CVSS: 6.2EPSS: 0%CPEs: 18EXPL: 0CVE-2024-5569 – Denial of Service via crafted zip file in jaraco/zipp
https://notcve.org/view.php?id=CVE-2024-5569
09 Jul 2024 — A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp... • https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-52168
https://notcve.org/view.php?id=CVE-2023-52168
03 Jul 2024 — The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. El controlador NTFS NtfsHandler.cpp en 7-Zip anterior a 24.01 (para 7zz) contiene un desbordamiento de búfer basado en montón que permite a un atacante sobrescribir dos bytes en múltiples desplazamientos más allá del tamaño de búfer asignado: búfer+512*i-2, para i =... • http://www.openwall.com/lists/oss-security/2024/07/03/10 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-52169
https://notcve.org/view.php?id=CVE-2023-52169
03 Jul 2024 — The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has security relevance in some known web-service use cases where untrusted users can upload files and have them extracted by a server-side 7-Zip process. El controlador NTFS NtfsHandler.cpp en 7-Zip anterior a 24.01 (para 7zz) contiene un... • http://www.openwall.com/lists/oss-security/2024/07/03/10 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-4467 – Qemu-kvm: 'qemu-img info' leads to host file read/write
https://notcve.org/view.php?id=CVE-2024-4467
02 Jul 2024 — A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. Se encontró una falla en el comando 'info' de la utilidad de imagen de disco QEMU (qemu-img). Un archivo de imagen especialmente manipulado que contenga un valor `json:{}` que des... • http://www.openwall.com/lists/oss-security/2024/07/23/2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-37370 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37370
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede modificar el campo Extra Count de texto plano de un token de envoltura GSS krb5 confidencial, lo que hace que el token desenvuelto aparezca truncado para la aplicación. A vulnerability was found in the MIT Kerberos 5 GSS k... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef •
CVSS: 9.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-37371 – krb5: GSS message token handling
https://notcve.org/view.php?id=CVE-2024-37371
28 Jun 2024 — In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. En MIT Kerberos 5 (también conocido como krb5) anterior a 1.21.3, un atacante puede provocar lecturas de memoria no válidas durante el manejo de tokens de mensajes GSS al enviar tokens de mensajes con campos de longitud no válidos. A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the pla... • https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2024-5642 – Buffer overread when using an empty list with SSLContext.set_npn_protocols()
https://notcve.org/view.php?id=CVE-2024-5642
27 Jun 2024 — CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured). CPython 3.9 y versiones anteriores no permiten la configuración de una lista ... • http://www.openwall.com/lists/oss-security/2024/06/28/4 •
CVSS: 7.7EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22232 – Specially crafted url can be created which leads to a directory traversal in the salt file server
https://notcve.org/view.php?id=CVE-2024-22232
27 Jun 2024 — A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem. Se puede crear una URL especialmente manipulada que conduzca a directory traversal en el servidor de archivos salt. Un usuario malintencionado puede leer un archivo arbitrario del sistema de archivos de un maestro Salt. A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious u... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-22231 – Syndic cache directory creation is vulnerable to a directory traversal attack
https://notcve.org/view.php?id=CVE-2024-22231
27 Jun 2024 — Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master. La creación de un directorio de caché síndico es vulnerable a un ataque de directory transversal en un proyecto Salt que puede llevar a un atacante malintencionado a crear un directorio arbitrario en un maestro Salt. Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a mal... • https://saltproject.io/security-announcements/2024-01-31-advisory • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2024-5953 – 389-ds-base: malformed userpassword hash may cause denial of service
https://notcve.org/view.php?id=CVE-2024-5953
18 Jun 2024 — A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. Se encontró una vulnerabilidad de denegación de servicio en el servidor LDAP 389-ds-base. Este problema puede permitir que un usuario autenticado provoque una denegación de servicio del servidor al intentar iniciar sesión con un usuario con un hash mal formado en su contraseña... • https://access.redhat.com/errata/RHSA-2024:4633 • CWE-1288: Improper Validation of Consistency within Input •