CVSS: 10.0EPSS: 67%CPEs: 3EXPL: 0CVE-2024-0517 – Debian Security Advisory 5602-1
https://notcve.org/view.php?id=CVE-2024-0517
16 Jan 2024 — Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La escritura fuera de los límites en V8 en Google Chrome anterior a 120.0.6099.224 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple security issues were discovered in Chromium, which could result in t... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 1CVE-2023-6395 – Mock: privilege escalation for users that can access mock configuration
https://notcve.org/view.php?id=CVE-2023-6395
16 Jan 2024 — The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvert... • http://www.openwall.com/lists/oss-security/2024/01/16/1 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2024-0232 – Sqlite: use-after-free bug in jsonparseaddnodearray
https://notcve.org/view.php?id=CVE-2024-0232
16 Jan 2024 — A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service. Se identificó un problema de uso después de la liberación del montón en SQLite en la función jsonParseAddNodeArray() en sqlite3.c. Este fallo permite que un atacante local aproveche a una víctima para que pase entradas ... • https://access.redhat.com/security/cve/CVE-2024-0232 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 1CVE-2024-0553 – Gnutls: incomplete fix for cve-2023-5981
https://notcve.org/view.php?id=CVE-2024-0553
16 Jan 2024 — A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. Se encontró una vulnerabilidad en GnuTLS. • http://www.openwall.com/lists/oss-security/2024/01/19/3 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2024-0567 – Gnutls: rejects certificate chain with distributed trust
https://notcve.org/view.php?id=CVE-2024-0567
16 Jan 2024 — A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack. Se encontró una vulnerabilidad en GnuTLS, donde una cabina (que usa gnuTLS) rechaza una cadena de certificados con confianza distribuida. Este problema ocurre al validar una cadena de certificados ... • http://www.openwall.com/lists/oss-security/2024/01/19/3 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4001 – Grub2: bypass the grub password protection feature
https://notcve.org/view.php?id=CVE-2023-4001
15 Jan 2024 — An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the "/boot/" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was in... • http://www.openwall.com/lists/oss-security/2024/01/15/3 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2024-23301 – rear: creates a world-readable initrd
https://notcve.org/view.php?id=CVE-2024-23301
12 Jan 2024 — Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. Relax-and-Recover (a.k.a ReaR) hasta 2.7 crea un initrd world-readable cuando se usa GRUB_RESCUE=y. Esto permite a los atacantes locales obtener acceso a secretos del sistema que de otro modo sólo serían legibles por root. A vulnerability has been identified in Relax-and-Recover (ReaR), where the use of GRUB_RESCUE=y ... • https://github.com/rear/rear/issues/3122 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-0443 – Kernel: blkio memory leakage due to blkcg and some blkgs are not freed after they are made offline.
https://notcve.org/view.php?id=CVE-2024-0443
11 Jan 2024 — A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error.... • https://access.redhat.com/errata/RHSA-2023:6583 • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0333 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2024-0333
10 Jan 2024 — Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High) La validación de datos insuficiente en Extensions de Google Chrome anteriores a 120.0.6099.216 permitió a un atacante en una posición privilegiada de la red instalar una extensión maliciosa a través de una página HTML manipulada. (Severidad de seguridad de Chromium: alta) Multiple ... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html •
CVSS: 8.1EPSS: 4%CPEs: 4EXPL: 0CVE-2023-41056 – Redis vulnerable to integer overflow in certain payloads
https://notcve.org/view.php?id=CVE-2023-41056
10 Jan 2024 — Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4. Redis es una base de datos en memoria que persiste en el disco. Redis maneja incorrectamente el cambio de tamaño de los búferes de memoria, lo que puede provocar un desbordamiento de enteros que provoca un desbordamiento del montón y una posible ... • https://github.com/redis/redis/releases/tag/7.0.15 • CWE-190: Integer Overflow or Wraparound CWE-762: Mismatched Memory Management Routines •