Log

CVE-2019-5861 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Content spoofing
Description
+ An issue has been found in Chromium before 76.0.3809.87, where click location was incorrectly checked.
References
+ https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html
+ https://crbug.com/951525
Notes
CVE-2019-5862 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An issue with AppCache not being robust to compromised renderers has been found in Chromium before 76.0.3809.87.
References
+ https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html
+ https://crbug.com/946260
Notes
CVE-2019-5864 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An insufficient port filtering in CORS for extensions issue has been found in Chromium before 76.0.3809.87.
References
+ https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html
+ https://crbug.com/936900
Notes
CVE-2019-5865 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A site isolation bypass from a compromised renderer has been found in Chromium before 76.0.3809.87.
References
+ https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html
+ https://crbug.com/973103
Notes
CVE-2019-5867 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An out-of-bounds read has been found in the V8 component of the chromium browser before 76.0.3809.100.
References
+ https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop.html
+ https://crbug.com/984344
Notes
CVE-2019-5868 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free issue has been found in PDFium's ExecuteFieldAction, in the chromium browser before 76.0.3809.100.
References
+ https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop.html
+ https://crbug.com/983867
Notes
CVE-2019-5882 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ A use-after-free vulnerability has been found in irssi before 1.1.2, when hidden lines were expired from the scroll buffer.
References
+ https://marc.info/?l=oss-security&m=154711952322177
+ https://irssi.org/security/irssi_sa_2019_01.txt
+ https://github.com/irssi/irssi/pull/948
Notes
+ Apparently fixed in PR 948, not sure why 919 is referenced here? Fixed
+
+ Note that this bug will never be triggered if lines are never hidden (no usage of /window hidelevel).
CVE-2019-5885 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Private key recovery
Description
+ matrix-synapse before 0.34.1 is vulnerable to private key recovery as synapse will attempt to derive a secret key from other secrets specified in the configuration file for "macaroon_secret_key". However, in all versions of Synapse up to and including 0.34.0, this process was faulty and a predictable value was used instead.
References
+ https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
Notes
CVE-2019-6109 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Content spoofing
Description
+ An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.
References
+ https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
+ https://github.com/openssh/openssh-portable/commit/8976f1c4b2721c26e878151f52bdf346dfe2d54c
Notes
CVE-2019-6111 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary file overwrite
Description
+ An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
References
+ https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
+ https://github.com/openssh/openssh-portable/commit/391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
Notes