CVSS: 9.0EPSS: 46%CPEs: 13EXPL: 1CVE-2020-9273 – Debian Security Advisory 4635-1
https://notcve.org/view.php?id=CVE-2020-9273
20 Feb 2020 — In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution. En ProFTPD versión 1.3.7, es posible corromper los grupos de memoria mediante la interrupción del canal de transferencia de datos. Esto conlleva a un uso de la memoria previamente liberada en la función alloc_pool en el archivo pool.c, y una posible ejecución de código remota. Antonio Morales discovered an user-afte... • https://github.com/ptef/CVE-2020-9273 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9272 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2020-9272
20 Feb 2020 — ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. ProFTPD versión 1.3.7, presenta una vulnerabilidad de lectura fuera de límites (OOB) en mod_cap por medio de la función cap_to_text del archivo cap_text.c. Multiple vulnerabilities have been found in ProFTPd, the worst of which may lead to arbitrary code execution. Versions less than 1.3.6c are affected. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00002.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
14 Aug 2018 — The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versio... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •