CVSS: 7.8EPSS: 84%CPEs: 9EXPL: 8CVE-2022-3602 – X.509 Email Address 4-byte Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-3602
01 Nov 2022 — A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash... • https://github.com/colmmacc/CVE-2022-3602 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-28919
https://notcve.org/view.php?id=CVE-2022-28919
12 May 2022 — HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename. Se ha detectado que HTMLCreator versión release_stable_2020-07-29, contiene una vulnerabilidad de cross-site scripting (XSS) por medio de la función _generateFilename • https://github.com/splitbrain/dokuwiki/issues/3651 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14312
https://notcve.org/view.php?id=CVE-2020-14312
05 Feb 2021 — A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against ot... • https://bugzilla.redhat.com/show_bug.cgi?id=1851342 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19010
https://notcve.org/view.php?id=CVE-2019-19010
16 Nov 2019 — Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. Una inyección eval en el plugin Math de Limnoria (versiones anteriores a 2019.11.09) y Supybot (hasta el 09-05-2018) permite a atacantes remotos no privilegiados revelar información o posiblemente tener otro impacto no especificado por medio de los comandos calc e icalc IR... • https://github.com/ProgVal/Limnoria/commit/3848ae78de45b35c029cc333963d436b9d2f0a35 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-14869 – ghostscript: -dSAFER escape in .charkeys (701841)
https://notcve.org/view.php?id=CVE-2019-14869
15 Nov 2019 — A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges within the Ghostscript and access files outside of restricted areas or execute commands. Se detectó un fallo en todas las versiones de ghostscript 9.x en versiones anteriores a la 9.50, donde el ... • http://jvn.jp/en/jp/JVN52486659/index.html • CWE-648: Incorrect Use of Privileged APIs CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 4%CPEs: 7EXPL: 0CVE-2019-18425 – Gentoo Linux Security Advisory 202003-56
https://notcve.org/view.php?id=CVE-2019-18425
31 Oct 2019 — An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performed by the emulating code. Such accesses should respect the guest specified limits, unless otherwise guaranteed to fail in such a case. Without this, emulation of 32-bit guest user mode calls through call gates would ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00037.html • CWE-269: Improper Privilege Management •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0CVE-2019-18424 – Gentoo Linux Security Advisory 202003-56
https://notcve.org/view.php?id=CVE-2019-18424
31 Oct 2019 — An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only t... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00037.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 5%CPEs: 6EXPL: 0CVE-2019-18423 – Gentoo Linux Security Advisory 202003-56
https://notcve.org/view.php?id=CVE-2019-18423
31 Oct 2019 — An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity check guest physical frame. The rest of the code in the two functions will assume that there is a valid root table and check that with BUG_ON(). The function p2m_get_root_pointer() will ignore the unused top bits of a guest physical frame. This means that the fun... • http://www.openwall.com/lists/oss-security/2019/10/31/4 • CWE-193: Off-by-one Error •
CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 0CVE-2019-18422 – Debian Security Advisory 4602-1
https://notcve.org/view.php?id=CVE-2019-18422
31 Oct 2019 — An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an exception occurs on an ARM system which is handled without changing processor level, some interrupts are unconditionally enabled during exception entry. So exceptions which occur when interrupts are masked will effectively unmask the interrupts. A malicious guest mig... • http://www.openwall.com/lists/oss-security/2019/10/31/5 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 0CVE-2019-18421 – Gentoo Linux Security Advisory 202003-56
https://notcve.org/view.php?id=CVE-2019-18421
31 Oct 2019 — An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen exposes the actual hardware pagetables to the guest. In order to prevent the guest from modifying these page tables directly, Xen keeps track of how pages are used using a type system; pages must be "promoted" before ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00037.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •