Show filters
252 Total Results
Displaying 51-60 of 252
Sort by:
Attacker Value
Unknown
CVE-2020-7041
Disclosure Date: February 27, 2020 (last updated February 21, 2025)
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
0
Attacker Value
Unknown
CVE-2020-7042
Disclosure Date: February 27, 2020 (last updated February 21, 2025)
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (only a malformed certificate may be accepted).
0
Attacker Value
Unknown
CVE-2020-7043
Disclosure Date: February 27, 2020 (last updated February 21, 2025)
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com attack.
0
Attacker Value
Unknown
CVE-2020-8608
Disclosure Date: February 06, 2020 (last updated February 21, 2025)
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
0
Attacker Value
Unknown
CVE-2020-5208
Disclosure Date: February 05, 2020 (last updated February 21, 2025)
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
0
Attacker Value
Unknown
CVE-2018-20105
Disclosure Date: January 27, 2020 (last updated February 21, 2025)
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.
0
Attacker Value
Unknown
CVE-2020-5202
Disclosure Date: January 21, 2020 (last updated November 27, 2024)
apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.
0
Attacker Value
Unknown
CVE-2019-20386
Disclosure Date: January 21, 2020 (last updated February 21, 2025)
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
0
Attacker Value
Unknown
CVE-2020-7039
Disclosure Date: January 16, 2020 (last updated February 21, 2025)
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
0
Attacker Value
Unknown
CVE-2019-5188
Disclosure Date: January 08, 2020 (last updated February 21, 2025)
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.
0