CVSS: 7.5EPSS: 1%CPEs: 274EXPL: 0CVE-2013-4345 – kernel: ansi_cprng: off by one error in non-block size request
https://notcve.org/view.php?id=CVE-2013-4345
10 Oct 2013 — Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data. Error de superación en la función get_prng_bytes en crypto/ansi_cprng.c en el kernel de Linux hasta la versión 3.11.4 hace que sea más fácil para atacantes dependientes del contexto anular mecanism... • http://marc.info/?l=linux-crypto-vger&m=137942122902845&w=2 • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2013-4255 – condor: condor_startd DoS when parsing policy definition that evaluates to ERROR or UNDEFINED
https://notcve.org/view.php?id=CVE-2013-4255
21 Aug 2013 — The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. La política de definición evaluadora en Condor 7.5.4, 8.0.0, y versiones anteriores no trata correctamente los atributos de una (1) PREEMPT, (2) SUSPEND, (3)... • http://rhn.redhat.com/errata/RHSA-2013-1171.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 58%CPEs: 18EXPL: 6CVE-2013-1892 – MongoDB - nativeHelper.apply Remote Code Execution
https://notcve.org/view.php?id=CVE-2013-1892
02 Apr 2013 — MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument. MongoDB anterior a v2.0.9 y v2.2.x anterior a v.2.4 no valida correctamente las peticiones de la función nativeHelper en SpiderMonkey, lo que permite a usuarios autenticados remotamente provocar una... • https://packetstorm.news/files/id/121045 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-4462 – condor: DoS when removing jobs via jobcontrol.py when job id is in square brackets
https://notcve.org/view.php?id=CVE-2012-4462
07 Mar 2013 — aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option. aviary/jobcontrol.py de Condor, es usado en Red Hat Enterprise MRG v2.3, cuando se eliminan tareas, permite a atacantes remotos causar una denegación de servicios (condor_schedd reinicio) a través de corchetes en la opción cproc. Red Hat Enterprise MRG is a next-generation IT infrastructure for enterp... • http://rhn.redhat.com/errata/RHSA-2013-0564.html • CWE-20: Improper Input Validation •