Page 55 of 400 results (0.015 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 2

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. FontInfoScanner::scanFonts en FontInfo.cc en Poppler 0.75.0 tiene una recursión infinita, que lleva a una llamada a la función de error en Error.cc. • https://gitlab.freedesktop.org/poppler/poppler/issues/752 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE https://research.loginsoft.com/bugs/1508 • CWE-674: Uncontrolled Recursion •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. En Apache HTTP Server 2.4, versiones 2.4.37 y 2.4.38, un error en mod_ssl al utilizar la verificación de certificados de cliente por ubicación con TLSv1.3 permitía a un cliente eludir las restricciones de control de acceso configuradas. A flaw was found in Apache HTTP Server 2.4 (releases 2.4.37 and 2.4.38). A bug in mod_ssl, when using per-location client certificate verification with TLSv1.3, allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. An attacker could perform various unauthorized actions after bypassing the restrictions. • http://www.openwall.com/lists/oss-security/2019/04/02/4 http://www.securityfocus.com/bid/107667 https://access.redhat.com/errata/RHSA-2019:0980 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40% • CWE-284: Improper Access Control •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. Se encontró un fallo en la forma en que samba implementó RPC endpoint, que emula la API de servicios de registro de Windows. Un atacante sin privilegios podría usar este defecto para crear un nuevo archivo de registro hive en cualquier lugar que tenga permisos Unix, lo que podría llevar a la creación de un nuevo archivo en el recurso compartido de Samba. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00106.html https://access.redhat.com/errata/RHSA-2019:1966 https://access.redhat.com/errata/RHSA-2019:1967 https://access.redhat.com/errata/RHSA-2019:2099 https://access.redhat.com/errata/RHSA-2019:3582 https://access.redhat.com/security/cve/cve-2019-3880 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3880 https://lists.debian.org/d • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1

In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker. En Roundcube Webmail en versiones anteriores a la 1.3.10, un atacante en posesión de correos electrónicos cifrados S/MIME o PGP puede envolverlos como subparte dentro de un correo electrónico multiparte diseñado. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html https://github.com/roundcube/roundcubemail/issues/6638 https://github.com/roundcube/roundcubemail/releases/tag/1.3.10 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFFMSO5WKEYSGMTZPZFF4ZADUJ57PRN5 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. En Pallets Jinja, en versiones anteriores a la 2.10.1, str.format_map permite un escape de sandbox. A flaw was found in Jinja. Python string formatting could allow an attacker to escape the sandbox. The highest threat from this vulnerability is to data confidentiality and integrity and system availability. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1152 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1329 https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apac • CWE-138: Improper Neutralization of Special Elements •