anteriores a 68.10.0 The Mozilla Foundation Security Advisory describes this flaw as: When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.html https://bugzilla.mozilla.org/show_bug.cgi?id=1643437 https://security.gentoo.org/glsa/202007-09 https://security.gentoo.org/glsa/202007-10 https://usn.ubuntu.com/4421-1 https://www.mozilla. • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. Cuando se llevan a cabo actualizaciones de add-on, las cadenas de certificados que terminan en non-built-in-roots fueron rechazadas (incluso si fueron agregadas legítimamente por un administrador). Esto podría haber causado que los add-ons se desactualicen silenciosamente sin notificación al usuario. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00049.html https://bugzilla.mozilla.org/show_bug.cgi?id=1308251 https://security.gentoo.org/glsa/202007-09 https://security.gentoo.org/glsa/202007-10 https://usn.ubuntu.com/4421-1 https://www.mozilla. • CWE-295: Improper Certificate Validation CWE-296: Improper Following of a Certificate's Chain of Trust •

CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0

A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. Se presenta una vulnerabilidad de salto de directorio en rack versiones anteriores a 2.2.0, que permite a un atacante realizar una vulnerabilidad de salto de directorio en la aplicación Rack::Directory que esta incorporada con Rack, lo que podría resultar en una divulgación de información A directory traversal vulnerability was found in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director managed by the Rack::Directory, this flaw allows an attacker to read the contents of files on the server outside of the root specified in the Rack::Directory initializer. The highest threat from this vulnerability is to confidentiality. • https://groups.google.com/g/rubyonrails-security/c/IOO1vNZTzPA https://hackerone.com/reports/434404 https://lists.debian.org/debian-lts-announce/2020/07/msg00006.html https://lists.debian.org/debian-lts-announce/2023/01/msg00038.html https://usn.ubuntu.com/4561-1 https://access.redhat.com/security/cve/CVE-2020-8161 https://bugzilla.redhat.com/show_bug.cgi?id=1838281 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-548: Exposure of Information Through Directory Listing •

CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. Se detectó que el archivo websockets.c en LibVNCServer versiones anteriores a 0.9.12, no decodificaba apropiadamente determinados tramas de WebSocket. Un atacante malicioso podría explotar esto mediante el envío de tramas de WebSocket especialmente diseñadas hacia un servidor, causando un desbordamiento del búfer en la región heap de la memoria A flaw was found in libvncserver. A heap-based buffer overflow within the websocket decoding functionality is possible, which can lead to exploitation by a malicious attacker to overwrite a function pointer. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00066.html http://www.openwall.com/lists/oss-security/2020/06/30/3 https://bugzilla.redhat.com/show_bug.cgi?id=1852356 https://cer • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. En el kernel de Linux versión 4.4 hasta la versión 5.7.6, la función usbtest_disconnect en el archivo drivers/usb/misc/usbtest.c presenta una pérdida de memoria, también se conoce como CID-28ebeb8db770 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00071.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00009.html https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=831eebad70a25f55b5745453ac252d4afe997187 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=28ebeb8db77035e058a510ce9bd17c2b9a009dba https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html https://lists.debian.org/debian-lts-announce/2020/10/msg00032 • CWE-401: Missing Release of Memory after Effective Lifetime •