CVE-2021-45105 – Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
https://notcve.org/view.php?id=CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. Apache Log4j2 versiones 2.0-alpha1 hasta 2.16.0 (excluyendo las versiones 2.12.3 y 2.3.1) no protegían de la recursión no controlada de las búsquedas autorreferenciales. Esto permite a un atacante con control sobre los datos de Thread Context Map causar una denegación de servicio cuando es interpretada una cadena diseñada. • https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 https://github.com/tejas-nagchandi/CVE-2021-45105 https://github.com/pravin-pp/log4j2-CVE-2021-45105 https://github.com/dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1 https://github.com/dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105 https://github.com/dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v htt • CWE-20: Improper Input Validation CWE-674: Uncontrolled Recursion •
CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. • http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html http://seclists.org/fulldisclosure/2021/Dec/19 http://seclists.org/fulldisclosure/2021/Dec/20 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujan2023.html https://www.oracle.com/security-alerts/cpujul2021.html https: • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •
CVE-2021-20227
https://notcve.org/view.php?id=CVE-2021-20227
A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la funcionalidad de consulta SELECT de SQLite (src/select.c). Este fallo permite a un atacante que es capaz de ejecutar consultas SQL localmente en la base de datos SQLite causar una denegación de servicio o una posible ejecución de código desencadenando un uso de la memoria previamente liberada. • https://bugzilla.redhat.com/show_bug.cgi?id=1924886 https://security.gentoo.org/glsa/202103-04 https://security.gentoo.org/glsa/202210-40 https://security.netapp.com/advisory/ntap-20210423-0010 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.sqlite.org/releaselog/3_34_1.html • CWE-416: Use After Free •
CVE-2020-15358 – sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c
https://notcve.org/view.php?id=CVE-2020-15358
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. En SQLite versiones anteriores a 3.32.3, el archivo select.c maneja inapropiadamente la optimización query-flattener, conllevando a un desbordamiento de la pila de multiSelectOrderBy debido al uso inapropiado de las propiedades transitivas para la propagación constante A heap buffer overflow was found in SQLite in the query flattening optimization technique. This flaw allows an attacker to execute SQL statements to crash the application, resulting in a denial of service. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2020/Nov/19 http://seclists.org/fulldisclosure/2020/Nov/20 http://seclists.org/fulldisclosure/2020/Nov/22 http://seclists.org/fulldisclosure/2021/Feb/14 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200709-0001 https://support.apple.com/kb/HT211843 https://support.apple.com/kb/HT211844 https • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2020-13871
https://notcve.org/view.php?id=CVE-2020-13871
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. SQLite versión 3.32.2, presenta un uso de la memoria previamente liberada en la función resetAccumulator en el archivo select.c porque la reescritura del árbol de análisis para funciones de ventana es demasiado tarde • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN32AGQPMHZRNM6P6L5GZPETOWTGXOKP https://security.gentoo.org/glsa/202007-26 https://security.netapp.com/advisory/ntap-20200619-0002 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpujan2021.html https://www.sqlite.org/src/info/79eff1d03831 • CWE-416: Use After Free •