CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2019-13224 – oniguruma: Use-after-free in onig_new_deluxe() in regext.c
https://notcve.org/view.php?id=CVE-2019-13224
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. Un uso de memoria previamente liberada en la función onig_new_deluxe() en el archivo regext.c en Oniguruma versión 6.9.2, permite a los atacantes causar divulgación de información, denegación de servicio o posiblemente ejecución de código al proporcionar una expresión regular diseñada. El atacante provee un par patrones de expresión regular y una cadena, con una codificación de múltiples bytes que se maneja con la función onig_new_deluxe(). • https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55 https://lists.debian.org/debian-lts-announce/2019/07/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW https://security.gentoo.org/glsa/201911-03 https://support.f5.com/csp/article/K00103182 https://support.f5.com/csp/article/K00103182?ut • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-13225 – oniguruma: NULL pointer dereference in match_at() in regexec.c
https://notcve.org/view.php?id=CVE-2019-13225
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. Una desreferencia de puntero NULL en la función match_at() en el archivo regexec.c en Oniguruma versión 6.9.2, permite a los atacantes causar potencialmente una denegación de servicio al proporcionar una expresión regular diseñada. Los problemas de Oniguruma con frecuencia afectan a Ruby, así como a bibliotecas opcionales y comunes para PHP y Rust. • https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNL26OZSQRVLEO6JRNUVIMZTICXBNEQW https://security.gentoo.org/glsa/201911-03 https://access.redhat.com/security/cve/CVE-2019-13225 https://bugzilla.redhat.com/show_bug.cgi?id=1728965 • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 54%CPEs: 12EXPL: 0CVE-2019-13132
https://notcve.org/view.php?id=CVE-2019-13132
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations. En ZeroMQ libzmq anterior a versión 4.0.9, versiones 4.1.x anteriores a 4.1.7, y versiones 4.2.x anteriores a 4.3.2, un cliente no identificado remoto que se conecta a una aplicación libzmq, ejecutándose con un socket de escucha con el cifrado y autenticación CURVE habilitado, puede causar un desbordamiento de pila y sobreescritura de pila con datos arbitrarios, debido a un desbordamiento de búfer en la biblioteca. Se exhorta a los usuarios que ejecutan servidores públicos con la configuración anterior que realicen su actualización lo antes posible, ya que no existen mitigaciones conocidas. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00033.html http://www.openwall.com/lists/oss-security/2019/07/08/6 http://www.securityfocus.com/bid/109284 https://fangpenlin.com/posts/2024/04/07/how-i-discovered-a-9-point-8-critical-security-vulnerability-in-zeromq-with-mostly-pure-luck https://github.com/zeromq/libzmq/issues/3558 https://github.com/zeromq/libzmq/releases https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html https://lists.fedoraproject • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2019-13313 – Libosinfo: osinfo-install-script option leaks password via command line argument
https://notcve.org/view.php?id=CVE-2019-13313
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. libosinfo versión 1.5.0, permite a los usuarios locales descubrir credenciales mediante la enumeración de un proceso, porque las credenciales son pasadas en un script de instalación de osinfo por medio de la línea de comandos. A flaw was found in libosinfo, version 1.5.0, where the script for automated guest installations, 'osinfo-install-script', accepts user and admin passwords via command line arguments. This could allow guest passwords to leak to other system users via a process listing. • http://www.openwall.com/lists/oss-security/2019/07/08/3 https://access.redhat.com/errata/RHSA-2019:3387 https://gitlab.com/libosinfo/libosinfo/-/tags https://gitlab.com/libosinfo/libosinfo/blob/master/NEWS https://libosinfo.org/download https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AZU4IPPIR73NYC6E733QR26O5ZI6MMKJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEZUZKC6YK4E3NXM7XKZOXY5X5PJSPIR https://lists.fedoraproject • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-13286
https://notcve.org/view.php?id=CVE-2019-13286
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure. En Xpdf versión 4.01.01, presenta una lectura excesiva del búfer en la región heap de la memoria en la función JBIG2Stream::readTextRegionSeg() ubicada en el archivo JBIG2Stream.cc. Por ejemplo, puede ser activada enviando un documento PDF creado a la herramienta pdftoppm. • https://github.com/PanguL4b/pocs/tree/master/xpdf/heap-buffer-overflow_JBIG2Stream__readTextRegionSeg https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT • CWE-125: Out-of-bounds Read •