Page 88 of 871 results (0.019 seconds)

CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0

CVE-2020-1934 – httpd: mod_proxy_ftp use of uninitialized value

https://notcve.org/view.php?id=CVE-2020-1934

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, mod_proxy_ftp puede usar memoria no inicializada cuando al enviar un proxy hacia un servidor FTP malicioso. A flaw was found in Apache's HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8 • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •

CVSS: 8.1EPSS: 7%CPEs: 4EXPL: 0

CVE-2020-6096

https://notcve.org/view.php?id=CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. • https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6 https://security.gentoo.org/glsa/202101-20 https://sourceware.org/bugzilla/show_bug.cgi?id=25620 https: • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •

CVSS: 8.8EPSS: 0%CPEs: 52EXPL: 6

CVE-2020-8835 – Linux kernel bpf verifier vulnerability

https://notcve.org/view.php?id=CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) En el kernel de Linux versiones 5.5.0 y más recientes, el verificador bpf (kernel/bpf/verifier.c) no restringió apropiadamente los límites de registro para operaciones de 32 bits, conllevando a lecturas y escrituras fuera de límites en la memoria del kernel. La vulnerabilidad también afecta a la serie estable de Linux versión 5.4, comenzando con la versión v5.4.7, ya que el commit de introducción fue respaldado en esa derivación. • https://github.com/zilong3033/CVE-2020-8835 https://github.com/digamma-ai/CVE-2020-8835-verification https://github.com/SplendidSky/CVE-2020-8835 https://github.com/Prabhashaka/Exploitation-CVE-2020-8835 https://github.com/johnatag/INF8602-CVE-2020-8835 http://www.openwall.com/lists/oss-security/2021/07/20/1 https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef https://git.kernel.org/pub/scm/linux/kernel/git/torvald • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

CVE-2020-1747 – PyYAML: arbitrary command execution through python/object/new when FullLoader is used

https://notcve.org/view.php?id=CVE-2020-1747

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor. Se descubrió una vulnerabilidad en la biblioteca PyYAML versiones anteriores a 5.3.1, donde es susceptible a una ejecución de código arbitraria cuando procesa archivos YAML no seguros por medio del método full_load o con el cargador FullLoader. Las aplicaciones que usan la biblioteca para procesar entradas no seguras pueden ser vulnerables a este fallo. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747 https://github.com/yaml/pyyaml/pull/386 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7PPAS6C4SZRDQLR7C22A5U3QOLXY33JX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY https://lists.fedoraproject&# • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-9359 – okular: local binary execution via specially crafted PDF files

https://notcve.org/view.php?id=CVE-2020-9359

KDE Okular before 1.10.0 allows code execution via an action link in a PDF document. KDE Okular versiones anteriores a la versión 1.10.0, permite una ejecución de código por medio de un enlace de acción en un documento PDF. • https://invent.kde.org/kde/okular/-/commit/6a93a033b4f9248b3cd4d04689b8391df754e244 https://kde.org/info/security/advisory-20200312-1.txt https://lists.debian.org/debian-lts-announce/2020/03/msg00033.html https://lists.debian.org/debian-lts-announce/2021/12/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TY3O6UWX2XTP7PISPTZ6FYRDFU4UF66 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AW6GJ3AKGXOMTDHNZBMSXDTWNJJRFBDH https: • CWE-184: Incomplete List of Disallowed Inputs •