CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2020-14372 – grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
https://notcve.org/view.php?id=CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. Se encontró un fallo en grub2 en versiones anteriores a 2.06, donde habilita incorrectamente el uso del comando ACPI cuando Secure Boot está habilitado. • https://github.com/kukrimate/CVE-2020-14372 https://access.redhat.com/security/vulnerabilities/RHSB-2021-003 https://bugzilla.redhat.com/show_bug.cgi?id=1873150 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R https://security.gentoo.org/glsa/202104-05 https://security.netapp.com/advisory/ntap-20210416-0004 https://access.redhat.com/security/cve/CVE-2020-14372 • CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr.cpp. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html https://access.redhat.com/errata/RHSA-2020:0738 https://bugs.chromium.org/p/chromium/issues/detail?id=1044570 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://chromium.googlesource.com/chromium/deps/icu/+/9f4020916eb1f28f3666f018fdcbe6c9a37f0e08 https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca https://github.com/unicode-org/icu/pull/971 https://lists.debian • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 97%CPEs: 8EXPL: 7CVE-2020-6418 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-6418
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.122, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://www.exploit-db.com/exploits/48186 https://github.com/ChoKyuWon/CVE-2020-6418 https://github.com/Goyotan/CVE-2020-6418-PoC https://github.com/SivaPriyaRanganatha/CVE-2020-6418 http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.html https://access.redhat.com/errata/RHSA-2020:0738 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://crbug.com/1053604 https://lists.fedoraproject.org/archives/list/p • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2020-6386 – chromium-browser: Use after free in speech
https://notcve.org/view.php?id=CVE-2020-6386
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en speech en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://access.redhat.com/errata/RHSA-2020:0738 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html https://crbug.com/1043603 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP https://www.debian.org/security/2020/dsa-4638 https://access.redhat.com/security/cve/CVE-2020-6386 https:/ • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2020-6383 – chromium-browser: Type confusion in V8
https://notcve.org/view.php?id=CVE-2020-6383
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://access.redhat.com/errata/RHSA-2020:0738 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html https://crbug.com/1051017 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP https://www.debian.org/security/2020/dsa-4638 https://access.redhat.com/security/cve/CVE-2020-6383 https:/ • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •