Page 49 of 245 results (0.016 seconds)

CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en _bfd_archive_64_bit_slurp_armap en archive64.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24236 https://support.f5.com/csp/article/K42059040 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •

CVSS: 6.1EPSS: 0%CPEs: 56EXPL: 3

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. En Bootstrap, en versiones anteriores a la 3.4.1 y versiones 4.3.x anteriores a la 4.3.1, es posible Cross-Site Scripting (XSS) en los atributos de data-template tooltip o popover. A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired. • https://github.com/Thampakon/CVE-2019-8331 https://github.com/ossf-cve-benchmark/CVE-2019-8331 https://github.com/Snorlyd/https-nj.gov---CVE-2019-8331 http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html http://seclists.org/fulldisclosure/2019/May/10 http://seclists.org/fulldisclosure/2019/May/11 http://seclists.org/fulldisclosure/2019/May/13 http://www.securityfocus.com/bid/107375 https://access.redhat.com/errata/RHSA-2019:1456 https://access.re • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 52EXPL: 0

On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps. En versiones 11.2.1. y posteriores, el acceso a los archivos de instantánea sin restricciones permite que un usuario del sistema BIG-IP con cualquier rol, incluyendo Guest, tenga acceso y descargue archivos de captura previamente generados y disponibles en la utilidad de configuración de BIG-IP, como QKView y TCPDumps. • http://www.securityfocus.com/bid/106380 https://support.f5.com/csp/article/K53620021 https://support.f5.com/csp/article/K53620021?utm_source=f5support&amp%3Butm_medium=RSS • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 1

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. La función inode_init_owner en fs/inode.c en el kernel de Linux hasta la versión 3.16 permite a los usuarios locales crear archivos con una propiedad de grupo no deseada, en un escenario donde un directorio es SGID a un cierto grupo y es escribible por un usuario que no es miembro de ese grupo. • https://www.exploit-db.com/exploits/45033 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 http://openwall.com/lists/oss-security/2018/07/13/2 http://www.securityfocus.com/bid/106503 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2018:3083 https://access.redhat.com/errata/RHSA-2018:3096 https://access.redhat.com/errata/RHSA-2019:0717 https://access.redhat.com/errata/RHSA- • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •