CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2022-48624 – less: missing quoting of shell metacharacters in LESSCLOSE handling
https://notcve.org/view.php?id=CVE-2022-48624
19 Feb 2024 — close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. close_altfile en filename.c en less antes de 606 omite las llamadas shell_quote para LESSCLOSE. A flaw was found in less. The close_altfile() function in filename.c omits shell_quote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system. • https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 20EXPL: 0CVE-2024-1488 – Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
https://notcve.org/view.php?id=CVE-2024-1488
15 Feb 2024 — A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether. Se encontr... • https://access.redhat.com/errata/RHSA-2024:1750 • CWE-15: External Control of System or Configuration Setting •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46049
https://notcve.org/view.php?id=CVE-2023-46049
29 Jan 2024 — LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to llvm-lto. NOTE: this is disputed because the relationship between pdflatex.fmt and any LLVM language front end is not explained, and because a crash of the llvm-lto application should be categorized as a usability problem. LLVM 15.0.0 tiene una desreferencia de puntero NULL en la función parseOneMetadata() a través de un archivo pdflatex.fmt modificado (o quizás un ... • http://seclists.org/fulldisclosure/2024/Jan/66 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 14EXPL: 0CVE-2023-39804
https://notcve.org/view.php?id=CVE-2023-39804
11 Dec 2023 — In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. En GNU tar anterior a 1.35, los atributos de extensión mal manejados en un archivo PAX pueden provocar un bloqueo de la aplicación en xheader.c. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079 •
CVSS: 10.0EPSS: 0%CPEs: 39EXPL: 0CVE-2023-44446 – GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-44446
15 Nov 2023 — GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://gstreamer.freedesktop.org/security/sa-2023-0010.html • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31631 – php: PDO:: quote() may return unquoted string due to an integer overflow
https://notcve.org/view.php?id=CVE-2022-31631
23 Jan 2023 — A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. php: PDO::quote() may return unquoted string due to an integer overflow • https://access.redhat.com/security/cve/CVE-2022-31631 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-34981 – Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-34981
21 Oct 2021 — Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CMTP module. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. • https://www.zerodayinitiative.com/advisories/ZDI-21-1223 • CWE-415: Double Free •