Page 5 of 30 results (0.009 seconds)

CVSS: 7.5EPSS: 9%CPEs: 67EXPL: 1

CVE-2020-12243 – openldap: denial of service via nested boolean expressions in LDAP search filters

https://notcve.org/view.php?id=CVE-2020-12243

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). En el archivo filter.c en slapd en OpenLDAP versiones anteriores a 2.4.50, los filtros de búsqueda de LDAP con expresiones booleanas anidadas pueden resultar en una denegación de servicio (bloqueo del demonio). • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00016.html https://bugs.openldap.org/show_bug.cgi?id=9202 https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440 https://lists.debian.org/debian-lts-announce/2020/05/msg00001.html https://security.netapp.com/advisory/ntap-20200511-0003 https://support.apple.com/kb/HT211289 https://usn.ubuntu.com/4352-1 https&# • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •

CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1

CVE-2020-8648 – kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c

https://notcve.org/view.php?id=CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://bugzilla.kernel.org/show_bug.cgi?id=206361 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200924-0004 https://usn.ubuntu.com/4342-1 https://usn.ubuntu.com/4344-1 https://usn.ubuntu.com/4345-1 • CWE-416: Use After Free •

CVSS: 4.9EPSS: 0%CPEs: 42EXPL: 0

CVE-2019-19063 – kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS

https://notcve.org/view.php?id=CVE-2019-19063

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. Dos pérdidas de memoria en la función rtl_usb_probe() en el archivo drivers/net/wireless/realtek/rtlwifi/usb.c en el kernel de Linux versiones hasta la versión 5.3.11, permiten a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-3f9361695113. A flaw was found in the Linux kernel. The rtl_usb_probe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T https://seclists.org/bugtraq/2020/Jan • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0

CVE-2019-19061

https://notcve.org/view.php?id=CVE-2019-19061

A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. Una pérdida de memoria en la función adis_update_scan_mode_burst() en el archivo drivers/iio/imu/adis_buffer.c en el kernel de Linux versiones anteriores a 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-9c0530e898f3. • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873 https://security.netapp.com/advisory/ntap-20191205-0001 https://usn.ubuntu.com/4208-1 https://usn.ubuntu.com/4526-1 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 1%CPEs: 43EXPL: 0

CVE-2019-19060

https://notcve.org/view.php?id=CVE-2019-19060

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. Una pérdida de memoria en la función adis_update_scan_mode_burst() en el archivo drivers/iio/imu/adis_buffer.c en el kernel de Linux versiones anteriores a la versión 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria), también se conoce como CID-9c0530e898f3. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0 https://security.netapp.com/advisory/ntap-20191205-0001 https://usn.ubuntu.com/4208-1 https://usn.ubuntu.com/4210-1 https://usn.ubuntu.com/4226-1 https://usn.ubuntu.com/4364-1 • CWE-401: Missing Release of Memory after Effective Lifetime •