CVSS: 7.8EPSS: 87%CPEs: 9EXPL: 8CVE-2022-3602 – X.509 Email Address 4-byte Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-3602
01 Nov 2022 — A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash... • https://github.com/colmmacc/CVE-2022-3602 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.2EPSS: 0%CPEs: 11EXPL: 2CVE-2020-14394 – Ubuntu Security Notice USN-6567-2
https://notcve.org/view.php?id=CVE-2020-14394
17 Aug 2022 — An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Se ha encontrado un fallo de bucle infinito en la emulación del controlador USB xHCI de QEMU mientras es calculada la longitud del anillo de petición de transferencia (TRB). Este fallo permite a un usuario invitado privilegiado colgar el proceso de QEMU... • https://bugzilla.redhat.com/show_bug.cgi?id=1908004 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42778 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42778
18 Apr 2022 — A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. Se ha encontrado un problema de doble liberación de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_pkcs15_free_tokeninfo Multiple vulnerabilities have been discovered in OpenSC, the worst of which could result in the execution of arbitrary code. Versions less than 0.22.0 are affected. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185 • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42779 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42779
18 Apr 2022 — A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. Se encontró un problema de uso de memoria previamente liberada de la pila en Opensc versiones anteriores a 0.22.0, en la función sc_file_valid Multiple vulnerabilities have been discovered in OpenSC, the worst of which could result in the execution of arbitrary code. Versions less than 0.22.0 are affected. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42780 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42780
18 Apr 2022 — A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. Se ha encontrado un problema de tipo use after return En Opensc versiones anteriores a 0.22.0, en la función insert_pin que podría bloquear los programas que usan la biblioteca It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause a d... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383 • CWE-252: Unchecked Return Value •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-42781 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42781
18 Apr 2022 — Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. Se han encontrado problemas de desbordamiento del búfer de la pila en Opensc versiones anteriores a 0.22.0 en el archivo pkcs15-oberthur.c que podrían bloquear los programas usando la biblioteca Multiple vulnerabilities have been discovered in OpenSC, the worst of which could result in the execution of arbitrary code. Versions less than 0.22.0 are affected. • https://bugzilla.redhat.com/show_bug.cgi?id=2016439 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42782 – Gentoo Linux Security Advisory 202209-03
https://notcve.org/view.php?id=CVE-2021-42782
18 Apr 2022 — Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library. Se han encontrado problemas de desbordamiento del buffer de pila en Opensc versiones anteriores a 0.22.0, en varios lugares que podrían bloquear los programas usando la biblioteca It was discovered that OpenSC did not correctly handle certain memory operations, which could lead to a use-after-free vulnerability. An attacker could possibly use this issue to cause ... • https://bugzilla.redhat.com/show_bug.cgi?id=2016448 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 1%CPEs: 7EXPL: 0CVE-2021-3618 – Ubuntu Security Notice USN-6379-1
https://notcve.org/view.php?id=CVE-2021-3618
23 Mar 2022 — ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at ... • https://alpaca-attack.com • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-3578 – Gentoo Linux Security Advisory 202208-15
https://notcve.org/view.php?id=CVE-2021-3578
16 Feb 2022 — A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client. Se ha encontrado un fallo en mbsync versiones anteriores a v1.3.6 y v1.4.2, en el que un reparto de punteros no comprobado permite a un servidor malicioso o comprometido escribir un valor... • http://www.openwall.com/lists/oss-security/2021/06/07/1 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-44025 – Debian Security Advisory 5013-1
https://notcve.org/view.php?id=CVE-2021-44025
19 Nov 2021 — Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message. Roundcube versiones anteriores a 1.3.17 y versiones 1.4.x anteriores a 1.4.12, es propenso a un ataque de tipo XSS en el manejo de la extensión del nombre del archivo adjunto cuando se muestra un mensaje de advertencia de tipo MIME It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize reques... • https://bugs.debian.org/1000156 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •