CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-11696 – firefox: thunderbird: Unhandled Exception in Add-on Signature Verification
https://notcve.org/view.php?id=CVE-2024-11696
26 Nov 2024 — The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with... • https://bugzilla.mozilla.org/show_bug.cgi?id=1929600 • CWE-347: Improper Verification of Cryptographic Signature CWE-354: Improper Validation of Integrity Check Value •
CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 0CVE-2024-10979 – PostgreSQL PL/Perl environment variable changes execute arbitrary code
https://notcve.org/view.php?id=CVE-2024-10979
14 Nov 2024 — Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. A flaw was found in PostgreSQL PL/Perl. • https://www.postgresql.org/support/security/CVE-2024-10979 • CWE-15: External Control of System or Configuration Setting •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10978 – PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID
https://notcve.org/view.php?id=CVE-2024-10978
14 Nov 2024 — Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker. If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE ... • https://www.postgresql.org/support/security/CVE-2024-10978 • CWE-266: Incorrect Privilege Assignment •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10977 – PostgreSQL libpq retains an error message from man-in-the-middle
https://notcve.org/view.php?id=CVE-2024-10977
14 Nov 2024 — Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results. This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text. Versions before PostgreSQL 17.1, 16.5, 15... • https://www.postgresql.org/support/security/CVE-2024-10977 • CWE-348: Use of Less Trusted Source •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10976 – PostgreSQL row security below e.g. subqueries disregards user ID changes
https://notcve.org/view.php?id=CVE-2024-10976
14 Nov 2024 — Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy. This has the same consequences as the two earlier CVEs. That is to say, it leads to potentially incorrect policies being applied... • https://www.postgresql.org/support/security/CVE-2024-10976 • CWE-1250: Improper Preservation of Consistency Between Independent Representations of Shared State •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51566 – bhyve(8) NVMe driver to guest-induced infinite loops.
https://notcve.org/view.php?id=CVE-2024-51566
12 Nov 2024 — The NVMe driver queue processing is vulernable to guest-induced infinite loops. • https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51565 – bhyve(8) hda driver buffer over-read
https://notcve.org/view.php?id=CVE-2024-51565
12 Nov 2024 — The hda driver is vulnerable to a buffer over-read from a guest-controlled value. • https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51564 – bhyve(8) infinite loop in the hda audio driver
https://notcve.org/view.php?id=CVE-2024-51564
12 Nov 2024 — A guest can trigger an infinite loop in the hda audio driver. • https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51563 – bhyve(8) virtio_vq_recordon time-of-check to time-of-use race
https://notcve.org/view.php?id=CVE-2024-51563
12 Nov 2024 — The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition. • https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51562 – bhyve(8) nvme_opc_get_log_page buffer over-read
https://notcve.org/view.php?id=CVE-2024-51562
12 Nov 2024 — The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value. • https://security.freebsd.org/advisories/FreeBSD-SA-24:17.bhyve.asc • CWE-125: Out-of-bounds Read •