Page 80 of 1833 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1

CVE-2018-20679 – Cisco Device Hardcoded Credentials / GNU glibc / BusyBox

https://notcve.org/view.php?id=CVE-2018-20679

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes. Se ha descubierto un problema en versiones anteriores a la 1.30.0 de BusyBox. Una lectura fuera de límites en los componentes udhcp (consumidos por el servidor, cliente y relays DHCP) permite que un atacante remoto filtre información sensible de la pila mediante el envío de un mensaje DHCP manipulado. • http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html http://seclists.org/fulldisclosure/2019/Sep/7 https://bugs.busybox.net/show_bug.cgi?id=11506 https://busybox.net/news.html https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c https://seclists.org/bugtraq/2019/Sep/7 https://usn.ubuntu.com/3935-1 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0

CVE-2019-3498

https://notcve.org/view.php?id=CVE-2019-3498

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. En Django, en versiones 1.11.x anteriores a la 1.11.18, versiones 2.0.x anteriores a la 2.0.10 y 2.1.x anteriores a la 2.1.5, existe una neutralización incorrecta de elementos especiales en las salidas empleadas por un componente de bajada en django.views.defaults.page_not_found(), lo que conduce a la suplantación de contenido (en una página de error 404) si un usuario fracasa a la hora de reconocer que una URL manipulada tiene contenido malicioso. • http://www.securityfocus.com/bid/106453 https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/VYU7xQQTEPQ https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ https://usn.ubuntu.com/3851-1 https://www.debian.org/security/2019/dsa-4363 https://www.djangoproject.com/weblog/2019/jan/04/security-release • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 1

CVE-2019-3701

https://notcve.org/view.php?id=CVE-2019-3701

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html http://www.securityfocus.com/bid/106443 https://bugzilla.suse.com/show_bug.cgi?id=1120386 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=0aaa81377c5a01f686bcdb8c7a6929a7bf330c68 https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html https://m • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-16882

https://notcve.org/view.php?id=CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable. Se ha detectado un uso de memoria previamente liberada en la manera en la que el hypervisor KVM del kernel de Linux procesa las interrupciones publicadas cuando la virtualización "nested(=1)" se encuentra habilitada. • http://www.securityfocus.com/bid/106254 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16882 https://lwn.net/Articles/775720 https://lwn.net/Articles/775721 https://marc.info/?l=kvm&m=154514994222809&w=2 https://support.f5.com/csp/article/K80557033 https://usn.ubuntu.com/3871-1 https://usn.ubuntu.com/3871-3 https://usn.ubuntu.com/3871-4 https://usn.ubuntu.com/3871-5 https://usn.ubuntu.com/3872-1 https://usn.ubuntu.com/3878-1 https • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 0

CVE-2018-20650 – poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc

https://notcve.org/view.php?id=CVE-2018-20650

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. Una aserción alcanzable en Object::dictLookup en Poppler 0.72.0 permite a los atacantes provocar una denegación de servicio (DoS) debido a la falta de comprobación del tipo de datos del directorio, tal y como queda demostrado con el uso de la clase FileSpec (en FileSpec.cc) en pdfdetach. • http://www.securityfocus.com/bid/106459 https://access.redhat.com/errata/RHSA-2019:2022 https://access.redhat.com/errata/RHSA-2019:2713 https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7 https://gitlab.freedesktop.org/poppler/poppler/issues/704 https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https:/ • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •