CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3893 – foreman: Recover of plaintext password or token for the compute resources
https://notcve.org/view.php?id=CVE-2019-3893
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable. En Foreman se descubrió que la operación de eliminar recursos de cálculo, cuando se ejecuta desde la API de Foreman, conduce a la revelación de la contraseña de texto plano o token para el recurso de cálculo afectado. Un usuario malicioso con el permiso "delete_compute_resource" puede utilizar este fallo para tomar el control de los recursos de cálculo gestionados por Foreman. • http://www.openwall.com/lists/oss-security/2019/04/14/2 http://www.securityfocus.com/bid/107846 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3893 https://github.com/theforeman/foreman/pull/6621 https://projects.theforeman.org/issues/26450 https://access.redhat.com/security/cve/CVE-2019-3893 https://bugzilla.redhat.com/show_bug.cgi?id=1696400 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 1CVE-2018-12547 – JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
https://notcve.org/view.php?id=CVE-2018-12547
In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code. En Eclipse OpenJ9, en versiones anteriores a la 0.12.0, los métodos nativos jio_snprintf() y jio_vsnprintf() ignoraban el parámetro length. Esto afecta a las API existentes que llamaban a las funciones para sobrepasar el búfer asignado. • https://access.redhat.com/errata/RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0474 https://access.redhat.com/errata/RHSA-2019:0640 https://access.redhat.com/errata/RHSA-2019:1238 https://bugs.eclipse.org/bugs/show_bug.cgi?id=543659 https://access.redhat.com/security/cve/CVE-2018-12547 https://bugzilla.redhat.com/show_bug.cgi?id=1685611 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-12549 – JDK: missing null check when accelerating Unsafe calls
https://notcve.org/view.php?id=CVE-2018-12549
In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it. En Eclipse OpenJ9 0.11.0, el compilador JIT de OpenJ9 podría omitir incorrectamente una comprobación nula en el objeto recibidor de una llamada no segura al acelerarla. • https://access.redhat.com/errata/RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0640 https://access.redhat.com/errata/RHSA-2019:1238 https://bugs.eclipse.org/bugs/show_bug.cgi?id=544019 https://access.redhat.com/security/cve/CVE-2018-12549 https://bugzilla.redhat.com/show_bug.cgi?id=1685717 • CWE-20: Improper Input Validation CWE-111: Direct Use of Unsafe JNI •
CVSS: 5.3EPSS: 0%CPEs: 57EXPL: 1CVE-2019-7317 – libpng: use-after-free in png_image_free in png.c
https://notcve.org/view.php?id=CVE-2019-7317
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. La función png_image_free en el archivo png.c en libpng versiones 1.6.x anteriores a 1.6.37, presenta un uso de la memoria previamente liberada porque la función png_image_free_function es llamada bajo png_safe_execute. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html http://www.securityfocus.com/bid/108098 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14666
https://notcve.org/view.php?id=CVE-2018-14666
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions. Se ha encontrado un fallo de autorización incorrecta en la funcionalidad Smart Class en Foreman. Un atacante puede usarlo para cambiar la configuración de cualquier host que se encuentra registrado en Red Hat Satellite, independientemente de la organización a la que pertenezca dicho host. • http://www.securityfocus.com/bid/106490 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •