CVSS: 9.1EPSS: 3%CPEs: 81EXPL: 2CVE-2019-10744 – nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties
https://notcve.org/view.php?id=CVE-2019-10744
25 Jul 2019 — Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. Las versiones de lodash inferiores a 4.17.12, son vulnerables a la Contaminación de Prototipo. La función defaultsDeep podría ser engañada para agregar o modificar las propiedades de Object.prototype usando una carga útil de constructor. A Prototype Pollution vulnerability was found in lodash. • https://github.com/ossf-cve-benchmark/CVE-2019-10744 • CWE-20: Improper Input Validation CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10194 – ovirt-engine-metrics: disclosure of sensitive passwords in log files and ansible playbooks
https://notcve.org/view.php?id=CVE-2019-10194
11 Jul 2019 — Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files (if playbooks are run with -v) or in playbooks stored on Metrics or Bastion hosts. Contraseñas confidenciales utilizadas en la implementación y configuración de oVirt Metrics, todas las versiones. Se detectó que no estaban suficientemente protegidas. Las contraseñas se pueden revelar en archivos de registro (si los playbooks se ejecutan... • http://www.securityfocus.com/bid/109140 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.1EPSS: 0%CPEs: 218EXPL: 7CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://github.com/isacaya/CVE-2019-11358 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 6.1EPSS: 2%CPEs: 56EXPL: 3CVE-2019-8331 – bootstrap: XSS in the tooltip or popover data-template attribute
https://notcve.org/view.php?id=CVE-2019-8331
20 Feb 2019 — In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. En Bootstrap, en versiones anteriores a la 3.4.1 y versiones 4.3.x anteriores a la 4.3.1, es posible Cross-Site Scripting (XSS) en los atributos de data-template tooltip o popover. A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popov... • https://github.com/Thampakon/CVE-2019-8331 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-16881 – rsyslog: imptcp: integer overflow when Octet-Counted TCP Framing is enabled
https://notcve.org/view.php?id=CVE-2018-16881
25 Jan 2019 — A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en rsyslog en el módulo imptcp. Un atacante podría enviar un mensaje especialmente manipulado al socket imptcp, lo que conduciría al cierre forzado de rsyslog. • https://access.redhat.com/errata/RHBA-2019:2501 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 5%CPEs: 10EXPL: 0CVE-2018-17958 – QEMU: rtl8139: integer overflow leads to buffer overflow
https://notcve.org/view.php?id=CVE-2018-17958
09 Oct 2018 — Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. Qemu tiene un desbordamiento de búfer en rtl8139_do_receive en hw/net/rtl8139.c debido a que se emplea un tipo de datos de enteros incorrecto. An integer overflow issue was found in the RTL8139 NIC emulation in QEMU. It could occur while receiving packets over the network if the size value is greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 16EXPL: 0CVE-2018-17963 – QEMU: net: ignore packets with large size
https://notcve.org/view.php?id=CVE-2018-17963
09 Oct 2018 — qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. qemu_deliver_packet_iov en net/net.c en Qemu acepta tamaños de paquetes mayores a INT_MAX, lo que permite que los atacantes provoquen una denegación de servicio (DoS) o tengan otro tipo de impacto sin especificar. A potential integer overflow issue was found in the networking back-end of QEMU. It could occur while receiving pac... • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.6EPSS: 46%CPEs: 665EXPL: 7CVE-2018-3639 – AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
https://notcve.org/view.php?id=CVE-2018-3639
21 May 2018 — Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas l... • https://packetstorm.news/files/id/147839 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5709 – Solarwinds Virtualization Manager 6.3.1 Weak Crypto
https://notcve.org/view.php?id=CVE-2016-5709
17 Jun 2016 — SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack. SolarWinds Virtualization Manager 6.3.1 y versiones anteriores, utiliza un cifrado débil para almacenar contraseñas en /etc/shadow, lo que permite a usuarios locales con privilegios de superusuario obtener contraseñas de usuarios a través de un ataque de fuerza bruta. Solarwinds Virtualization Manager... • http://packetstormsecurity.com/files/137525/Solarwinds-Virtualization-Manager-6.3.1-Weak-Crypto.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 2CVE-2016-3642 – Solarwinds Virtualization Manager 6.3.1 Java Deserialization
https://notcve.org/view.php?id=CVE-2016-3642
15 Jun 2016 — The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. El servicio RMI en SolarWinds Virtualization Manager 6.3.1 y versiones anteriores permite a atacantes ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). Solarwinds Virtualization Manager versions 6.3.... • https://packetstorm.news/files/id/137486 •