CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-13800
https://notcve.org/view.php?id=CVE-2020-13800
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. ati-vga en el archivo hw/display/ati.c en QEMU versión 4.2.0, permite a usuarios invitados del Sistema Operativo desencadenar una recursividad infinita por medio de un valor mm_index diseñado durante una llamada de ati_mm_read o ati_mm_write • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00086.html https://cve.openeuler.org/cve#/CVEInfo/CVE-2020-13800 https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00825.html https://security.gentoo.org/glsa/202011-09 https://security.netapp.com/advisory/ntap-20200717-0001 https://usn.ubuntu.com/4467-1 https://www.openwall.com/lists/oss-security/2020/06/04/2 • CWE-674: Uncontrolled Recursion •
CVSS: 7.4EPSS: 5%CPEs: 79EXPL: 0CVE-2020-13817 – ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS
https://notcve.org/view.php?id=CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance. ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegación de servicio (salida del demonio o cambio de hora del sistema) mediante la predicción de las marcas de tiempo de transmisión para su uso en paquetes falsificados. La víctima debe confiar en fuentes de tiempo IPv4 no autenticadas. Debe haber un atacante fuera de la ruta que pueda consultar el tiempo desde la instancia ntpd de la víctima A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html http://support.ntp.org/bin/view/Main/NtpBug3596 https://bugs.ntp.org/show_bug.cgi?id=3596 https://security.gentoo.org/glsa/202007-12 https://security.netapp.com/advisory/ntap-20200625-0004 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2020-13817 https://bugzilla.redhat.com/show_bug& • CWE-330: Use of Insufficiently Random Values CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6495 – chromium-browser: Insufficient policy enforcement in developer tools
https://notcve.org/view.php?id=CVE-2020-6495
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Una aplicación insuficiente de la política en developer tools en Google Chrome versiones anteriores a 83.0.4103.97, permitió a un atacante que convenció a un usuario de instalar una extensión maliciosa potencialmente llevar a cabo un escape del sandbox por medio de una Chrome Extension diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html https://crbug.com/1072116 https://security.gentoo.org/glsa/202006-02 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6495 https://bugzilla.redhat.com/show_bug.cgi?id=1844556 • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-6496 – chromium-browser: Use after free in payments
https://notcve.org/view.php?id=CVE-2020-6496
Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. El uso de la memoria previamente liberada en payments en Google Chrome en MacOS versiones anteriores a 83.0.4103.97, permitió a un atacante remoto poder llevar a cabo un escape del sandbox por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html https://crbug.com/1085990 https://security.gentoo.org/glsa/202006-02 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6496 https://bugzilla.redhat.com/show_bug.cgi?id=1844557 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0CVE-2020-6493 – chromium-browser: Use after free in WebAuthentication
https://notcve.org/view.php?id=CVE-2020-6493
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en WebAuthentication en Google Chrome versiones anteriores a 83.0.4103.97, permitió a un atacante remoto que había comprometido el proceso del renderizador para potencialmente llevar a cabo un escape del sandbox por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html https://crbug.com/1082105 https://security.gentoo.org/glsa/202006-02 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6493 https://bugzilla.redhat.com/show_bug.cgi?id=1844554 • CWE-416: Use After Free •