CVSS: 10.0EPSS: 2%CPEs: 16EXPL: 2CVE-2024-12084 – Rsync: heap buffer overflow in rsync due to improper checksum length handling
https://notcve.org/view.php?id=CVE-2024-12084
15 Jan 2025 — A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. • https://github.com/themirze/cve-2024-12084 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2024-12088 – Rsync: --safe-links option bypass leads to path traversal
https://notcve.org/view.php?id=CVE-2024-12088
14 Jan 2025 — A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. • https://access.redhat.com/security/cve/CVE-2024-12088 • CWE-35: Path Traversal: '.../ •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 1CVE-2020-8118 – openSUSE Security Advisory - openSUSE-SU-2020:0229-1
https://notcve.org/view.php?id=CVE-2020-8118
04 Feb 2020 — An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application. Un ataque de tipo server-side request forgery autenticado en Nextcloud versión 16.0.1, permitió detectar servicios locales y remotos al agregar una nueva suscripción en la aplicación calendar. An update that fixes 6 vulnerabilities is now available. This update for nextcloud fixes the following issues. Nextcloud was updated to 15.0.14... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 0CVE-2019-13730 – chromium-browser: Type Confusion in V8
https://notcve.org/view.php?id=CVE-2019-13730
10 Dec 2019 — Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en JavaScript en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML especialmente diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.79. Issues... • http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.1EPSS: 5%CPEs: 7EXPL: 1CVE-2019-11717 – Mozilla: Caret character improperly escaped in origins
https://notcve.org/view.php?id=CVE-2019-11717
11 Jul 2019 — A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Se presenta una vulnerabilidad en la que el carácter de intercalación ("^") se escapa inapropiadamente al construir algunos URI debido a que se utiliza como separador, lo que permite la posible suplantación de atributos de origen. Esta v... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-116: Improper Encoding or Escaping of Output CWE-138: Improper Neutralization of Special Elements •
CVSS: 8.3EPSS: 1%CPEs: 7EXPL: 2CVE-2019-9811 – Mozilla Firefox Language Pack XUL Injection Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-9811
10 Jul 2019 — As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Como parte de una entrada Pwn2Own ganadora, un investigador demostró un escape del sandbox mediante la instalación de un paquete de idioma malicioso y luego abriendo una funcionalidad del navegador que usaba la traducción comprometida... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 0CVE-2019-11338 – Debian Security Advisory 4449-1
https://notcve.org/view.php?id=CVE-2019-11338
18 Apr 2019 — libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. libavcodec/hevcdec.c en FFmpeg versión 3.4 y versión 4.1.2 maneja de forma incorrecta la detección de los primeros cortes duplicados, lo que permite a los atacantes remotos causar una denegación de servicio (desreferencia de puntero NULL y acce... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5759
https://notcve.org/view.php?id=CVE-2016-5759
08 Sep 2017 — The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. El script mkdumprd llamado "dracut" en el directorio actual "." permite a los usuarios locales engañar al administrador para que ejecute código como root. • http://lists.opensuse.org/opensuse-updates/2016-10/msg00083.html • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 2%CPEs: 6EXPL: 0CVE-2017-8932 – golang: Elliptic curves carry propagation issue in x86-64 P-256
https://notcve.org/view.php?id=CVE-2017-8932
06 Jul 2017 — A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. Un error en la implementación de la bib... • http://lists.opensuse.org/opensuse-updates/2017-06/msg00079.html • CWE-682: Incorrect Calculation •
CVSS: 7.8EPSS: 10%CPEs: 52EXPL: 7CVE-2017-1000366 – Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-1000366
19 Jun 2017 — glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. Glibc contiene una vulnerabilidad que permite que los valores LD_LIBRARY_PATH esp... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •