CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 1CVE-2020-12823
https://notcve.org/view.php?id=CVE-2020-12823
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. OpenConnect versión 8.09, presenta un desbordamiento del búfer, causando una denegación de servicio (bloqueo de aplicación) o posiblemente otro impacto no especificado, por medio de datos de certificado diseñados en la función get_cert_name en el archivo gnutls.c. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00056.html https://bugs.gentoo.org/721570 https://gitlab.com/openconnect/openconnect/-/merge_requests/108 https://lists.debian.org/debian-lts-announce/2020/05/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25MFX4AZE7RDCUWOL4ZOE73YBOPUMQDX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-6464 – chromium-browser: Type Confusion in Blink
https://notcve.org/view.php?id=CVE-2020-6464
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en Blink en Google Chrome versiones anteriores a la versión 81.0.4044.138, permitió a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML especialmente diseñada A type confusion flaw was reported in the Blink component of the Chromium browser. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00000.html https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop.html https://crbug.com/1071059 https://security.gentoo.org/glsa/202005-13 https://www.debian.org/security/2020/dsa-4714 https://access.redhat.com/security/cve/CVE-2020-6464 https://bugzilla.redhat.com/show_bug.cgi?id=1832488 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11866
https://notcve.org/view.php?id=CVE-2020-11866
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. libEMF (también se conoce como ECMA-234 Metafile Library) versiones hasta 1.0.11, permite un uso de la memoria previamente liberada. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DFYDSKWFM2R5NKZOO2IN6X7SM3T2PWL https://sourceforge.net/p/libemf/code/commit_browser https://sourceforge.net/p/libemf/mailman/libemf-devel https://sourceforge.net/p/libemf/news/2020/05/re-release-of-libemf-1012 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11865
https://notcve.org/view.php?id=CVE-2020-11865
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. libEMF (también se conoce como ECMA-234 Metafile Library) versiones hasta 1.0.11, permite un acceso a la memoria fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DFYDSKWFM2R5NKZOO2IN6X7SM3T2PWL https://sourceforge.net/p/libemf/code/commit_browser https://sourceforge.net/p/libemf/mailman/libemf-devel https://sourceforge.net/p/libemf/news/2020/05/re-release-of-libemf-1012 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11864
https://notcve.org/view.php?id=CVE-2020-11864
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). libEMF (también se conoce como ECMA-234 Metafile Library) versiones hasta 1.0.11, permite una denegación de servicio (problema 2 de 2). • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DFYDSKWFM2R5NKZOO2IN6X7SM3T2PWL https://sourceforge.net/p/libemf/code/commit_browser https://sourceforge.net/p/libemf/mailman/libemf-devel https://sourceforge.net/p/libemf/news/2020/05/re-release-of-libemf-1012 •