CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 1CVE-2019-9948 – python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms
https://notcve.org/view.php?id=CVE-2019-9948
23 Mar 2019 — urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. urllib en Python, en versiones 2.x hasta la 2.7.16, soporta el esquema local_file:, lo que facilita que los atacantes remotos omitan los mecanismos de protección que ponen en lista negra los URI file:, tal y como queda demostrado con una llamada urllib.urlopen... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.3EPSS: 0%CPEs: 15EXPL: 0CVE-2019-3835 – ghostscript: superexec operator is available (700585)
https://notcve.org/view.php?id=CVE-2019-3835
22 Mar 2019 — It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador superexec estaba disponible en el diccionario interno en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para obtener ac... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html • CWE-648: Incorrect Use of Privileged APIs CWE-862: Missing Authorization •
CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0CVE-2019-3838 – ghostscript: forceput in DefineResource is still accessible (700576)
https://notcve.org/view.php?id=CVE-2019-3838
22 Mar 2019 — It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador forceput podía ser extraído del método DefineResource en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para ob... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html • CWE-648: Incorrect Use of Privileged APIs •
CVSS: 8.8EPSS: 9%CPEs: 11EXPL: 0CVE-2019-3863 – libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes
https://notcve.org/view.php?id=CVE-2019-3863
19 Mar 2019 — A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. Se ha descubierto un problema en versiones anteriores a la 1.8.1 de libssh2. Un servidor podría enviar múltiples mensajes de respuesta interactiva mediante teclado cuya longitud total es mayor que el los caracteres no firmados char max. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 12%CPEs: 18EXPL: 0CVE-2019-3855 – libssh2: Integer overflow in transport read resulting in out of bounds write
https://notcve.org/view.php?id=CVE-2019-3855
19 Mar 2019 — An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que los paquetes se leen desde el servidor. Un atacan... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 4%CPEs: 16EXPL: 0CVE-2019-3856 – libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write
https://notcve.org/view.php?id=CVE-2019-3856
19 Mar 2019 — An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan las peticiones de comandos de te... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 4%CPEs: 16EXPL: 0CVE-2019-3857 – libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write
https://notcve.org/view.php?id=CVE-2019-3857
19 Mar 2019 — An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paq... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 0CVE-2019-3816 – openwsman: Disclosure of arbitrary files outside of the registered URIs
https://notcve.org/view.php?id=CVE-2019-3816
14 Mar 2019 — Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. Openwsman, en versiones hasta e incluyendo la 2.6.9, es vulnerable a una divulgación de archivos arbitrarios debido a que el directorio de trabajo del demonio openwsmand se establecía en el directorio root. Un at... • http://bugzilla.suse.com/show_bug.cgi?id=1122623 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 3%CPEs: 41EXPL: 0CVE-2019-9636 – python: Information Disclosure due to urlsplit improper NFKC normalization
https://notcve.org/view.php?id=CVE-2019-9636
08 Mar 2019 — Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed c... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html • CWE-172: Encoding Error •
CVSS: 5.9EPSS: 5%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •