Page 65 of 3107 results (0.014 seconds)

CVSS: 9.1EPSS: 1%CPEs: 16EXPL: 1

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash. Al procesar ciertos archivos, la extensión PHP EXIF en las versiones 7.1.x anteriores a la 7.1.28, 7.2.x anteriores a la 7.2.17 y 7.3.x anteriores a la 7.3.4 puede hacer que se lea el búfer asignado en la función exif_iif_add_value. Esto puede conducir a la revelación de información o a un cierre inesperado. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=77831 https://lists.debian.org/debian-lts-announce/2019/05/msg0 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 1%CPEs: 16EXPL: 0

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. Al procesar ciertos archivos, la extensión PHP EXIF en las versiones 7.1.x anteriores a la 7.1.28, 7.2.x anteriores a la 7.2.17 y 7.3.x anteriores a la 7.3.4 puede hacer que se lea el buffer asignado en la función exif_process_IFD_TAG. Esto puede conducir a la revelación de información o a un cierre inesperado. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=77753 https://lists.debian.org/debian-lts-announce/2019/05/msg0 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 0

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. libxslt hasta la versión 1.1.33 permite omitir los mecanismos de protección debido a que los callers xsltCheckRead y xsltCheckWrite permiten acceso incluso después de recibir el código de error -1. xsltCheckRead puede devolver -1 para una URL creada que no es realmente inválida y que se carga posteriormente. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html http://www.openwall.com/lists/oss-security/2019/04/22/1 http://www.openwall.com/lists/oss-security/2019/04/23/5 https • CWE-284: Improper Access Control •

CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. En Pallets Jinja, en versiones anteriores a la 2.10.1, str.format_map permite un escape de sandbox. A flaw was found in Jinja. Python string formatting could allow an attacker to escape the sandbox. The highest threat from this vulnerability is to data confidentiality and integrity and system availability. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1152 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1329 https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apac • CWE-138: Improper Neutralization of Special Elements •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. En Apache HTTP Server 2.4 versión 2.4.38 y anteriores, una condición de carrera en mod_auth_digest cuando se ejecuta en un servidor multihilo podría permitir a un usuario con credenciales válidas autenticarse usando otro nombre de usuario, evitando las restricciones de control de acceso configuradas. A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html http://www.openwall.com/lists/oss-security/2019/04/02/5 http://www.securityfocus.com/bid/107668 https://access.redhat.com/errata/RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:3932 https://access.red • CWE-284: Improper Access Control CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •