CVSS: 7.5EPSS: 45%CPEs: 8EXPL: 1CVE-2019-11287 – RabbitMQ Web Management Plugin DoS via heap overflow
https://notcve.org/view.php?id=CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing. Pivotal RabbitMQ, versiones 3.7.x anteriores a 3.7.21 y versiones 3.8.x anteriores a 3.8.1, y RabbitMQ para Pivotal Platform, versiones 1.16.x anteriores a 1.16.7 y versiones 1.17.x versiones anteriores a 1.17.4, contienen un plugin de administración web que es vulnerable a un ataque de denegación de servicio. El encabezado "X-Reason" de HTTP puede ser aprovechado para insertar una cadena de formato Erlang maliciosa que expandirá y consumirá la pila, resultando en el bloqueo del servidor. A resource-consumption flaw was identified in the rabbitmq-server web management plugin. • https://access.redhat.com/errata/RHSA-2020:0078 https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-11287-DoS%20via%20Heap%20Overflow-RabbitMQ%20Web%20Management%20Plugin https://lists.debian.org/debian-lts-announce/2021/07/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEQ6O7PMNJKYFMQYHAB55L423GYK63SO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYTGR3D5FW2O25RXZOTIZMOD2HAUVBE4 https://pivotal.io/security/cve-2 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-18622
https://notcve.org/view.php?id=CVE-2019-18622
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature. Se detectó un problema en phpMyAdmin versiones anteriores a 4.9.2. Se puede utilizar un nombre de base de datos/tabla diseñado para desencadenar un ataque de inyección SQL por medio de la funcionalidad designer. • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA4DGF7KTQS6WA2DRNJSW66L43WB7LRV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5GW4KEMNCBQYZCIXEJYC42OEBBN2NSH https://security.gentoo.org/glsa/202003-39 https://www.phpmyadmin.net/security/PMASA-2019-5 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 1CVE-2015-7810
https://notcve.org/view.php?id=CVE-2015-7810
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files La clase libbluray MountManager presenta una carrera de tiempo de comprobación y tiempo de uso (TOCTOU) cuando se expanden archivos JAR. • http://www.openwall.com/lists/oss-security/2015/10/12/7 http://www.securityfocus.com/bid/72769 https://access.redhat.com/security/cve/cve-2015-7810 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7810 https://security-tracker.debian.org/tracker/CVE-2015-7810 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 3CVE-2019-19203 – oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c
https://notcve.org/view.php?id=CVE-2019-19203
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. Se detectó un problema en Oniguruma versiones 6.x anteriores a 6.9.4_rc2. En la función gb18030_mbc_enc_len en el archivo gb18030.c, un puntero UChar es desreferenciado sin comprobar si pasó el final de la cadena coincidente. • https://github.com/ManhNDd/CVE-2019-19203 https://github.com/tarantula-team/CVE-2019-19203 https://github.com/kkos/oniguruma/issues/163 https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL https://access.redhat.com/security/cve/CVE-2019-19203 https://bu • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 3CVE-2019-19204 – oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c
https://notcve.org/view.php?id=CVE-2019-19204
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. Se detectó un problema en Oniguruma versiones 6.x anteriores a 6.9.4_rc2. En la función fetch_interval_quantifier (anteriormente conocida como fetch_range_quantifier) ?? • https://github.com/ManhNDd/CVE-2019-19204 https://github.com/tarantula-team/CVE-2019-19204 https://github.com/kkos/oniguruma/issues/162 https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2 https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL ht • CWE-125: Out-of-bounds Read •