CVSS: 9.0EPSS: 94%CPEs: 96EXPL: 13CVE-2021-45046 – Apache Log4j2 Deserialization of Untrusted Data Vulnerability
https://notcve.org/view.php?id=CVE-2021-45046
14 Dec 2021 — It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some... • https://packetstorm.news/files/id/179987 • CWE-400: Uncontrolled Resource Consumption CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 10.0EPSS: 94%CPEs: 398EXPL: 413CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
10 Dec 2021 — Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.... • https://packetstorm.news/files/id/171626 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 5.7EPSS: 0%CPEs: 12EXPL: 0CVE-2020-27350 – apt integer wraparound
https://notcve.org/view.php?id=CVE-2020-27350
10 Dec 2020 — APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1; APT tuvo varios desbordamientos y subdesbordamientos de enteros al analizar paquetes .de... • https://bugs.launchpad.net/bugs/1899193 • CWE-190: Integer Overflow or Wraparound •
CVSS: 2.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-27351 – Various memory and file descriptor leaks in apt-python
https://notcve.org/view.php?id=CVE-2020-27351
10 Dec 2020 — Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions prior to 1.6.5ubuntu0.4; 2.0.0ubuntu0 versions prior to 2.0.0ubuntu0.20.04.2; 2.1.3ubuntu1 versions prior to 2.1.3ubuntu1.1; Se encontraron varios filtrados de memoria y descriptores de archivos en los archivos python/arfile.cc, python/tag.cc, python/tarfil... • https://bugs.launchpad.net/bugs/1899193 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 1CVE-2011-3374
https://notcve.org/view.php?id=CVE-2011-3374
25 Nov 2019 — It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. Se encontró que apt-key en apt, todas las versiones, no comprueban correctamente las claves gpg con el llavero maestro, lo que conlleva a un potencial ataque de tipo man-in-the-middle. • https://access.redhat.com/security/cve/cve-2011-3374 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.3EPSS: 10%CPEs: 11EXPL: 2CVE-2019-3462 – Debian Security Advisory 4371-1
https://notcve.org/view.php?id=CVE-2019-3462
22 Jan 2019 — Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. El saneamiento incorrecto de un campo de redirección 302 en el método HTTP "transport" en apt, en versiones 1.4.8 y anteriores, puede conducir a la inyección de contenido por parte de un atacante MITM, lo que puede conducir a la ejecución remota de código en el equipo objetivo. Max Justi... • https://github.com/tonejito/check_CVE-2019-3462 •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2018-0501 – Ubuntu Security Notice USN-3746-1
https://notcve.org/view.php?id=CVE-2018-0501
21 Aug 2018 — The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail. La implementación del método mirror:// en Advanced Package Tool (APT) en versiones 1.6.x anteriores a la 1.6.4 y 1.7.x anteriores a la 1.7.0~alpha3 maneja de manera incorrecta la verificación de firmas gpg para el archivo InRelease de un clon fallback, también conocido como mirrorfail. It was dis... • https://mirror.fail • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.9EPSS: 6%CPEs: 5EXPL: 4CVE-2016-1252 – APT - Repository Signing Bypass via Memory Allocation Failure
https://notcve.org/view.php?id=CVE-2016-1252
14 Dec 2016 — The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures. El paquete apt, en Debian jessie en versiones anteriores a la 1.0.9.8.4; Debian inestable en versiones anteriores a la 1.4~bet... • https://packetstorm.news/files/id/140145 • CWE-295: Improper Certificate Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-7206 – Debian Security Advisory 3048-1
https://notcve.org/view.php?id=CVE-2014-7206
08 Oct 2014 — The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file. El comando 'changelog' en Apt anterior a 1.0.9.2 permite a usuarios locales escribir ficheros arbitrarios a través de un ataque de enlaces simbólicos en el fichero 'changelog'. Guillem Jover discovered that APT incorrectly created a temporary file when handling the changelog command. A local attacker could use this issue to overwrite arbitrary files. In the default installat... • http://secunia.com/advisories/61158 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-6273 – Ubuntu Security Notice USN-2353-1
https://notcve.org/view.php?id=CVE-2014-6273
24 Sep 2014 — Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL. Desbordamiento de buffer en el código de transporte HTTP en apt-get en APT 1.0.1 y anteriores permite a atacantes man-in-the-middle causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una URL manipulada. It was discovered that APT incorrectly handled certain http... • http://secunia.com/advisories/61605 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •