CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6510 – chromium-browser: Heap buffer overflow in background fetch
https://notcve.org/view.php?id=CVE-2020-6510
22 Jul 2020 — Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer en la región heap de la memoria en background fetch en Google Chrome versiones anteriores a 84.0.4147.89, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium t... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-10756 – QEMU SLiRP Networking Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-10756
09 Jul 2020 — An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1. Se encontró una vulnerabilidad de lectura fuera de límites en la implementación de red SLiRP del emulador QEMU. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00035.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-15396 – Gentoo Linux Security Advisory 202007-06
https://notcve.org/view.php?id=CVE-2020-15396
30 Jun 2020 — In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. En HylaFAX+ versiones hasta 7.0.2 y HylaFAX Enterprise, la utilidad de configuración del fax llama chown sobre archivos en directorios propiedad del usuario. Al ganar una carrera, un atacante local podría usar esto para escalar sus privilegios para root Multiple vulnerabilities have been found in HylaFAX,... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00039.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 1CVE-2020-8019 – syslog-ng: Local privilege escalation from new to root in %post
https://notcve.org/view.php?id=CVE-2020-8019
29 Jun 2020 — A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SU... • https://bugzilla.suse.com/show_bug.cgi?id=1169385 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 1CVE-2020-8164 – rubygem-actionpack: possible strong parameters bypass
https://notcve.org/view.php?id=CVE-2020-8164
19 Jun 2020 — A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. Se presenta una vulnerabilidad de deserialización de datos no confiables en rails versiones anteriores a 5.2.4.3, rails versiones anteriores a 6.0.3.1, que pueden permitir a un atacante suministrar información en la que pueden ser filtrados inadvertidamente parámetros fromStrong A flaw was found in rubygem-actionpack... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00089.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-14004
https://notcve.org/view.php?id=CVE-2020-14004
12 Jun 2020 — An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user. Se detectó un problema en Icinga2 versiones anteriores a v2.12.0-rc1. • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00014.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2020-13696 – Ubuntu Security Notice USN-4518-1
https://notcve.org/view.php?id=CVE-2020-13696
08 Jun 2020 — An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00009.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-6496 – chromium-browser: Use after free in payments
https://notcve.org/view.php?id=CVE-2020-6496
03 Jun 2020 — Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. El uso de la memoria previamente liberada en payments en Google Chrome en MacOS versiones anteriores a 83.0.4103.97, permitió a un atacante remoto poder llevar a cabo un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrar... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6494 – chromium-browser: Incorrect security UI in payments
https://notcve.org/view.php?id=CVE-2020-6494
03 Jun 2020 — Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una Interfaz de Usuario de seguridad incorrecta en payments en Google Chrome en Android versiones anteriores a 83.0.4103.97, permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of w... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html •
CVSS: 8.2EPSS: 92%CPEs: 7EXPL: 5CVE-2020-13379 – Grafana 7.0.1 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2020-13379
03 Jun 2020 — The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault. La funcionalidad avatar en Grafana versiones 3.0.1 hasta 7.0.1, presenta un problema de Control de A... • https://packetstorm.news/files/id/158320 • CWE-476: NULL Pointer Dereference CWE-918: Server-Side Request Forgery (SSRF) •