CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-30156 – varnish: HTTP/2 Broken Window Attack may result in denial of service
https://notcve.org/view.php?id=CVE-2024-30156
24 Mar 2024 — Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustion for an HTTP/2 connection control flow window, aka a Broke Window Attack. Varnish Cache anterior a 7.3.2 y 7.4.x anterior a 7.4.3 (y anterior a 6.0.13 LTS), y Varnish Enterprise 6 anterior a 6.0.12r6, permite el agotamiento de los créditos para una ventana de flujo de control de conexión HTTP/2, también conocido como ataque de ventana rota. A flaw was found in the Var... • https://varnish-cache.org/docs/7.5/whats-new/changes-7.5.html#security • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-1394 – Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads
https://notcve.org/view.php?id=CVE-2024-1394
21 Mar 2024 — A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fa... • https://access.redhat.com/errata/RHSA-2024:1462 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 1%CPEs: 49EXPL: 0CVE-2023-5869 – Postgresql: buffer overrun from integer overflow in array modification
https://notcve.org/view.php?id=CVE-2023-5869
14 Nov 2023 — A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory. Se encontró una falla en PostgreS... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.6EPSS: 0%CPEs: 42EXPL: 0CVE-2023-5870 – Postgresql: role pg_signal_backend can signal certain superuser processes.
https://notcve.org/view.php?id=CVE-2023-5870
14 Nov 2023 — A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. Se encontró una falla en PostgreSQL que involucra la función pg_cancel_bac... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 2%CPEs: 42EXPL: 0CVE-2023-5868 – Postgresql: memory disclosure in aggregate function calls
https://notcve.org/view.php?id=CVE-2023-5868
14 Nov 2023 — A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. Se encontró una vulnerabi... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-686: Function Call With Incorrect Argument Type •
CVSS: 6.2EPSS: 0%CPEs: 14EXPL: 0CVE-2022-4900 – Potential buffer overflow in php_cli_server_startup_workers
https://notcve.org/view.php?id=CVE-2022-4900
02 Nov 2023 — A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. Se encontró una vulnerabilidad en PHP donde establecer la variable de entorno PHP_CLI_SERVER_WORKERS en un valor grande provoca un desbordamiento del búfer del heap. USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. • https://access.redhat.com/security/cve/CVE-2022-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-39417 – Postgresql: extension script @substitutions@ within quoting allow sql injection
https://notcve.org/view.php?id=CVE-2023-39417
11 Aug 2023 — IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. EN EL SCRIPT DE EXTENSIÓN, se encontró una vulnerabilidad de inyección SQL en PostgreSQL si usa @extowner@, @extschema@ o @extsch... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2454 – postgresql: schema_element defeats protective search_path changes
https://notcve.org/view.php?id=CVE-2023-2454
12 May 2023 — schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code. Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute ar... • https://access.redhat.com/security/cve/CVE-2023-2454 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2455 – postgresql: row security policies disregard user ID changes after inlining.
https://notcve.org/view.php?id=CVE-2023-2455
12 May 2023 — Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modificatio... • https://access.redhat.com/security/cve/CVE-2023-2455 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 1CVE-2022-4904 – c-ares: buffer overflow in config_sortlist() due to missing string length check
https://notcve.org/view.php?id=CVE-2022-4904
02 Mar 2023 — A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. • https://bugzilla.redhat.com/show_bug.cgi?id=2168631 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •