CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2024-6655 – Gtk3: gtk2: library injection from cwd
https://notcve.org/view.php?id=CVE-2024-6655
16 Jul 2024 — A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges. • https://access.redhat.com/errata/RHSA-2024:6963 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 1CVE-2024-3596 – RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.
https://notcve.org/view.php?id=CVE-2024-3596
09 Jul 2024 — RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. El protocolo RADIUS según RFC 2865 es susceptible a ataques de falsificación por parte de un atacante local que puede modificar cualquier respuesta válida (acceso-aceptación, acceso-rechazo o acceso-desafío) a cualquier otra respuesta... • https://github.com/alperenugurlu/CVE-2024-3596-Detector • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-328: Use of Weak Hash CWE-354: Improper Validation of Integrity Check Value CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-4467 – Qemu-kvm: 'qemu-img info' leads to host file read/write
https://notcve.org/view.php?id=CVE-2024-4467
02 Jul 2024 — A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. Se encontró una falla en el comando 'info' de la utilidad de imagen de disco QEMU (qemu-img). Un archivo de imagen especialmente manipulado que contenga un valor `json:{}` que des... • http://www.openwall.com/lists/oss-security/2024/07/23/2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 32EXPL: 0CVE-2024-37370 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37370
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede modificar el campo Extra Count de texto plano de un token de envoltura GSS krb5 confidencial, lo que hace que el token desenvuelto aparezca truncado para la aplicación. A vulnerability was found in the MIT Kerberos 5 GSS k... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-37371 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37371
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede provocar lecturas de memoria no válidas durante el manejo de tokens de mensajes GSS al enviar tokens de mensajes con campos de longitud no válidos. A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the pla... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef • CWE-125: Out-of-bounds Read •
CVSS: 7.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22232 – Specially crafted url can be created which leads to a directory traversal in the salt file server
https://notcve.org/view.php?id=CVE-2024-22232
27 Jun 2024 — A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem. Se puede crear una URL especialmente manipulada que conduzca a directory traversal en el servidor de archivos salt. Un usuario malintencionado puede leer un archivo arbitrario del sistema de archivos de un maestro Salt. A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious u... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22231 – Syndic cache directory creation is vulnerable to a directory traversal attack
https://notcve.org/view.php?id=CVE-2024-22231
27 Jun 2024 — Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master. La creación de un directorio de caché síndico es vulnerable a un ataque de directory transversal en un proyecto Salt que puede llevar a un atacante malintencionado a crear un directorio arbitrario en un maestro Salt. Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a mal... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-5953 – 389-ds-base: malformed userpassword hash may cause denial of service
https://notcve.org/view.php?id=CVE-2024-5953
18 Jun 2024 — A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. Se encontró una vulnerabilidad de denegación de servicio en el servidor LDAP 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una denegación de servicio del servidor al intentar iniciar sesión con un usuario con un hash mal formado en su contraseña... • https://access.redhat.com/errata/RHSA-2024:4633 • CWE-1288: Improper Validation of Consistency within Input •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-37535 – Ubuntu Security Notice USN-6833-1
https://notcve.org/view.php?id=CVE-2024-37535
09 Jun 2024 — GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. GNOME VTE anterior a 0.76.3 permite a un atacante provocar una denegación de servicio (consumo de memoria) mediante una secuencia de escape de cambio de tamaño de ventana, un problema relacionado con CVE-2000-0476. Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this... • http://www.openwall.com/lists/oss-security/2024/06/09/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.0EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1298 – Integer Overflow caused by divide by zero during S3 suspension
https://notcve.org/view.php?id=CVE-2024-1298
30 May 2024 — EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a loss of Availability. EDK2 contiene una vulnerabilidad cuando se activa la suspensión de S3 donde un atacante puede causar una división por cero debido a un desbordamiento de UNIT32 a través del acceso local. Una explotación exitosa de esta vulnerabilidad puede provocar una pérdida de disponibilidad. A divi... • https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53 • CWE-369: Divide By Zero •