CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 1CVE-2021-28957 – python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
https://notcve.org/view.php?id=CVE-2021-28957
21 Mar 2021 — An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3. Se ha descubierto una vulnerabilidad XSS en las versiones del módulo clean de python-lxml anteriores a la ve... • https://bugs.launchpad.net/lxml/+bug/1888153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0CVE-2021-23839 – Incorrect SSLv2 rollback protection
https://notcve.org/view.php?id=CVE-2021-23839
16 Feb 2021 — OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is present, because this i... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.9EPSS: 0%CPEs: 38EXPL: 2CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
16 Feb 2021 — The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never di... • https://github.com/Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20227 – Ubuntu Security Notice USN-4732-1
https://notcve.org/view.php?id=CVE-2021-20227
11 Feb 2021 — A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la funcionalidad de consulta SELECT de SQLite (src/select.c). Este fallo permite a un atacante que es capaz de ejecutar consultas SQL localmente en la base... • https://bugzilla.redhat.com/show_bug.cgi?id=1924886 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 1CVE-2021-3177 – python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
https://notcve.org/view.php?id=CVE-2021-3177
19 Jan 2021 — Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. Python versiones 3.x hasta 3.9.1, presenta un desbordamiento de búfer en la función PyCArg_repr en el archivo _ctypes/callproc.c, que puede conllevar a una ejecución de código remota en determina... • https://bugs.python.org/issue42938 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-26422 – Gentoo Linux Security Advisory 202101-12
https://notcve.org/view.php?id=CVE-2020-26422
21 Dec 2020 — Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file Un desbordamiento del búfer en el disector QUIC en Wireshark versiones 3.4.0 hasta 3.4.1, permite una denegación de servicio por medio de una inyección de paquetes o un archivo de captura diseñado Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.2 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26422.json • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-26418 – Gentoo Linux Security Advisory 202101-12
https://notcve.org/view.php?id=CVE-2020-26418
10 Dec 2020 — Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Una filtración de memoria en el disector de protocolo Kafka en Wireshark versión 3.4.0 y versiones 3.2.0 hasta 3.2.8, permite una Denegación de Servicio por medio de una inyección de paquetes o archivo de captura diseñado Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3... • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26418.json • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2020-26419 – Gentoo Linux Security Advisory 202101-12
https://notcve.org/view.php?id=CVE-2020-26419
10 Dec 2020 — Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. Una pérdida de memoria en el motor de disección de Wireshark versión 3.4.0, permite una Denegación de Servicio por medio de una inyección de paquetes o un archivo de captura diseñado Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.2 are affected. • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26419.json • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2020-26420 – Gentoo Linux Security Advisory 202101-12
https://notcve.org/view.php?id=CVE-2020-26420
10 Dec 2020 — Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Una filtración de memoria en el disector del protocolo RTPS en Wireshark versión 3.4.0 y versiones 3.2.0 hasta 3.2.8, permite una Denegación de Servicio por medio de una inyección de paquetes o archivo de captura diseñado Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.... • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26420.json • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2020-26421 – Gentoo Linux Security Advisory 202101-12
https://notcve.org/view.php?id=CVE-2020-26421
10 Dec 2020 — Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Un fallo en el disector del protocolo USB HID y posiblemente en otros disectores en Wireshark versión 3.4.0 y versiones 3.2.0 hasta 3.2.8, permite una Denegación de Servicio por medio de una inyección de paquetes o archivo de captura diseñado Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a De... • https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26421.json • CWE-125: Out-of-bounds Read •