CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9268
https://notcve.org/view.php?id=CVE-2018-9268
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-smb2.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14483 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9269
https://notcve.org/view.php?id=CVE-2018-9269
04 Apr 2018 — In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. En Wireshark 2.4.0 a 2.4.5 y 2.2.0 a 2.2.13, epan/dissectors/packet-giop.c tiene una fuga de memoria. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14484 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.0EPSS: 1%CPEs: 4EXPL: 1CVE-2018-0492 – GNU Beep 1.3 - 'HoleyBeep' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-0492
02 Apr 2018 — Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation. beep, de Johnathan Nightingale, hasta la versión 1.3.4, con el permiso setuid tiene una condición de carrera que permite el escalado local de privilegios. It was discovered that a race condition in beep (if configured as setuid via debconf) allows local privilege escalation. • https://www.exploit-db.com/exploits/44452 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2018-7566 – kernel: race condition in snd_seq_write() may lead to UAF or OOB-access
https://notcve.org/view.php?id=CVE-2018-7566
30 Mar 2018 — The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. El kernel de Linux 4.15 tiene un desbordamiento de búfer mediante una operación de escritura ioctl SNDRV_SEQ_IOCTL_SET_CLIENT_POOL en /dev/snd/seq por un usuario local. ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, ... • http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9132
https://notcve.org/view.php?id=CVE-2018-9132
30 Mar 2018 — libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. libming 0.4.8 tiene una desreferencia de puntero NULL en la función getInt del archivo decompile.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo swf manipulado. • https://github.com/libming/libming/issues/133 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-17742 – ruby: HTTP response splitting in WEBrick
https://notcve.org/view.php?id=CVE-2017-17742
30 Mar 2018 — Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick. Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, permite un ataque de separación de respuesta HTTP. Un atacante puede inyectar una ... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2018-6914 – ruby: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
https://notcve.org/view.php?id=CVE-2018-6914
30 Mar 2018 — Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument. Vulnerabilidad de salto de directorio en el método Dir.mktmpdir en la biblioteca tmpdir en Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2018-8777 – ruby: DoS by large request in WEBrick
https://notcve.org/view.php?id=CVE-2018-8777
30 Mar 2018 — In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, un atacante puede pasar una petición HTT... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2018-8779 – ruby: Unintentional socket creation by poisoned NULL byte in UNIXServer and UNIXSocket
https://notcve.org/view.php?id=CVE-2018-8779
30 Mar 2018 — In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos UNIXServer.open y UNIXSocket.open no se comprueban en busca de caracteres nu... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-8778 – ruby: Buffer under-read in String#unpack
https://notcve.org/view.php?id=CVE-2018-8778
30 Mar 2018 — In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, un atac... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-134: Use of Externally-Controlled Format String •