CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3474 – Ubuntu Security Notice USN-4900-1
https://notcve.org/view.php?id=CVE-2021-3474
30 Mar 2021 — There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability. Se presenta un fallo en OpenEXR en versiones anteriores a 3.0.0-beta. Un archivo de entrada diseñado que es procesado por OpenEXR podría causar un desbordamiento de cambios en FastHufDecoder, lo que podría generar problemas con la disponibilidad de la aplicación. It was discovered tha... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3475 – Gentoo Linux Security Advisory 202107-27
https://notcve.org/view.php?id=CVE-2021-3475
30 Mar 2021 — There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability. Se presenta un fallo en OpenEXR en versiones anteriores a 3.0.0-beta. Un atacante que pueda enviar un archivo diseñado para que lo procese OpenEXR podría causar un desbordamiento de enteros, lo que podría conllevar a problemas con la disponibilidad de la aplicación. Multiple vulnerab... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3476 – Gentoo Linux Security Advisory 202107-27
https://notcve.org/view.php?id=CVE-2021-3476
30 Mar 2021 — A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability. Se encontró un fallo en la funcionalidad uncompression B44 de OpenEXR en versiones anteriores a 3.0.0-beta. Un atacante que pueda enviar un archivo diseñado a OpenEXR podría desencadenar desbordamientos de turno, lo que podría afectar la disponibilidad de la aplicación. An u... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.2EPSS: 1%CPEs: 7EXPL: 6CVE-2021-23358 – Arbitrary Code Injection
https://notcve.org/view.php?id=CVE-2021-23358
29 Mar 2021 — The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. El paquete underscore desde la versión 1.13.0-0 y anterior a la versión 1.13.0-2, desde la versión 1.3.2 y anterior a la versión 1.12.1, son vulnerables a una ejecución de código arbitraria por medio de la función template, particularmente cuando una propiedad variabl... • https://github.com/EkamSinghWalia/Detection-script-for-cve-2021-23358 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 1CVE-2021-22890 – curl: TLS 1.3 session ticket mix-up with HTTPS proxy host
https://notcve.org/view.php?id=CVE-2021-22890
28 Mar 2021 — curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the serve... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-290: Authentication Bypass by Spoofing CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 1CVE-2021-22876 – curl: Leak of authentication credentials in URL via automatic Referer
https://notcve.org/view.php?id=CVE-2021-22876
28 Mar 2021 — curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. curl versiones 7.1.1 hasta 7.75.0 incluyéndola, es vulnerable a una "Exposure of... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29264 – Ubuntu Security Notice USN-4946-1
https://notcve.org/view.php?id=CVE-2021-29264
26 Mar 2021 — An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6. Se detectó un problema en el kernel de Linux versiones hasta 5.11.10. El archivo drivers/net/ethernet/freescale/gianfar.c en el controlador Freescale Gianfar Eth... • https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d8861bab48b6c1fc3cdbcab8ff9d1eaea43afe7f •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29265 – Ubuntu Security Notice USN-4946-1
https://notcve.org/view.php?id=CVE-2021-29265
26 Mar 2021 — An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70. Se detectó un problema en el kernel de Linux versiones anteriores a 5.11.7. La función usbip_sockfd_store en el archivo drivers/usb/usbip/stub_dev.c permite a atacantes causar una denegación de servicio (GPF) porque la secuen... • https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2020-1946 – Apache SpamAssassin has an OS Command Injection vulnerability
https://notcve.org/view.php?id=CVE-2020-1946
25 Mar 2021 — In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. En Apache SpamAssassin anterior a versión 3.4.5, los archivos de configuración de reglas maliciosas (.cf) se pueden configurar para ejecutar comandos del sistema sin ningún ... • https://lists.debian.org/debian-lts-announce/2021/04/msg00000.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2020-27840 – Ubuntu Security Notice USN-4888-2
https://notcve.org/view.php?id=CVE-2020-27840
25 Mar 2021 — A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en samba. Los espacios usados en una cadena alrededor de un nombre de dominio (DN), aunque se supone que deben ser ignorados, pueden causar cadenas DN no válidas con espacios en lugar ... • https://bugzilla.redhat.com/show_bug.cgi?id=1941400 • CWE-125: Out-of-bounds Read •