Page 59 of 412 results (0.013 seconds)

CVSS: 8.5EPSS: 96%CPEs: 36EXPL: 2

CVE-2021-39144 – XStream Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2021-39144

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. XStream es una biblioteca sencilla para serializar objetos a XML y viceversa. • http://packetstormsecurity.com/files/169859/VMware-NSX-Manager-XStream-Unauthenticated-Remote-Code-Execution.html https://github.com/x-stream/xstream/security/advisories/GHSA-j9h8-phrw-h4fh https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7 https://lists.fedoraproject.org/ • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-306: Missing Authentication for Critical Function CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 4%CPEs: 40EXPL: 1

CVE-2021-29505 – XStream is vulnerable to a Remote Command Execution attack

https://notcve.org/view.php?id=CVE-2021-29505

XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. XStream es un software para serializar objetos Java a XML y viceversa. • https://github.com/MyBlackManba/CVE-2021-29505 https://github.com/x-stream/xstream/commit/24fac82191292c6ae25f94508d28b9823f83624f https://github.com/x-stream/xstream/security/advisories/GHSA-7chv-rrw6-w6fc https://lists.apache.org/thread.html/r8ee51debf7fd184b6a6b020dc31df25118b0aa612885f12fbe77f04f%40%3Cdev.jmeter.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/07/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP https://lists.f • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •

CVSS: 5.8EPSS: 0%CPEs: 136EXPL: 1

CVE-2021-29425 – Possible limited path traversal vulnerabily in Apache Commons IO

https://notcve.org/view.php?id=CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. En Apache Commons IO versiones anteriores a 2.7, Cuando se invoca el método FileNameUtils.normalize con una cadena de entrada inapropiada, como "//../foo" o "\\..\ foo", el resultado sería el mismo valor, por lo que posiblemente proporcionar acceso a archivos en el directorio principal, pero no más arriba (por lo tanto, salto de ruta "limited"), si el código de llamada usara el resultado para construir un valor de ruta • https://issues.apache.org/jira/browse/IO-556 https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E https:/ • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

CVE-2020-24368

https://notcve.org/view.php?id=CVE-2020-24368

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2. Icinga Icinga Web 2 versiones 2.0.0 hasta 2.6.4, 2.7.4 y 2.8.2, presenta una vulnerabilidad de Salto de Directorio que permite a un atacante acceder a archivos arbitrarios que son legibles por el proceso que ejecuta Icinga Web 2. Este problema se corrigió en Icinga Web 2 en versiones v2.6.4, v2.7.4 y v2.8.2. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00026.html https://github.com/Icinga/icingaweb2/blob/master/CHANGELOG.md https://github.com/Icinga/icingaweb2/issues/4226 https://icinga.com/2020/08/19/icinga-web-security-release-v2-6-4-v2-7-4-and-v2-8-2 https://lists.debian.org/debian-lts-announce/2020/08/msg00040.html https://security.gentoo.org/glsa/202208-05 https://www.debian.org/security/2020/dsa-4747 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-14147

https://notcve.org/view.php?id=CVE-2020-14147

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. Un desbordamiento de enteros en la función getnum en el archivo lua_struct.c en Redis versiones anteriores a 6.0.3, permite a atacantes dependiendo del contexto, con permiso para ejecutar el código Lua en una sesión de Redis, causar una denegación de servicio (corrupción de la memoria y bloqueo de la aplicación) o posiblemente omitir las restricciones del sandbox previstas por medio de un número grande, lo que desencadena un desbordamiento de búfer en la región stack de la pila. NOTA: este problema se presenta debido a una regresión de CVE-2015-8080 • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00058.html https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571 https://github.com/antirez/redis/pull/6875 https://security.gentoo.org/glsa/202008-17 https://www.debian.org/security/2020/dsa-4731 https://www.oracle.com/security-alerts/cpujan2021.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •