Page 7 of 45 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 1

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. SQLite versiones hasta 3.31.1, permite a atacantes causar una denegación de servicio (fallo de segmentación) por medio de una consulta de una función de window malformada porque la inicialización el objeto AggInfo es manejada inapropiadamente. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200416-0001 https://usn.ubuntu.com/4394-1 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security- • CWE-665: Improper Initialization •

CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. En SQLite versiones hasta 3.31.1, la implementación de ALTER TABLE presenta un uso de la memoria previamente liberada, como es demostrado por una cláusula ORDER BY que pertenece a una sentencia SELECT compuesta. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200416-0001 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.sqlite.org/src/info/d09f8c3621d5 • CWE-416: Use After Free •

CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 1

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server. En las versiones de PHP 7.2.x anterior a la versión 7.2.29, 7.3.x anterior a 7.3.16 y 7.4.x anterior a 7.4.4, mientras usa get_headers () con la URL suministrada por el usuario, si la URL contiene un carácter cero (\ 0), el La URL se truncará silenciosamente en ella. Esto puede hacer que algunos programas hagan suposiciones incorrectas sobre el objetivo de get_headers () y posiblemente envíen información a un servidor incorrecto. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html https://bugs.php.net/bug.php?id=79329 https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html https://security.netapp.com/advisory/ntap-20200403-0001 https://usn.ubuntu.com/4330-2 https://www.debian.org/security/2020/dsa-4717 https://www.debian.org/security/2020/dsa-4719 https://www.tenable.com/security/tns-2021-14 https://access.redhat.com/security/cve/CVE-2020-7066 https://bu • CWE-170: Improper Null Termination CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution. En PHP versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, mientras se usa la función mb_strtolower() con codificación UTF-32LE, determinadas cadenas no comprobadas pueden causar que PHP sobrescriba el búfer asignado de la pila. Esto podría conllevar a una corrupción de la memoria, bloqueos y potencialmente a una ejecución de código. A vulnerability was found in PHP while using the mb_strtolower() function with UTF-32LE encoding, where certain invalid strings cause PHP to overwrite the stack-allocated buffer. • https://bugs.php.net/bug.php?id=79371 https://security.netapp.com/advisory/ntap-20200403-0001 https://usn.ubuntu.com/4330-1 https://usn.ubuntu.com/4330-2 https://www.debian.org/security/2020/dsa-4719 https://www.oracle.com/security-alerts/cpuoct2021.html https://www.php.net/ChangeLog-7.php#7.4.4 https://www.tenable.com/security/tns-2021-14 https://access.redhat.com/security/cve/CVE-2020-7065 https://bugzilla.redhat.com/show_bug.cgi?id=1820627 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 1

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. En PHP versiones 7.2.x por debajo de 7.2.9, versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, al analizar datos EXIF ??con la función exif_read_data(), es posible que unos datos maliciosos causen que PHP lea un byte de memoria no inicializada. Esto podría potencialmente conllevar a una divulgación de información o a un bloqueo • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html https://bugs.php.net/bug.php?id=79282 https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html https://security.netapp.com/advisory/ntap-20200403-0001 https://usn.ubuntu.com/4330-1 https://usn.ubuntu.com/4330-2 https://www.debian.org/security/2020/dsa-4717 https://www.debian.org/security/2020/dsa-4719 https://www.oracle.com/security-alerts/cpujan2021.html https://www.tenable.com/ • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •