CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-1700 – Ubuntu Security Notice USN-4304-1
https://notcve.org/view.php?id=CVE-2020-1700
07 Feb 2020 — A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system. Se encontró un fallo en la manera en que el front-end Ceph RGW Be... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00009.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2020-8608 – QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
https://notcve.org/view.php?id=CVE-2020-8608
06 Feb 2020 — In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. En libslirp versión 4.1.0, como es usado en QEMU versión 4.2.0, el archivo tcp_subr.c utiliza inapropiadamente los valores de retorno de snprintf, lo que conlleva a un desbordamiento del búfer en el código posterior. An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcp_emu() routine while emulating ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-8647 – kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
https://notcve.org/view.php?id=CVE-2020-8647
06 Feb 2020 — There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2 en la función vc_do_resize en el archivo drivers/tty/vt/vt.c. A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data struct... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-8648 – kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c
https://notcve.org/view.php?id=CVE-2020-8648
06 Feb 2020 — There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. Red Hat Advanced Cluster Mana... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 1CVE-2020-8649 – kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
https://notcve.org/view.php?id=CVE-2020-8649
06 Feb 2020 — There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función vgacon_invert_region en el archivo drivers/video/console/vgacon.c. A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console. An out-of-bounds r... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-7216
https://notcve.org/view.php?id=CVE-2020-7216
05 Feb 2020 — An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option. Una pérdida de memoria en la función ni_dhcp4_parse_response en openSUSE wicked versiones 0.6.55 y anteriores, permite a atacantes de red causar una denegación de servicio mediante el envío de paquetes DHCP4 sin una opción de tipo de mensaje. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00005.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-5208 – remote code execution vulnerability in ipmitool
https://notcve.org/view.php?id=CVE-2020-5208
05 Feb 2020 — It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. Se detectó que varias funciones en ipmitool versiones anteriores a 1.8.19, descuidan la comprobación apropiada de los datos recibidos desde una parte de la LAN remota,... • https://packetstorm.news/files/id/160875 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8632 – cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py
https://notcve.org/view.php?id=CVE-2020-8632
05 Feb 2020 — In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. En cloud-init versiones hasta 19.4, la función rand_user_password en el archivo cloudinit/config/cc_set_passwords.py posee un pequeño valor predeterminado de pwlen, lo que facilita a atacantes adivinar las contraseñas. A flaw was found in cloud-init, where it uses short passwords when generating a random password in new instances. Dep... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html • CWE-330: Use of Insufficiently Random Values CWE-521: Weak Password Requirements •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8631 – cloud-init: Use of random.choice when generating random password
https://notcve.org/view.php?id=CVE-2020-8631
05 Feb 2020 — cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. cloud-init versiones hasta 19.4 se basa en Mersenne Twister para una contraseña aleatoria, lo que facilita a atacantes predecir contraseñas, porque la función rand_str en el archivo cloudinit/util.py llama a la función random.choice. A flaw was found in cloud-init, where it uses the random.choice function w... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.5EPSS: 36%CPEs: 9EXPL: 0CVE-2019-12528 – squid: Information Disclosure issue in FTP Gateway
https://notcve.org/view.php?id=CVE-2019-12528
04 Feb 2020 — An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes. Se detectó un problema en Squid versiones anteriores a 4.10. Permite a un servidor FTP diseñado desencadenar una divulgación de información confidencial de la memoria de la pila, tal y como la información asociada con las sesiones de otros usuarios o procesos que no son de Squid. A flaw ... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00012.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •