CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5775 – chromium-browser: Insufficient policy enforcement in Omnibox
https://notcve.org/view.php?id=CVE-2019-5775
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. La gestión incorrecta de un carácter fácil de confundir en Omnibox en Google Chrome, en versiones anteriores a la 72.0.3626.81, permitía que un atacante remoto suplante el contenido del Omnibox (barra de URL) mediante un nombre de dominio manipulado. • http://www.securityfocus.com/bid/106767 https://access.redhat.com/errata/RHSA-2019:0309 https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html https://crbug.com/896722 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVFHYCJGMZQUKYSIE2BXE4NLEGFGUXU5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQOP53LXXPRGD4N5OBKGQTSMFXT32LF6 https://www.debian.org/security/2019/dsa-4395 https://access.redhat.com&# •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-6975
https://notcve.org/view.php?id=CVE-2019-6975
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. Django, en versiones 1.11.x anteriores a la 1.11.19, versiones 2.0.x anteriores a la 2.0.11 y versiones 2.1.x anteriores a la 2.1.6, permite el consumo incontrolado de memoria mediante un valor malicioso proporcionado por el atacante a la función django.utils.numberformat.format(). • http://www.securityfocus.com/bid/106964 https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/WTwEAprR0IQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ https://seclists.org/bugtraq/2019/Jul/10 https://usn.ubuntu.com/3890-1 https://www.debian.org/se • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 21CVE-2019-5736 – runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout
https://notcve.org/view.php?id=CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. runc, hasta la versión 1.0-rc6, tal y como se emplea en Docker, en versiones anteriores a la 18.09.2 y otros productos, permite que los atacantes sobrescriban el binario del host runc (y, así, obtengan acceso root al host) aprovechando la capacidad para ejecutar un comando como root con uno de estos tipos de contenedores: (1) un nuevo contenedor con una imagen controlada por el atacante o (2) un contenedor existente, para el cual el atacante contaba previamente con acceso de escritura, que puede adjuntarse con docker exec. Esto ocurre debido a la gestión incorrecta del descriptor de archivos; esto está relacionado con /proc/self/exe. A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could use this flaw to overwrite contents of the runc binary and consequently run arbitrary commands on the container host system. • https://github.com/Frichetten/CVE-2019-5736-PoC https://www.exploit-db.com/exploits/46369 https://www.exploit-db.com/exploits/46359 https://github.com/twistlock/RunC-CVE-2019-5736 https://github.com/jas502n/CVE-2019-5736 https://github.com/RyanNgWH/CVE-2019-5736-POC https://github.com/zyriuse75/CVE-2019-5736-PoC https://github.com/likescam/CVE-2019-5736 https://github.com/geropl/CVE-2019-5736 https://github.com/si1ent-le/CVE-2019-5736 https://github.com/ • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-7639
https://notcve.org/view.php?id=CVE-2019-7639
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file. Se ha descubierto un problema en gsi-openssh-server 7.9p1 en Fedora 29. Si PermitPAMUserChange está configurado como "yes" en el archivo /etc/gsissh/sshd_config, los inicios de sesión se realizan con éxito con un nombre de usuario válido y una contraseña incorrecta, incluso aunque se registre una entrada incorrecta en el archivo /var/log/messages. • https://bugzilla.redhat.com/show_bug.cgi?id=1673802 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 1CVE-2019-7577 – SDL: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7577
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer en SDL_LoadWAV_RW en audio/SDL_wave.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.html https://bugzilla.libsdl.org/show_bug.cgi?id=4492 https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720 https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html https:/& • CWE-125: Out-of-bounds Read •