CVSS: 5.7EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3426 – python: Information disclosure via pydoc
https://notcve.org/view.php?id=CVE-2021-3426
03 May 2021 — There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. Se presenta un fallo en pydoc de Pytho... • https://bugzilla.redhat.com/show_bug.cgi?id=1935913 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3448 – dnsmasq: fixed outgoing port used when --server is used with an interface name
https://notcve.org/view.php?id=CVE-2021-3448
08 Apr 2021 — A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1939368 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 4.0EPSS: 0%CPEs: 33EXPL: 1CVE-2021-28163 – jetty: Symlink directory exposes webapp directory contents
https://notcve.org/view.php?id=CVE-2021-28163
01 Apr 2021 — In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. En Eclipse Jetty versiones 9.4.32 hasta 9.4.38, versiones 10.0.0.beta2 hasta 10.0.1 y versiones 11.0.0.beta2 hasta 11.0.1, si un usuario usa un directorio de aplicaciones web que es un enlace simbólico, el... • https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 14%CPEs: 10EXPL: 0CVE-2021-26701 – .NET Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26701
25 Feb 2021 — .NET Core Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de .NET Core. Este ID de CVE es diferente de CVE-2021-24112 A remote code execution vulnerability was found in dotnet in the System.Text.Encodings.Web package, caused by a buffer overrun. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2020-36242 – python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow
https://notcve.org/view.php?id=CVE-2020-36242
07 Feb 2021 — In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class. En el paquete de criptografía versiones anteriores a 3.3.2 para Python, determinadas secuencias de llamadas de actualización para cifrar simétricamente valores de varios GB podrían resultar en un desbordamiento de enteros y un desbordamiento del búfer, como es demostrado por la clase Ferne... • https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 96%CPEs: 39EXPL: 94CVE-2021-3156 – Sudo Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-3156
26 Jan 2021 — Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de "sudoedit -s" y un argumento de línea de comandos que termina con un solo caráct... • https://packetstorm.news/files/id/176932 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 2%CPEs: 15EXPL: 1CVE-2021-3177 – python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
https://notcve.org/view.php?id=CVE-2021-3177
19 Jan 2021 — Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. Python versiones 3.x hasta 3.9.1, presenta un desbordamiento de búfer en la función PyCArg_repr en el archivo _ctypes/callproc.c, que puede conllevar a una ejecución de código remota en determina... • https://bugs.python.org/issue42938 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-1723 – ASP.NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1723
12 Jan 2021 — ASP.NET Core and Visual Studio Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de ASP.NET Core y Visual Studio A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a secu... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723 • CWE-833: Deadlock •
CVSS: 7.5EPSS: 0%CPEs: 62EXPL: 1CVE-2020-8285 – curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used
https://notcve.org/view.php?id=CVE-2020-8285
09 Dec 2020 — curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. curl versiones 7.21.0 hasta 7.73.0 e incluyéndola, es vulnerable a una recursividad no controlada debido a un problema de desbordamiento de la pila en el análisis de coincidencias del comodín FTP Libcurl offers a wildcard matching functionality, which allows a callback (set with `CURLOPT_CHUNK_BGN_FUNCTION`) to return information back to libcurl on how to handle a specific... • http://seclists.org/fulldisclosure/2021/Apr/51 • CWE-121: Stack-based Buffer Overflow CWE-674: Uncontrolled Recursion CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 72EXPL: 0CVE-2020-8284 – curl: FTP PASV command response can cause curl to connect to arbitrary host
https://notcve.org/view.php?id=CVE-2020-8284
09 Dec 2020 — A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. Un servidor malicioso puede usar la respuesta FTP PASV para engañar a curl versiones 7.73.0 y anteriores, para que se conecte de nuevo a una dirección IP y puerto determinados, y de esta manera pot... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •