CVSS: 9.8EPSS: 48%CPEs: 20EXPL: 1CVE-2020-11984 – httpd: mod_proxy_uwsgi buffer overflow
https://notcve.org/view.php?id=CVE-2020-11984
07 Aug 2020 — Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE Apache HTTP server versiones 2.4.32 hasta 2.4.44, la función mod_proxy_uwsgi divulga información y posible RCE A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Red Hat JBoss Co... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00068.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 75%CPEs: 54EXPL: 1CVE-2020-9490 – httpd: Push diary crash on specifically crafted HTTP/2 header
https://notcve.org/view.php?id=CVE-2020-9490
07 Aug 2020 — Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers. Apache HTTP Server versiones 2.4.20 hasta 2.4.43.. Un valor especialmente diseñado para el encabezado "Cache-Digest" en una petición HTTP/2 resultaría en un bloqueo cuando el servidor realmente... • https://packetstorm.news/files/id/160392 • CWE-400: Uncontrolled Resource Consumption CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2019-20907 – python: infinite loop in the tarfile module via crafted TAR archive
https://notcve.org/view.php?id=CVE-2019-20907
13 Jul 2020 — In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. En la biblioteca Lib/tarfile.py en Python versiones hasta 3.8.3, un atacante puede diseñar un archivo TAR conllevando a un bucle infinito cuando se abrió mediante tarfile.open, porque la función _proc_pax carece de comprobación de encabezado A flaw was found in python. In Lib/tarfile.py an attacker is able to craft a TAR arc... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00051.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 4CVE-2019-20892 – Ubuntu Security Notice USN-4410-1
https://notcve.org/view.php?id=CVE-2019-20892
25 Jun 2020 — net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release. net-snmp versiones anteriores a 5.8.1.pre1 presenta una doble liberación en la función usm_free_usmStateReference en el archivo snmplib/snmpusm.c por medio de una petición SNMPv3 GetBulk. NOTA: esto afecta a los paquetes net-snmp enviados a los usuario... • http://www.openwall.com/lists/oss-security/2020/06/25/4 • CWE-415: Double Free •
CVSS: 4.9EPSS: 2%CPEs: 32EXPL: 0CVE-2020-15025 – Gentoo Linux Security Advisory 202007-12
https://notcve.org/view.php?id=CVE-2020-15025
24 Jun 2020 — ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. ntpd en ntp versión 4.2.8 versiones anteriores a 4.2.8p15 y versiones 4.3.x anteriores a 4.3.101, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria) mediante el envío de paquetes, porque la memoria ... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 2CVE-2020-13871 – Gentoo Linux Security Advisory 202007-26
https://notcve.org/view.php?id=CVE-2020-13871
06 Jun 2020 — SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. SQLite versión 3.32.2, presenta un uso de la memoria previamente liberada en la función resetAccumulator en el archivo select.c porque la reescritura del árbol de análisis para funciones de ventana es demasiado tarde Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code. Versions less than 3.32.3 are affected. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-416: Use After Free •
CVSS: 5.9EPSS: 8%CPEs: 14EXPL: 1CVE-2020-13254 – django: potential data leakage via malformed memcached keys
https://notcve.org/view.php?id=CVE-2020-13254
03 Jun 2020 — An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. Se detectó un problema en Django versiones 2.2 anteriores a 2.2.13 y versiones 3.0 anteriores a 3.0.7. En casos donde un backend memcached no lleva a cabo una comprobación de la clave, pasa claves de caché maliciosas que podría resultar en una colisión de claves y una potencial f... • https://github.com/danpalmer/django-cve-2020-13254 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 1%CPEs: 13EXPL: 0CVE-2020-13596 – Debian Security Advisory 4705-1
https://notcve.org/view.php?id=CVE-2020-13596
03 Jun 2020 — An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack. Se detectó un problema en Django versiones 2.2 anteriores a 2.2.13 y versiones 3.0 anteriores a 3.0.7. En casos donde un backend memcached no lleva a cabo una comprobación de la clave, pasa claves de caché maliciosas que podría resultar en una colisión de claves y una potencial filtración de da... • https://docs.djangoproject.com/en/3.0/releases/security • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2020-13630 – sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c
https://notcve.org/view.php?id=CVE-2020-13630
27 May 2020 — ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. El archivo ext/fts3/fts3.c en SQLite versiones anteriores a la versión 3.32.0, tiene un uso de la memoria previamente liberada en la función fts3EvalNextRow, relacionado con la funcionalidad snippet. A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the a... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-13631 – sqlite: Virtual table can be renamed into the name of one of its shadow tables
https://notcve.org/view.php?id=CVE-2020-13631
27 May 2020 — SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. SQLite versiones anteriores a la versión 3.32.0, permite que una tabla virtual sea renombrada con el nombre de una de sus tablas shadow, relacionada con los archivos alter.c y build.c. A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leadi... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-20: Improper Input Validation •