CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10232
https://notcve.org/view.php?id=CVE-2020-10232
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c. En la versión 4.8.0 y anteriores de The Sleuth Kit (TSK), se presenta una vulnerabilidad de desbordamiento del búfer de la pila en la lógica de análisis de marca de tiempo de archivo YAFFS en la función yaffsfs_istat() en el archivo fs/yaffs.c. • https://github.com/sleuthkit/sleuthkit/commit/459ae818fc8dae717549810150de4d191ce158f1 https://lists.debian.org/debian-lts-announce/2020/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/06/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5EY53OYU7UZLAJWNIVVNR3EX2RNCCFTB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQR2QY3IAF2IG6HGBSKGL66VUDOTC3OA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorap • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 83%CPEs: 361EXPL: 0CVE-2020-10188 – telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
https://notcve.org/view.php?id=CVE-2020-10188
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. El archivo utility.c en telnetd en netkit telnet versiones hasta 0.17, permite a atacantes remotos ejecutar código arbitrario por medio de escrituras cortas o datos urgentes, debido a un desbordamiento del búfer que involucra a las funciones netclear y nextitem. A vulnerability was found where incorrect bounds checks in the telnet server’s (telnetd) handling of short writes and urgent data, could lead to information disclosure and corruption of heap data. An unauthenticated remote attacker could exploit these bugs by sending specially crafted telnet packets to achieve arbitrary code execution in the telnet server. • https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html https://github.com/krb5/krb5-appl/blob/d00cd671dfe945791b33d4f1f6a5c57ae1667ef8/telnet/telnetd/utility.c#L205-L216 https://lists.debian.org/debian-lts-announce/2020/05/msg00012.html https://lists.debian.org/debian-lts-announce/2020/08/msg00038.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7FMTRRQTYKWZD2GMXX3GLZV46OLPCLVK https://lists.fedoraproject.org/archives/list/package-announce%40l • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-20503 – usrsctp: Out of bounds reads in sctp_load_addresses_from_init()
https://notcve.org/view.php?id=CVE-2019-20503
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. usrsctp versiones anteriores al 20-12-2019, presenta lecturas fuera de límites en la función sctp_load_addresses_from_init. The Mozilla Foundation Security Advisory describes this flaw as: The inputs to `sctp_load_addresses_from_init` are verified by `sctp_arethere_unrecognized_parameters`; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a chunk. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html http://seclists.org/fulldisclosure/2020/May/49 http://seclists.org/fulldisclosure/2020/May/52 http://seclists.org/fulldisclosure/2020/May/55 http://seclists.org/fulldisclosure/2020/May/59 https:/ • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-9549
https://notcve.org/view.php?id=CVE-2020-9549
In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. En PDFResurrect versiones 0.12 hasta 0.19, en la función get_type en el archivo pdf.c presenta una escritura fuera de límites por medio de un documento PDF diseñado. • https://github.com/enferex/pdfresurrect/issues/8 https://lists.debian.org/debian-lts-announce/2020/03/msg00007.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 59EXPL: 0CVE-2020-9546 – jackson-databind: Serialization gadgets in shaded-hikari-config
https://notcve.org/view.php?id=CVE-2020-9546
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4 maneja inapropiadamente la interacción entre la serialización de gadgets y el tipeo, relacionada a org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (también se conoce como shaded hikari-config). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/FasterXML/jackson-databind/issues/2631 https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1%40%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb%40%3Cissues.zookeeper.apache.org%3E https:&# • CWE-502: Deserialization of Untrusted Data •