2020-01-16
|
CVE-2020-7105
|
async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.
|
Debian_linux, Fedora, Hiredis
|
7.5
|
|
|
2020-01-16
|
CVE-2020-7106
|
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
|
Cacti, Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports_sle, Leap, Package_hub
|
6.1
|
|
|
2020-01-21
|
CVE-2019-14902
|
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
|
Ubuntu_linux, Debian_linux, Leap, Samba
|
5.4
|
|
|
2020-01-21
|
CVE-2019-14907
|
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as...
|
Ubuntu_linux, Debian_linux, Fedora, Enterprise_linux, Storage, Samba, Directory_server, Diskstation_manager, Router_manager, Skynas
|
6.5
|
|
|
2020-01-28
|
CVE-2020-0549
|
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
Ubuntu_linux, Debian_linux, Fedora, Celeron_3855u_firmware, Celeron_3865u_firmware, Celeron_3955u_firmware, Celeron_3965u_firmware, Celeron_3965y_firmware, Celeron_g3900_firmware, Celeron_g3900t_firmware, Celeron_g3900te_firmware, Celeron_g3902e_firmware, Celeron_g3920_firmware, Celeron_g3920t_firmware, Celeron_g3930e_firmware, Celeron_g3930te_firmware, Celeron_g3940_firmware, Celeron_g4900_firmware, Celeron_g4900t_firmware, Celeron_g4920_firmware, Core_i3\-6100_firmware, Core_i3\-6100e_firmware, Core_i3\-6100h_firmware, Core_i3\-6100t_firmware, Core_i3\-6100te_firmware, Core_i3\-6100u_firmware, Core_i3\-6102e_firmware, Core_i3\-6110u_firmware, Core_i3\-6120_firmware, Core_i3\-6120t_firmware, Core_i3\-6167u_firmware, Core_i3\-6300_firmware, Core_i3\-6300t_firmware, Core_i3\-6320_firmware, Core_i3\-6320t_firmware, Core_i3\-7007u_firmware, Core_i3\-7020u_firmware, Core_i3\-7100e_firmware, Core_i3\-7100h_firmware, Core_i3\-7100u_firmware, Core_i3\-7101e_firmware, Core_i3\-7101te_firmware, Core_i3\-7102e_firmware, Core_i3\-7110u_firmware, Core_i3\-7120_firmware, Core_i3\-7120t_firmware, Core_i3\-7130u_firmware, Core_i3\-7167u_firmware, Core_i3\-7320t_firmware, Core_i3\-7340_firmware, Core_i3\-8000_firmware, Core_i3\-8000t_firmware, Core_i3\-8020_firmware, Core_i3\-8100_firmware, Core_i3\-8100h_firmware, Core_i3\-8100t_firmware, Core_i3\-8120_firmware, Core_i3\-8130u_firmware, Core_i3\-8145u_firmware, Core_i3\-8300_firmware, Core_i3\-8300t_firmware, Core_i3\-8350k_firmware, Core_i4205u_firmware, Core_i5405u_firmware, Core_i5\-6200u_firmware, Core_i5\-6210u_firmware, Core_i5\-6260u_firmware, Core_i5\-6267u_firmware, Core_i5\-6287u_firmware, Core_i5\-6300hq_firmware, Core_i5\-6300u_firmware, Core_i5\-6310u_firmware, Core_i5\-6350hq_firmware, Core_i5\-6360u_firmware, Core_i5\-6400_firmware, Core_i5\-6400t_firmware, Core_i5\-6440eq_firmware, Core_i5\-6440hq_firmware, Core_i5\-6442eq_firmware, Core_i5\-6500_firmware, Core_i5\-6500t_firmware, Core_i5\-6500te_firmware, Core_i5\-6600_firmware, Core_i5\-6600k_firmware, Core_i5\-6600t_firmware, Core_i5\-7200u_firmware, Core_i5\-7210u_firmware, Core_i5\-7260u_firmware, Core_i5\-7267u_firmware, Core_i5\-7287u_firmware, Core_i5\-7300hq_firmware, Core_i5\-7300u_firmware, Core_i5\-7360u_firmware, Core_i5\-7400_firmware, Core_i5\-7400t_firmware, Core_i5\-7440eq_firmware, Core_i5\-7440hq_firmware, Core_i5\-7442eq_firmware, Core_i5\-7500_firmware, Core_i5\-7500t_firmware, Core_i5\-7500u_firmware, Core_i5\-7600_firmware, Core_i5\-7600k_firmware, Core_i5\-7600t_firmware, Core_i5\-7640x_firmware, Core_i5\-7y54_firmware, Core_i5\-7y57_firmware, Core_i5\-8250u_firmware, Core_i5\-8265u_firmware, Core_i5\-8300h_firmware, Core_i5\-8305g_firmware, Core_i5\-8350u_firmware, Core_i5\-8365u_firmware, Core_i5\-8400_firmware, Core_i5\-8400b_firmware, Core_i5\-8400h_firmware, Core_i5\-8400t_firmware, Core_i5\-8420_firmware, Core_i5\-8420t_firmware, Core_i5\-8500_firmware, Core_i5\-8500b_firmware, Core_i5\-8500t_firmware, Core_i5\-8550_firmware, Core_i5\-8600_firmware, Core_i5\-8600k_firmware, Core_i5\-8600t_firmware, Core_i5\-8650_firmware, Core_i5\-8650k_firmware, Core_i5\-9300h_firmware, Core_i5\-9400_firmware, Core_i5\-9400f_firmware, Core_i5\-9400h_firmware, Core_i5\-9600k_firmware, Core_i5\-9600kf_firmware, Core_i5_10110y_firmware, Core_i5_10210y_firmware, Core_i5_10310y_firmware, Core_i7\-6500u_firmware, Core_i7\-6510u_firmware, Core_i7\-6560u_firmware, Core_i7\-6567u_firmware, Core_i7\-6600u_firmware, Core_i7\-6650u_firmware, Core_i7\-6660u_firmware, Core_i7\-6700_firmware, Core_i7\-6700hq_firmware, Core_i7\-6700k_firmware, Core_i7\-6700t_firmware, Core_i7\-6700te_firmware, Core_i7\-6770hq_firmware, Core_i7\-6820eq_firmware, Core_i7\-6820hk_firmware, Core_i7\-6820hq_firmware, Core_i7\-6822eq_firmware, Core_i7\-6870hq_firmware, Core_i7\-6920hq_firmware, Core_i7\-6970hq_firmware, Core_i7\-7500u_firmware, Core_i7\-7510u_firmware, Core_i7\-7560u_firmware, Core_i7\-7567u_firmware, Core_i7\-7600u_firmware, Core_i7\-7640x_firmware, Core_i7\-7660u_firmware, Core_i7\-7700_firmware, Core_i7\-7700hq_firmware, Core_i7\-7700k_firmware, Core_i7\-7700t_firmware, Core_i7\-7740x_firmware, Core_i7\-7800x_firmware, Core_i7\-7820eq_firmware, Core_i7\-7820hk_firmware, Core_i7\-7820hq_firmware, Core_i7\-7820x_firmware, Core_i7\-7920hq_firmware, Core_i7\-7y75_firmware, Core_i7\-8550u_firmware, Core_i7\-8565u_firmware, Core_i7\-8569u_firmware, Core_i7\-8650u_firmware, Core_i7\-8665u_firmware, Core_i7\-8670_firmware, Core_i7\-8670t_firmware, Core_i7\-8700_firmware, Core_i7\-8700b_firmware, Core_i7\-8700k_firmware, Core_i7\-8700t_firmware, Core_i7\-8705g_firmware, Core_i7\-8706g_firmware, Core_i7\-8709g_firmware, Core_i7\-8750h_firmware, Core_i7\-8809g_firmware, Core_i7\-8850h_firmware, Core_i7\-9700k_firmware, Core_i7\-9700kf_firmware, Core_i7\-9750hf_firmware, Core_i7\-9850h_firmware, Core_i7_10510y_firmware, Core_i7_8500y_firmware, Core_i7_8550u_firmware, Core_i7_8559u_firmware, Core_i7_8560u_firmware, Core_i7_8565u_firmware, Core_i7_8650u_firmware, Core_i9\-10900x_firmware, Core_i9\-10920x_firmware, Core_i9\-10940