CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-19407
https://notcve.org/view.php?id=CVE-2018-19407
21 Nov 2018 — The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized. La función vcpu_scan_ioapic en arch/x86/kvm/x86.c en el kernel de Linux hasta la versión 4.19.2 permite que usuarios locales provoquen una denegación de servicio (desreferencia de puntero NULLy error) mediante llamadas del sistema manipuladas que alcanzan una sit... • http://www.securityfocus.com/bid/105987 • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 7CVE-2018-18955 – Linux - Nested User Namespace idmap Limit Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-18955
16 Nov 2018 — In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced directi... • https://www.exploit-db.com/exploits/45915 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-18954
https://notcve.org/view.php?id=CVE-2018-18954
15 Nov 2018 — The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. La función pnv_lpc_do_eccb en hw/ppc/pnv_lpc.c en Qemu en versiones anteriores a la 3.1 permite el acceso de escritura o lectura fuera de límites a la memoria PowerNV. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-16850 – postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING
https://notcve.org/view.php?id=CVE-2018-16850
13 Nov 2018 — postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges. postgresql en versiones anteriores a la 11.1 y 10.6 es vulnerable a una inyección SQL en pg_upgrade y pg_dump mediante CREATE TRIGGER ... REFERENCING. Mediante una definición de detonador manipulado para tal propósito, un atacante puede provocar que ... • http://www.securityfocus.com/bid/105923 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-19210
https://notcve.org/view.php?id=CVE-2018-19210
12 Nov 2018 — In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. En LibTIFF 4.0.9, hay una desreferencia de puntero NULL en la función TIFFWriteDirectorySec en tif_dirwrite.c que conducirá a un ataque de denegación de servicio (DoS), tal y como queda demostrado con tiffset. • http://bugzilla.maptools.org/show_bug.cgi?id=2820 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-19149 – poppler: NULL pointer dereference in _poppler_attachment_new
https://notcve.org/view.php?id=CVE-2018-19149
10 Nov 2018 — Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. Poppler en versiones anteriores a 0.70.0 tiene una desreferencia de puntero NULL en _poppler_attachment_new cuando se llama desde poppler_annot_fichero_attachment_attachment_get_attachment. • http://www.securityfocus.com/bid/106031 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2018-19107 – exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp
https://notcve.org/view.php?id=CVE-2018-19107
08 Nov 2018 — In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file. En Exiv2 0.26, Exiv2::IptcParser::decode en iptc.cpp (llamado desde psdimage.cpp en el lector de imágenes PSD) puede sufrir una denegación de servicio (sobrelectura de búfer basada en memoria dinámica) causada por un desbordamiento de enteros a través de un archivo de imagen PSD ma... • https://access.redhat.com/errata/RHSA-2019:2101 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-19108 – exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
https://notcve.org/view.php?id=CVE-2018-19108
08 Nov 2018 — In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. En Exiv2 0.26, Exiv2::PsdImage::readMetadata en psdimage.cpp en el lector de imágenes PSD puede sufrir una denegación de servicio (bucle infinito) causada por un desbordamiento de enteros a través de un archivo de imagen PSD manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1CVE-2018-19058 – poppler: reachable abort in Object.h
https://notcve.org/view.php?id=CVE-2018-19058
07 Nov 2018 — An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. Se ha descubierto un problema en Poppler 0.71.0. Hay un aborto alcanzable en Object.h, que conducirá a una denegación de servicio (DoS) debido a que EmbFile::save2 en FileSpec.cc carece de una comprobación de flujo antes de guardar un archivo embebido. • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-400: Uncontrolled Resource Consumption CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-19060 – poppler: pdfdetach utility does not validate save paths
https://notcve.org/view.php?id=CVE-2018-19060
07 Nov 2018 — An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path. Se ha descubierto un problema en Poppler 0.71.0. Hay una desreferencia de puntero NULL en goo/GooString.h, que conducirá a una denegación de servicio (DoS), tal y como queda demostrado con utils/pdfdetach.cc al no validar el nombre de archivos embebidos antes de c... • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-476: NULL Pointer Dereference •