CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 2CVE-2016-9928
https://notcve.org/view.php?id=CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets. MCabber versiones anteriores a 1.0.4, es vulnerable a los ataques de tipo roster push, lo que permite a atacantes remotos interceptar comunicaciones, o agregarse como una entidad en la lista de un tercero como otro usuario, que también obtendrá privilegios asociados, por medio de paquetes XMPP diseñados. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00130.html http://www.openwall.com/lists/oss-security/2016/12/11/2 http://www.openwall.com/lists/oss-security/2017/02/09/29 http://www.securityfocus.com/bid/94862 https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845258 https://bugzilla.redhat.com/show_bug.cgi?id=1403790 https://gultsch.de/gajim_roster_push_and_message_interception.html ht • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-8647 – kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
https://notcve.org/view.php?id=CVE-2020-8647
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2 en la función vc_do_resize en el archivo drivers/tty/vt/vt.c. A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html https://bugzilla.kernel.org/show_bug.cgi?id=206359 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://www.debian.org/security/2020/dsa-4698 https://access.redhat.com/security/cve/CVE-2020-8647 https://bugzilla.redhat.com/show_bug.cgi?id=1802563 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-2020-8648 – kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c
https://notcve.org/view.php?id=CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función n_tty_receive_buf_common en el archivo drivers/tty/n_tty.c. A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html https://bugzilla.kernel.org/show_bug.cgi?id=206361 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://security.netapp.com/advisory/ntap-20200924-0004 https://usn.ubuntu.com/4342-1 https://usn.ubuntu.com/4344-1 https://usn.ubuntu.com/4345-1 • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 1CVE-2020-8649 – kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
https://notcve.org/view.php?id=CVE-2020-8649
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. Se presenta una vulnerabilidad de uso de la memoria previamente liberada en el kernel de Linux versiones hasta 5.5.2, en la función vgacon_invert_region en el archivo drivers/video/console/vgacon.c. A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console. An out-of-bounds read can occur, leaking information to the console. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html https://bugzilla.kernel.org/show_bug.cgi?id=206357 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://www.debian.org/security/2020/dsa-4698 https://access.redhat.com/security/cve/CVE-2020-8649 https://bugzilla.redhat.com/show_bug.cgi?id=1802555 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1712 – systemd: use-after-free when asynchronous polkit queries are performed
https://notcve.org/view.php?id=CVE-2020-1712
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages. Se detectó una vulnerabilidad uso de la memoria previamente liberada de la pila en systemd versiones anteriores a v245-rc1, donde se llevaron a cabo consultas de Polkit asincrónicas mientras se manejan mensajes dbus. Un atacante no privilegiado local puede abusar de este fallo para bloquear los servicios de systemd o potencialmente ejecutar código y elevar sus privilegios, mediante el envío de mensajes dbus especialmente diseñados. A heap use-after-free vulnerability was found in systemd, where asynchronous Polkit queries are performed while handling dbus messages. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712 https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54 https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2 https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html https://www.openwall.com/lists/oss-security/2020/02/05/1 https://access.redhat.c • CWE-416: Use After Free •