Page 83 of 937 results (0.013 seconds)

CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 1

CVE-2020-7064 – Use-of-uninitialized-value in exif

https://notcve.org/view.php?id=CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. En PHP versiones 7.2.x por debajo de 7.2.9, versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, al analizar datos EXIF ??con la función exif_read_data(), es posible que unos datos maliciosos causen que PHP lea un byte de memoria no inicializada. Esto podría potencialmente conllevar a una divulgación de información o a un bloqueo • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html https://bugs.php.net/bug.php?id=79282 https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html https://security.netapp.com/advisory/ntap-20200403-0001 https://usn.ubuntu.com/4330-1 https://usn.ubuntu.com/4330-2 https://www.debian.org/security/2020/dsa-4717 https://www.debian.org/security/2020/dsa-4719 https://www.oracle.com/security-alerts/cpujan2021.html https://www.tenable.com/ • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-10942 – kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field

https://notcve.org/view.php?id=CVE-2020-10942

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls. En el kernel de Linux versiones anteriores a 5.5.8, la función get_raw_socket en el archivo drivers/vhost/net.c carece de una comprobación de un campo sk_family, que podría permitir a atacantes desencadenar una corrupción de pila del kernel por medio de llamadas de sistema diseñadas. A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ictol(VHOST_NET_SET_BACKEND) call, and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the '/dev/vhost-net' device may use this flaw to crash the kernel resulting in DoS issue. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html http://www.openwall.com/lists/oss-security/2020/04/15/4 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8 https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://lkml.org/lkm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-18860 – squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour

https://notcve.org/view.php?id=CVE-2019-18860

Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi. Squid versiones anteriores a 4.9, cuando determinados navegadores web son usados, maneja inapropiadamente HTML en el parámetro host (también se conoce como hostname) en el archivo cachemgr.cgi. A flaw was found in squid. Squid, when certain web browsers are used, mishandles HTML in the host parameter to cachemgr.cgi which could result in squid behaving in unsecure way. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00018.html https://github.com/squid-cache/squid/pull/504 https://github.com/squid-cache/squid/pull/505 https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html https://usn.ubuntu.com/4356-1 https://www.debian.org/security/2020/dsa-4732 https://access.redhat.com/security/cve/CVE-2019-18860 https://bugzilla.redhat.com/show_bug.cgi?id=1817121 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-0556 – bluez: Improper access control in subsystem could result in privilege escalation and DoS

https://notcve.org/view.php?id=CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access El control de acceso incorrecto en el subsistema para BlueZ anterior a la versión 5.54 puede permitir que un usuario no autenticado permita potencialmente la escalada de privilegios y la denegación de servicio a través del acceso adyacente • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html https://security.gentoo.org/glsa/202003-49 https://usn.ubuntu.com/4311-1 https://www.debian.org/security/2020/dsa-4647 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html https://access.redhat.com/security/cve/CVE-2020-0556 https • CWE-266: Incorrect Privilege Assignment •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-6814 – Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6

https://notcve.org/view.php?id=CVE-2020-6814

Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. Los desarrolladores de Mozilla reportaron bugs de seguridad de la memoria presentes en Firefox y Thunderbird versión 68.5. Algunos de estos bugs mostraron evidencia de corrupción de la memoria y presumimos que con un esfuerzo suficiente algunos de estos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1592078%2C1604847%2C1608256%2C1612636%2C1614339 https://usn.ubuntu.com/4328-1 https://usn.ubuntu.com/4335-1 https://www.mozilla.org/security/advisories/mfsa2020-08 https://www.mozilla.org/security/advisories/mfsa2020-09 https://www.mozilla.org/security/advisories/mfsa2020-10 https://access.redhat.com/security/cve/CVE-2020-6814 https://bugzilla.redhat.com/show_bug.cgi?id=1812205 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •