Page 99 of 1963 results (0.014 seconds)

CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-3873 – picketlink: URL injection via xinclude parameter

https://notcve.org/view.php?id=CVE-2019-3873

It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. Se encontró que Picketlink, tal como se distribuye con Jboss Enterprise Application Platform versión 7.2, aceptaría un parámetro xinclude en XML SAMLresponse. Un atacante podría usar esta fallo para enviar una URL para lograr cross-site scripting o posiblemente conducir más ataques. • http://www.securityfocus.com/bid/108739 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3873 https://access.redhat.com/security/cve/CVE-2019-3873 https://bugzilla.redhat.com/show_bug.cgi?id=1689014 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-3872 – picketlink: reflected XSS in SAMLRequest via RelayState parameter

https://notcve.org/view.php?id=CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks. Se encontró que un SAMLRequest que contenía un script podía ser procesado por versiones de Picketlink enviadas en Jboss Application Platform 7.2.xy 7.1.x. Un atacante podría usar esto para enviar un script malicioso para lograr scripts entre sitios y obtener información no autorizada o lleva cabo de más ataques. • http://www.securityfocus.com/bid/108732 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3872 https://access.redhat.com/security/cve/CVE-2019-3872 https://bugzilla.redhat.com/show_bug.cgi?id=1688966 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 28EXPL: 0

CVE-2019-10160 – python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc

https://notcve.org/view.php?id=CVE-2019-10160

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. Se descubrió una regresión de seguridad de CVE-2019-9636 en python desde commit con ID d537ab0ff9767ef024f26246899728f0116b1ec3 que afecta a las versiones 2.7, 3.5, 3.6, 3.7 y de v3.8.0a4 a v3.8.0b1, el cual permite a un atacante explotar CVE-2019-9636 violando las partes usuario (user) y contraseña (password) de una URL. Cuando una aplicación analiza las URL proporcionadas por el usuario para almacenar cookies, credenciales de autenticación u otro tipo de información, es posible que un atacante proporcione URL especialmente creadas para que la aplicación ubique información relacionada con el host (por ejemplo, cookies, datos de autenticación) y envíe a un host diferente al que debería, a diferencia de si las URL se analizaron correctamente. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://access.redhat.com/errata/RHSA-2019:1587 https://access.redhat.com/errata/RHSA-2019:1700 https://access.redhat.com/errata/RHSA-2019:2437 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10160 https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e • CWE-172: Encoding Error CWE-522: Insufficiently Protected Credentials •

CVSS: 4.7EPSS: 0%CPEs: 11EXPL: 0

CVE-2019-12614 – kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service

https://notcve.org/view.php?id=CVE-2019-12614

An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). Se descubrió un problema en dlpar_parse_cc_property en arch / powerpc / platform / pseries / dlpar.c en el kernel de Linux hasta la versión 5.1.6. Hay un kstrdup sin marcar de prop-> name, que podría permitir que un atacante provoque una denegación de servicio (desreferencia de puntero NULL y bloqueo del sistema). A flaw was found in the way Linux kernel's Dynamic Logical Partitioning (DLPAR) functionality on PowerPC systems handled low memory conditions on device discovery. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.securityfocus.com/bid/108550 https://git.kernel.org/pub/ • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 1

CVE-2019-3846 – kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c

https://notcve.org/view.php?id=CVE-2019-3846

A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. Se encontró un fallo que permitía a un atacante corromper la memoria y posiblemente aumentar los privilegios en el módulo del kernel mwifiex mientras se conectaba a una red inalámbrica maliciosa. A flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html ht • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •