CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-12066
https://notcve.org/view.php?id=CVE-2020-12066
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. La función CServer::SendMsg en el archivo engine/server/server.cpp en Teeworlds versiones 0.7.x anteriores a 0.7.5, permite a atacantes remotos apagar el servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00045.html https://github.com/teeworlds/teeworlds/commit/c68402fa7e279d42886d5951d1ea8ac2facc1ea5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVYG7CCPS5F3OPOQMJKVNXTQ7BXSEX2V https://usn.ubuntu.com/4553-1 https://www.debian.org/security/2020/dsa-4763 https://www.teeworlds.com/forum/viewtopic.php?id=14785 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12059 – ceph: specially crafted XML payload on POST requests leads to DoS by crashing RGW
https://notcve.org/view.php?id=CVE-2020-12059
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception. Se descubrió un problema en Ceph versiones hasta la versió 13.2.9. Una petición POST con un XML de etiquetado no valido puede bloquear el proceso RGW al desencadenar una excepción del puntero NULL. A flaw was found in the Ceph Object Gateway S3 API, where it did not properly validate the POST requests. • https://bugzilla.suse.com/show_bug.cgi?id=1170170 https://docs.ceph.com/docs/master/releases/mimic https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://tracker.ceph.com/issues/44967 https://usn.ubuntu.com/4528-1 https://access.redhat.com/security/cve/CVE-2020-12059 https://bugzilla.redhat.com/show_bug.cgi?id=1827262 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2020-11008 – Malicious URLs can still cause Git to send a stored credential to the wrong server
https://notcve.org/view.php?id=CVE-2020-11008
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://seclists.org/fulldisclosure/2020/May/41 https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282 https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7 https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q https://lists.debian.org/debian-lts-announce/2020/04/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNW • CWE-20: Improper Input Validation CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11958
https://notcve.org/view.php?id=CVE-2020-11958
re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. re2c versión 1.3, tiene un desbordamiento del búfer en la región heap de la memoria en la función Scanner::fill en el archivo parse/scanner.cc por medio de un lexema largo. • http://www.openwall.com/lists/oss-security/2020/04/21/1 https://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a https://security.gentoo.org/glsa/202007-28 https://usn.ubuntu.com/4338-1 https://usn.ubuntu.com/4338-2 https://www.openwall.com/lists/oss-security/2020/04/19/1 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-1751 – glibc: array overflow in backtrace functions for powerpc
https://notcve.org/view.php?id=CVE-2020-1751
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability. Se encontró una vulnerabilidad de escritura fuera de límites en glibc versiones anteriores a 2.31, cuando se manejaban trampolines de señal en PowerPC. Concretamente, la función backtrace no comprueba apropiadamente los límites de la matriz cuando almacena la dirección de la trama, resultando en una denegación de servicio o a una posible ejecución de código. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751 https://security.gentoo.org/glsa/202006-04 https://security.netapp.com/advisory/ntap-20200430-0002 https://sourceware.org/bugzilla/show_bug.cgi?id=25423 https://usn.ubuntu.com/4416-1 https://access.redhat.com/security/cve/CVE-2020-1751 https://bugzilla.redhat.com/show_bug.cgi?id=1810719 • CWE-787: Out-of-bounds Write •