x_firmware, Core_i9\-7900x_firmware, Core_i9\-7920x_firmware, Core_i9\-7940x_firmware, Core_i9\-7960x_firmware, Core_i9\-7980xe_firmware, Core_i9\-8950hk_firmware, Core_i9\-9800x_firmware, Core_i9\-9820x_firmware, Core_i9\-9880h_firmware, Core_i9\-9900k_firmware, Core_i9\-9900kf_firmware, Core_i9\-9900x_firmware, Core_i9\-9920x_firmware, Core_i9\-9940x_firmware, Core_i9\-9960x_firmware, Core_i9\-9980hk_firmware, Core_m3\-6y30_firmware, Core_m3\-7y30_firmware, Core_m5\-6y54_firmware, Core_m5\-6y57_firmware, Core_m7\-6y75_firmware, Pentium_4405u_firmware, Pentium_4405y_firmware, Pentium_4410y_firmware, Pentium_4415u_firmware, Pentium_4415y_firmware, Pentium_g4400_firmware, Pentium_g4400t_firmware, Pentium_g4400te_firmware, Pentium_g4420_firmware, Pentium_g4420t_firmware, Pentium_g4500_firmware, Pentium_g4500t_firmware, Pentium_g4520_firmware, Pentium_g4520t_firmware, Pentium_g4540_firmware, Pentium_g5400_firmware, Pentium_g5400t_firmware, Pentium_g5420_firmware, Pentium_g5420t_firmware, Pentium_g5500_firmware, Pentium_g5500t_firmware, Pentium_g5600_firmware, Xeon_3104_firmware, Xeon_3106_firmware, Xeon_3204_firmware, Xeon_3206r_firmware, Xeon_4108_firmware, Xeon_4109t_firmware, Xeon_4110_firmware, Xeon_4112_firmware, Xeon_4114_firmware, Xeon_4114t_firmware, Xeon_4116_firmware, Xeon_4116t_firmware, Xeon_4208_firmware, Xeon_4208r_firmware, Xeon_4209t_firmware, Xeon_4210_firmware, Xeon_4210r_firmware, Xeon_4214_firmware, Xeon_4214c_firmware, Xeon_4214r_firmware, Xeon_4214y_firmware, Xeon_4215_firmware, Xeon_4216_firmware, Xeon_4216r_firmware, Xeon_5115_firmware, Xeon_5118_firmware, Xeon_5119t_firmware, Xeon_5120_firmware, Xeon_5120t_firmware, Xeon_5122_firmware, Xeon_5215_firmware, Xeon_5215l_firmware, Xeon_5215m_firmware, Xeon_5215r_firmware, Xeon_5217_firmware, Xeon_5218_firmware, Xeon_5218b_firmware, Xeon_5218n_firmware, Xeon_5218t_firmware, Xeon_5220_firmware, Xeon_5220r_firmware, Xeon_5220s_firmware, Xeon_5220t_firmware, Xeon_5222_firmware, Xeon_6126_firmware, Xeon_6126f_firmware, Xeon_6126t_firmware, Xeon_6128_firmware, Xeon_6130_firmware, Xeon_6130f_firmware, Xeon_6130t_firmware, Xeon_6132_firmware, Xeon_6134_firmware, Xeon_6134m_firmware, Xeon_6136_firmware, Xeon_6138_firmware, Xeon_6138f_firmware, Xeon_6138t_firmware, Xeon_6140_firmware, Xeon_6140m_firmware, Xeon_6142_firmware, Xeon_6142f_firmware, Xeon_6142m_firmware, Xeon_6144_firmware, Xeon_6146_firmware, Xeon_6148_firmware, Xeon_6148f_firmware, Xeon_6150_firmware, Xeon_6152_firmware, Xeon_6154_firmware, Xeon_6222v_firmware, Xeon_6226_firmware, Xeon_6230_firmware, Xeon_6230n_firmware, Xeon_6230t_firmware, Xeon_6234_firmware, Xeon_6238_firmware, Xeon_6238l_firmware, Xeon_6238m_firmware, Xeon_6238t_firmware, Xeon_6240_firmware, Xeon_6240l_firmware, Xeon_6240m_firmware, Xeon_6240y_firmware, Xeon_6242_firmware, Xeon_6244_firmware, Xeon_6246_firmware, Xeon_6248_firmware, Xeon_6252_firmware, Xeon_6252n_firmware, Xeon_6254_firmware, Xeon_6262v_firmware, Xeon_8153_firmware, Xeon_8156_firmware, Xeon_8158_firmware, Xeon_8160_firmware, Xeon_8160f_firmware, Xeon_8160m_firmware, Xeon_8160t_firmware, Xeon_8164_firmware, Xeon_8168_firmware, Xeon_8170_firmware, Xeon_8170m_firmware, Xeon_8176_firmware, Xeon_8176f_firmware, Xeon_8176m_firmware, Xeon_8180_firmware, Xeon_8180m_firmware, Xeon_8253_firmware, Xeon_8256_firmware, Xeon_8260_firmware, Xeon_8260l_firmware, Xeon_8260m_firmware, Xeon_8260y_firmware, Xeon_8268_firmware, Xeon_8270_firmware, Xeon_8276_firmware, Xeon_8276l_firmware, Xeon_8276m_firmware, Xeon_8280_firmware, Xeon_8280l_firmware, Xeon_8280m_firmware, Xeon_9220_firmware, Xeon_9221_firmware, Xeon_9222_firmware, Xeon_9242_firmware, Xeon_9282_firmware, Xeon_e3\-1220_firmware, Xeon_e3\-1225_firmware, Xeon_e3\-1230_firmware, Xeon_e3\-1240_firmware, Xeon_e3\-1245_firmware, Xeon_e3\-1270_firmware, Xeon_e3\-1275_firmware, Xeon_e3\-1280_firmware, Xeon_e3\-1285_firmware, Xeon_e3\-1501l_firmware, Xeon_e3\-1501m_firmware, Xeon_e3\-1505l_firmware, Xeon_e3\-1505m_firmware, Xeon_e3\-1535m_firmware, Xeon_e\-2124_firmware, Xeon_e\-2124g_firmware, Xeon_e\-2134_firmware, Xeon_e\-2144g_firmware, Xeon_e\-2174g_firmware, Xeon_e\-2184g_firmware, Xeon_e\-2224_firmware, Xeon_e\-2224g_firmware, Xeon_e\-2234_firmware, Xeon_e\-2244g_firmware, Xeon_e\-2254me_firmware, Xeon_e\-2254ml_firmware, Xeon_e\-2274g_firmware, Xeon_e\-2284g_firmware, Xeon_w\-2123_firmware, Xeon_w\-2125_firmware, Xeon_w\-2133_firmware, Xeon_w\-2135_firmware, Xeon_w\-2145_firmware, Xeon_w\-2155_firmware, Xeon_w\-2175_firmware, Xeon_w\-2195_firmware, Xeon_w\-2223_firmware, Xeon_w\-2225_firmware, Xeon_w\-2235_firmware, Xeon_w\-2245_firmware, Xeon_w\-2255_firmware, Xeon_w\-2265_firmware, Xeon_w\-2275_firmware, Xeon_w\-2295_firmware, Xeon_w\-3223_firmware, Xeon_w\-3225_firmware, Xeon_w\-3235_firmware, Xeon_w\-3245_firmware, Xeon_w\-3245m_firmware, Xeon_w\-3265_firmware, Xeon_w\-3265m_firmware, Xeon_w\-3275_firmware, Xeon_w\-3275m_firmware, Leap
|
5.5
|
|
|
2020-01-24
|
CVE-2014-4172
|
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parameter to validation/AbstractUrlBasedTicketValidator.java or (2) pgtUrl parameter to validation/Cas20ServiceTicketValidator.java.
|
\.net_cas_client, Java_cas_client, Phpcas, Debian_linux, Fedora
|
9.8
|
|
|
2020-01-27
|
CVE-2020-7238
|
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.
|
Debian_linux, Fedora, Netty, Jboss_enterprise_application_platform, Jboss_enterprise_application_platform_text\-Only_advisories, Openshift_application_runtimes_text\-Only_advisories
|
7.5
|
|
|
2020-01-28
|
CVE-2020-8112
|
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
|
Debian_linux, Openjpeg
|
8.8
|
|
|
2020-01-28
|
CVE-2015-8011
|
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
|
Debian_linux, Fedora, Lldpd
|
9.8
|
|
|
2020-01-29
|
CVE-2019-18634
|
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
|
Debian_linux, Sudo
|
7.8
|
|
|