CVSS: 5.8EPSS: 1%CPEs: 60EXPL: 0CVE-2020-1935 – tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling
https://notcve.org/view.php?id=CVE-2020-1935
24 Feb 2020 — In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. En Apache Tomcat versiones 9.0.0.M1 hasta 9.0.30, versiones 8.5.0 hasta 8.5.50 y... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.8EPSS: 9%CPEs: 25EXPL: 0CVE-2019-17569 – tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling
https://notcve.org/view.php?id=CVE-2019-17569
24 Feb 2020 — The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. La refactorización presente en Apache Tomcat versiones 9.0.28 ha... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-8648 – kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c
https://notcve.org/view.php?id=CVE-2020-8648
06 Feb 2020 — There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. Red Hat Advanced Cluster Mana... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html • CWE-416: Use After Free •
CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0CVE-2013-3322
https://notcve.org/view.php?id=CVE-2013-3322
31 Jan 2020 — NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. NetApp OnCommand System Manager versión 2.1 y anteriores, permiten a atacantes remotos inyectar comandos arbitrarios en la interfaz Halt/Reboot. • https://exchange.xforce.ibmcloud.com/vulnerabilities/84063 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2013-3321
https://notcve.org/view.php?id=CVE-2013-3321
29 Jan 2020 — NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter. NetApp OnCommand System Manager versiones 2.1 y anteriores, permiten a atacantes remotos incluir archivos arbitrarios por medio de peticiones especialmente diseñadas en la página "diagnostic" utilizando el parámetro de ruta de registro SnapMirror. • https://exchange.xforce.ibmcloud.com/vulnerabilities/84062 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2013-3320 – NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-3320
29 Jan 2020 — Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields. Una vulnerabilidad de tipo Cross-site Scripting (XSS) en NetApp OnCommand System Manager versiones anteriores a 2.2, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de los campos "full-name" y "comment". • https://www.exploit-db.com/exploits/38507 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 53EXPL: 0CVE-2019-20330 – jackson-databind: lacks certain net.sf.ehcache blocking
https://notcve.org/view.php?id=CVE-2019-20330
03 Jan 2020 — FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. FasterXML jackson-databind versiones 2.x anteriores a la versión 2.9.10.2, carece de cierto bloqueo de net.sf.ehcache. Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire ... • https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2019-12418 – tomcat: local privilege escalation
https://notcve.org/view.php?id=CVE-2019-12418
23 Dec 2019 — When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance. Cuando Apache Tomcat 9.0.0.M1 hasta 9... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 49%CPEs: 28EXPL: 3CVE-2019-17571 – log4j: deserialization of untrusted data in SocketServer
https://notcve.org/view.php?id=CVE-2019-17571
20 Dec 2019 — Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Incluido en Log4j versión 1.2 existe una clase SocketServer que es vulnerable a la deserialización de datos no confiables, que pueden ser explotada para ejecutar código arbitrario remotamente cuando... • https://github.com/shadow-horse/CVE-2019-17571 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2019-19069 – Ubuntu Security Notice USN-4208-1
https://notcve.org/view.php?id=CVE-2019-19069
18 Nov 2019 — A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. Una pérdida de memoria en la función fastrpc_dma_buf_attach() en el archivo drivers/misc/fastrpc.c en el kernel de Linux versiones anteriores a la versión 5.3.9, permite a atacantes causar una denegación de servicio (consumo de memoria) al desencadenar fallos de la f... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 • CWE-401: Missing Release of Memory after Effective Lifetime •