Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 505 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2020-8169 libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server(s). LOW Jul 28, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-8177 curl can be tricked by a malicious server to overwrite a local file when using -J (--remote-header-name) and -i (--include) in the same command line LOW Jul 28, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-8558 The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node\'s network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. MEDIUM Jul 27, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-8559 The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. MEDIUM Jul 27, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-15945 Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function. MEDIUM Jul 25, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-15888 Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free. HIGH Jul 24, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-8557 The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail. LOW Jul 23, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-15586 Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. MEDIUM Jul 17, 2020 None (Wind River Linux LTS 19)
CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. MEDIUM Jul 16, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2019-19338 A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has \'TSX\' enabled. Confidentiality of data is the highest threat associated with this vulnerability. LOW Jul 13, 2020 10.19.45.11 (Wind River Linux LTS 19)
CVE-2020-12399 NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. MEDIUM Jul 9, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-10745 A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability. HIGH Jul 7, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-10730 A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability. MEDIUM Jul 7, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-10760 A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba. MEDIUM Jul 6, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-14303 A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash. MEDIUM Jul 6, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-15393 In the Linux kernel through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. LOW Jul 2, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-15389 jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. MEDIUM Jun 30, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-15358 In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. HIGH Jun 27, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-10753 A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue. MEDIUM Jun 26, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2019-20892 net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release. MEDIUM Jun 25, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-15025 ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. MEDIUM Jun 24, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-14155 libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. HIGH Jun 19, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-14416 In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. MEDIUM Jun 18, 2020 10.19.45.8 (Wind River Linux LTS 19)
CVE-2020-14422 Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. MEDIUM Jun 18, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-10757 A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. MEDIUM Jun 13, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10732 A flaw was found in the Linux kernel\'s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. LOW Jun 13, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10761 An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service. MEDIUM Jun 9, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13974 An issue was discovered in the Linux kernel through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. HIGH Jun 9, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-13754 hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. MEDIUM Jun 8, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13659 address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. LOW Jun 8, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-12049 An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service\'s private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients. MEDIUM Jun 8, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10703 A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service. MEDIUM Jun 8, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13871 SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. MEDIUM Jun 7, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13777 GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. MEDIUM Jun 7, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13904 FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. MEDIUM Jun 7, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10878 Perl before 5.30.3 has an integer overflow related to mishandling of a PL_regkind[OP(n)] == NOTHING situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. HIGH Jun 5, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-12723 regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. MEDIUM Jun 5, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2019-20810 go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. MEDIUM Jun 5, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-8555 The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master\'s host network (such as link-local or loopback services). LOW Jun 5, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10543 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. HIGH Jun 5, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-13790 libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. MEDIUM Jun 5, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-10702 A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU. LOW Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13776 systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082. HIGH Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13765 rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. MEDIUM Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13791 hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. LOW Jun 4, 2020 10.19.45.10 (Wind River Linux LTS 19)
CVE-2020-13596 An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack. MEDIUM Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13800 ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. MEDIUM Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13254 An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. MEDIUM Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-12062 ** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client\'s download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol and utimes does not fail under normal circumstances. MEDIUM Jun 4, 2020 10.19.45.9 (Wind River Linux LTS 19)
CVE-2020-13817 ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim\'s ntpd instance. MEDIUM Jun 4, 2020 10.19.45.7 (Wind River Linux LTS 19)
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version.
Live chat
Online