CVSS: 5.3EPSS: 0%CPEs: 45EXPL: 1CVE-2021-22925 – curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure
https://notcve.org/view.php?id=CVE-2021-22925
22 Jul 2021 — curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly when... • http://seclists.org/fulldisclosure/2021/Sep/39 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2021-3612 – kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
https://notcve.org/view.php?id=CVE-2021-3612
09 Jul 2021 — An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de escritura en memoria fuera de límites en el kernel de Linux joystick devices subsystem en versiones ant... • https://bugzilla.redhat.com/show_bug.cgi?id=1974079 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2021-28691 – Ubuntu Security Notice USN-5050-1
https://notcve.org/view.php?id=CVE-2021-28691
29 Jun 2021 — Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux netback when the backend is destroyed, as the kernel thread associated with queue 0 will have already exited and thus the call to kthread_stop will be performed against a stale poi... • https://security.gentoo.org/glsa/202107-30 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 1CVE-2020-28097
https://notcve.org/view.php?id=CVE-2020-28097
24 Jun 2021 — The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85. El subsistema vgacon en el kernel de Linux versiones anteriores a 5.8.10, maneja inapropiadamente el desplazamiento de software. Se presenta una lectura fuera de límites en la función vgacon_scrolldelta, también se conoce como CID-973c096f6a85 • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.10 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 0CVE-2021-3541 – libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms
https://notcve.org/view.php?id=CVE-2021-3541
17 Jun 2021 — A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. Se ha encontrado un fallo en libxml2. Es posible un ataque de expansión exponencial de entidades omitiendo todos los mecanismos de protección existentes y conllevando a una denegación de servicio Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to m... • https://bugzilla.redhat.com/show_bug.cgi?id=1950515 • CWE-400: Uncontrolled Resource Consumption CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 5.3EPSS: 0%CPEs: 35EXPL: 1CVE-2021-22897
https://notcve.org/view.php?id=CVE-2021-22897
11 Jun 2021 — curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transpo... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-668: Exposure of Resource to Wrong Sphere CWE-840: Business Logic Errors •
CVSS: 9.8EPSS: 46%CPEs: 12EXPL: 0CVE-2021-26691 – Apache HTTP Server mod_session response handling heap overflow
https://notcve.org/view.php?id=CVE-2021-26691
10 Jun 2021 — In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow Apache HTTP Server versiones 2.4.0 a 2.4.46 , un parámetro SessionHeader especialmente diseñado enviado por un servidor de origen podría causar un desbordamiento de pila A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBo... • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2020-13938 – Improper Handling of Insufficient Privileges
https://notcve.org/view.php?id=CVE-2020-13938
10 Jun 2021 — Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows Apache HTTP Server versiones 2.4.0 a 2.4.46 Los usuarios locales sin privilegios pueden detener httpd en Windows • http://httpd.apache.org/security/vulnerabilities_24.html • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 548EXPL: 0CVE-2020-24486
https://notcve.org/view.php?id=CVE-2020-24486
09 Jun 2021 — Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. Una comprobación de entrada inapropiada en el firmware de algunos Intel® Processors puede permitir a un usuario autenticado permitir potencialmente una denegación de servicio por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 552EXPL: 0CVE-2020-12360
https://notcve.org/view.php?id=CVE-2020-12360
09 Jun 2021 — Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Una lectura fuera de límites en el firmware de algunos Intel® Processors puede permitir a un usuario autenticado permitir potencialmente una escalada de privilegios por medio de un acceso local • https://cert-portal.siemens.com/productcert/pdf/ssa-309571.pdf • CWE-125: Out-of-bounds Read •