CVSS: 4.3EPSS: 0%CPEs: 27EXPL: 1CVE-2018-16866 – systemd: out-of-bounds read when parsing a crafted syslog message
https://notcve.org/view.php?id=CVE-2018-16866
09 Jan 2019 — An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. Se ha descubierto una lectura fuera de límites en systemd-journald en la forma en la que analiza mensajes de registro que terminan con dos puntos ":". Un atacante local puede emplear este error para divulgar datos de la memoria del proceso. • http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-5882
https://notcve.org/view.php?id=CVE-2019-5882
09 Jan 2019 — Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Irssi, en versiones 1.1.x anteriores a la 1.1.2, tiene un uso de memoria previamente liberada cuando las líneas ocultas expiran del búfer "scroll". • https://github.com/irssi/irssi/pull/948 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2019-5747 – Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
https://notcve.org/view.php?id=CVE-2019-5747
09 Jan 2019 — An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. Se ha descubierto un problema en BusyBox hasta la versión 1.30.0. • http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20679 – Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
https://notcve.org/view.php?id=CVE-2018-20679
09 Jan 2019 — An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes. Se ha descubierto un problema en versiones anteriores a la 1.30.0 de BusyBox. Una lectura fuera de límites en los componentes udhcp (consumidos... • http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2019-3498
https://notcve.org/view.php?id=CVE-2019-3498
08 Jan 2019 — In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. En Django, en versiones 1.11.x anteriores a la 1.11.18, versiones 2.0.x anteriores a la 2.0.10 y 2.1.x anteriores a la 2.1.5, existe una neutralización incorrecta de ele... • http://www.securityfocus.com/bid/106453 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-16882
https://notcve.org/view.php?id=CVE-2018-16882
03 Jan 2019 — A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versi... • http://www.securityfocus.com/bid/106254 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2018-20662 – poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
https://notcve.org/view.php?id=CVE-2018-20662
03 Jan 2019 — In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. En la versión 0.72.0 de Poppler, PDFDoc::setup en PDFDoc.cc permite a los atacantes remotos provocar una denegación de servicio (cierre inesperado de la aplicación provocado por un SIGABRT en Object.h debido a un va... • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 1%CPEs: 22EXPL: 0CVE-2018-20650 – poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc
https://notcve.org/view.php?id=CVE-2018-20650
01 Jan 2019 — A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. Una aserción alcanzable en Object::dictLookup en Poppler 0.72.0 permite a los atacantes provocar una denegación de servicio (DoS) debido a la falta de comprobación del tipo de datos del directorio, tal y como queda demostrado con el uso de la clase FileSpec (en FileSpec.cc) en pd... • http://www.securityfocus.com/bid/106459 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20551 – poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c
https://notcve.org/view.php?id=CVE-2018-20551
28 Dec 2018 — A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c. Una aserción alcanzable en Object::getString en Poppler 0.72.0 permite que los atacantes provoquen una denegación de servicio (DoS) debido a la construcción de activos de anotaciones de multimedia interactiva en la clase AnnotRichMedia en Annot.c. • https://access.redhat.com/errata/RHSA-2019:2713 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2018-20549
https://notcve.org/view.php?id=CVE-2018-20549
28 Dec 2018 — There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. Hay un acceso de ESCRITURA ilegal en la memoria en caca/file.c (función caca_file_read) en libcaca 0.99.beta19. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •