CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2019-20807 – vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode
https://notcve.org/view.php?id=CVE-2019-20807
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). En Vim versiones anteriores a 8.1.0881, los usuarios pueden omitir el modo restringido rvim y ejecutar comandos arbitrarios de Sistema Operativo por medio de interfaces de scripting (por ejemplo, Python, Ruby o Lua). A flaw was found in vim in the restricted mode, where all commands that make use of external shells are disabled. However, it was found that users could still execute some arbitrary OS commands in the restricted mode. This flaw was fixed by filtering the functions that can call OS commands. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00018.html http://seclists.org/fulldisclosure/2020/Jul/24 https://github.com/vim/vim/commit/8c62a08faf89663e5633dc5036cd8695c80f1075 https://github.com/vim/vim/releases/tag/v8.1.0881 https://lists.debian.org/debian-lts-announce/2022/01/msg00003.html https://support.apple.com/kb/HT211289 https://usn.ubuntu.com/4582-1 https://www.starwindsoftware.com/security/sw-20220812-0003 https://access.redhat.com/security/cve/CVE-2019&# • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 2CVE-2020-13645
https://notcve.org/view.php?id=CVE-2020-13645
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host. En GNOME glib-networking versiones hasta 2.64.2, la implementación de GTlsClientConnection omite la verificación del nombre de host del certificado TLS del servidor si la aplicación presenta un fallo al especificar la identidad esperada del servidor. Esto está en contraste con su comportamiento documentado previsto, en el fallo de la verificación del certificado. • https://gitlab.gnome.org/GNOME/balsa/-/issues/34 https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLEX2IP62SU6WJ4SK3U766XGLQK3J62O https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LRCUM22YEWWKNMN2BP5LTVDM5P4VWIXS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQEQJQ4XFMFCFJTEXKL2ZO3UELBPCKSK https://security.gentoo.org/glsa/202007-50 htt • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-10936
https://notcve.org/view.php?id=CVE-2020-10936
Sympa before 6.2.56 allows privilege escalation. Sympa versiones anteriores a la versión 6.2.56, permite una escalada de privilegios. • https://github.com/sympa-community/sympa/releases https://lists.debian.org/debian-lts-announce/2020/10/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3J4NZLGAF4ZYK52XEBQDTBNHLGBEPXXN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3TMQ3CORUOWARALACCBG2SBTIGZ5GY5 https://sysdream.com/news/lab https://sysdream.com/news/lab/2020-05-25-cve-2020-10936-sympa-privileges-escalation-to-root https://usn.ubuntu.com/4442- • CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2020-13630 – sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c
https://notcve.org/view.php?id=CVE-2020-13630
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. El archivo ext/fts3/fts3.c en SQLite versiones anteriores a la versión 3.32.0, tiene un uso de la memoria previamente liberada en la función fts3EvalNextRow, relacionado con la funcionalidad snippet. A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the application or potentially execute arbitrary code. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXY • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-13631 – sqlite: Virtual table can be renamed into the name of one of its shadow tables
https://notcve.org/view.php?id=CVE-2020-13631
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. SQLite versiones anteriores a la versión 3.32.0, permite que una tabla virtual sea renombrada con el nombre de una de sus tablas shadow, relacionada con los archivos alter.c y build.c. A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leading to potential data corruption. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce%40lists&# • CWE-20: Improper Input Validation •