CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2012-6639
https://notcve.org/view.php?id=CVE-2012-6639
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. Se presenta una vulnerabilidad de elevación de privilegios en Cloud-init versiones anteriores a 0.7.0, cuando se envían peticiones a un sistema no confiable para datos de la instancia EC2. • http://www.openwall.com/lists/oss-security/2014/03/06/7 https://access.redhat.com/security/cve/cve-2012-6639 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6639 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6639 https://security-tracker.debian.org/tracker/CVE-2012-6639 https://www.securityfocus.com/bid/66019/references • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-19246 – oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
https://notcve.org/view.php?id=CVE-2019-19246
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. Oniguruma versiones hasta 6.9.3, como es usado en PHP versión 7.3.x y otros productos, presenta una lectura excesiva de búfer en la región heap de la memoria en la función str_lower_case_match en el archivo regexec.c. • https://bugs.php.net/bug.php?id=78559 https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V https://usn.ubuntu.com/4460-1 https://access.redhat.com/security/cve/CVE-2019-19246 https://bugzilla.redhat.com/show_bug.cgi?id=1777537 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2012-5644
https://notcve.org/view.php?id=CVE-2012-5644
libuser has information disclosure when moving user's home directory libuser, presenta una divulgación de información cuando se mueve el directorio de inicio de usuario. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html https://access.redhat.com/security/cve/cve-2012-5644 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5644 https://security-tracker.debian.org/tracker/CVE-2012-5644 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2012-5521
https://notcve.org/view.php?id=CVE-2012-5521
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal quagga (ospf6d) versión 0.99.21, presenta un fallo de tipo DoS en la manera en que el demonio ospf6d realiza la eliminación de rutas. • http://www.openwall.com/lists/oss-security/2012/11/13/14 http://www.securityfocus.com/bid/56530 https://access.redhat.com/security/cve/cve-2012-5521 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5521 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-5521 https://exchange.xforce.ibmcloud.com/vulnerabilities/80096 https://security-tracker.debian.org/tracker/CVE-2012-5521 • CWE-617: Reachable Assertion •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2014-6311
https://notcve.org/view.php?id=CVE-2014-6311
generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. El archivo generate_doygen.pl en ace versiones anteriores a 6.2.7 +dfsg-2, crea nombres de archivo predecibles en el directorio /tmp, lo que permite a atacantes conseguir privilegios elevados. • http://www.openwall.com/lists/oss-security/2014/09/11/5 http://www.openwall.com/lists/oss-security/2014/09/12/6 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760709 https://security-tracker.debian.org/tracker/CVE-2014-6311 • CWE-330: Use of Insufficiently Random Values •