6783 results (0.013 seconds)

CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-7008 – Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

https://notcve.org/view.php?id=CVE-2023-7008

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. Se encontró una vulnerabilidad en systemd-resolved. Este problema puede permitir que systemd-resolved acepte registros de dominios firmados por DNSSEC incluso cuando no tienen firma, lo que permite que los intermediarios (o el solucionador de DNS ascendente) manipulen los registros. • https://access.redhat.com/errata/RHSA-2024:2463 https://access.redhat.com/errata/RHSA-2024:3203 https://access.redhat.com/security/cve/CVE-2023-7008 https://bugzilla.redhat.com/show_bug.cgi?id=2222261 https://bugzilla.redhat.com/show_bug.cgi?id=2222672 https://github.com/systemd/systemd/issues/25676 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject • CWE-300: Channel Accessible by Non-Endpoint •

CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2023-39417 – Postgresql: extension script @substitutions@ within quoting allow sql injection

https://notcve.org/view.php?id=CVE-2023-39417

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. EN EL SCRIPT DE EXTENSIÓN, se encontró una vulnerabilidad de inyección SQL en PostgreSQL si usa @extowner@, @extschema@ o @extschema:...@ dentro de una construcción de cotización (cotización en dólares, '' o ""). Si un administrador ha instalado archivos de una extensión vulnerable, de confianza y no empaquetada, un atacante con privilegios CREATE de nivel de base de datos puede ejecutar código arbitrario como superusuario de arranque. • https://access.redhat.com/errata/RHSA-2023:7545 https://access.redhat.com/errata/RHSA-2023:7579 https://access.redhat.com/errata/RHSA-2023:7580 https://access.redhat.com/errata/RHSA-2023:7581 https://access.redhat.com/errata/RHSA-2023:7616 https://access.redhat.com/errata/RHSA-2023:7656 https://access.redhat.com/errata/RHSA-2023:7666 https://access.redhat.com/errata/RHSA-2023:7667 https://access.redhat.com/errata/RHSA-2023:7694 https://access.redhat.com/errata/RHSA • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 1

CVE-2023-24998 – Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts

https://notcve.org/view.php?id=CVE-2023-24998

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured. A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform. • https://github.com/nice1st/CVE-2023-24998 http://www.openwall.com/lists/oss-security/2023/05/22/1 https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html https://security.gentoo.org/glsa/202305-37 https://www.debian.org/security/2023/dsa-5522 https://access.redhat.com/security/cve/CVE-2023-24998 https://bugzilla.redhat.com/show_bug.cgi?id=2172298 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: 152EXPL: 0

CVE-2022-3088

https://notcve.org/view.php?id=CVE-2022-3088

UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges. System Image UC-8100A-ME-T: Versiones v1.0 a v1.6, System Image UC-2100: Versiones v1.0 a v1.12, System Image UC-2100-W: Versiones v1.0 a v 1.12, System Image UC-3100: versiones v1.0 a v1.6, System Image UC-5100: versiones v1.0 a v1.4, System Image UC-8100: versiones v3.0 a v3.5, System Image UC-8100-ME-T: Versiones v3.0 y v3.1, System Image UC-8200: v1.0 a v1.5, System Image AIG-300: v1.0 a v1.4, System Image UC-8410A con Debian 9: Versiones v4.0.2 y v4.1.2, System Image UC-8580 con Debian 9: Versiones v2.0 y v2.1, System Image UC-8540 con Debian 9: Versiones v2.0 y v2.1, y System Image DA -662C-16-LX (GLB): Las versiones v1.0.2 a v1.1.2 Las máquinas basadas en ARM de Moxa tienen una vulnerabilidad de ejecución con privilegios innecesarios, lo que podría permitir que un atacante con privilegios de nivel de usuario obtenga privilegios de root. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-326-05 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2021-46837

https://notcve.org/view.php?id=CVE-2021-46837

res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation. La función res_pjsip_t38 en Sangoma Asterisk versiones 16.x anteriores a 16.16.2, 17.x anteriores a 17.9.3, y 18.x anteriores a 18.2.2, y Certified Asterisk anteriores a 16.8-cert7, permite a un atacante desencadenar un fallo mediante el envío de una línea m=image y un puerto cero en una respuesta a una Re invitación T.38 iniciada por Asterisk. Se trata de una reaparición de los síntomas de la CVE-2019-15297 pero no exactamente por el mismo motivo. • https://downloads.asterisk.org/pub/security/AST-2021-006.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://www.debian.org/security/2022/dsa-5285 • CWE-476: NULL Pointer Dereference •