CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-0408 – Xorg-x11-server: selinux unlabeled glx pbuffer
https://notcve.org/view.php?id=CVE-2024-0408
17 Jan 2024 — A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. Se encontró una falla en el servidor X.Org. El código GLX PBuffer no llama al gancho XACE al crear el bú... • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-158: Improper Neutralization of Null Byte or NUL Character •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-0409 – Xorg-x11-server: selinux context corruption
https://notcve.org/view.php?id=CVE-2024-0409
17 Jan 2024 — A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. Se encontró una falla en el servidor X.Org. El código del cursor tanto en Xephyr como en Xwayland utiliza el tipo incorrecto de privado en el momento de la creación. • https://access.redhat.com/errata/RHSA-2024:0320 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 87%CPEs: 56EXPL: 170CVE-2021-4034 – Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-4034
26 Jan 2022 — A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfull... • https://packetstorm.news/files/id/166196 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 1CVE-2021-3622 – hivex: stack overflow due to recursive call of _get_children()
https://notcve.org/view.php?id=CVE-2021-3622
31 Aug 2021 — A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file, which would cause hivex to recursively call the _get_children() function, leading to a stack overflow. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en hivex library. Este fallo permite a un atacante introducir un archivo del Registro de Windows (hive) especialmente diseñado, lo que causaría que hivex llamara recursivamente a la func... • https://bugzilla.redhat.com/show_bug.cgi?id=1975489 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
12 Mar 2020 — An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 86%CPEs: 8EXPL: 8CVE-2020-6418 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-6418
27 Feb 2020 — Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.122, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed include integer overflow, ... • https://packetstorm.news/files/id/156632 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 1CVE-2020-6386 – chromium-browser: Use after free in speech
https://notcve.org/view.php?id=CVE-2020-6386
27 Feb 2020 — Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en speech en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 52%CPEs: 8EXPL: 1CVE-2020-6383 – chromium-browser: Type confusion in V8
https://notcve.org/view.php?id=CVE-2020-6383
27 Feb 2020 — Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed include integer overflow, ... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 1CVE-2020-6384 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6384
27 Feb 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebAudio en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addre... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 8%CPEs: 17EXPL: 0CVE-2020-3757 – flash-plugin: Arbitrary Code Execution vulnerability (APSB20-06)
https://notcve.org/view.php?id=CVE-2020-3757
13 Feb 2020 — Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versiones 32.0.0.321 y anteriores, 32.0.0.314 y anteriores, 32.0.0.321 y anteriores, y 32.0.0.255 y anteriores, presenta una vulnerabilidad de confusión de tipos. Una explotación con éxito podría conllevar a una ejecución de código arbitrario. The flash-plugin pack... • https://access.redhat.com/errata/RHSA-2020:0513 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •