CVSS: 7.8EPSS: 2%CPEs: 20EXPL: 2CVE-2018-16865 – systemd: stack overflow when receiving many journald entries
https://notcve.org/view.php?id=CVE-2018-16865
09 Jan 2019 — An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. Se ha descubierto una asignación de memoria sin límites que podría resultar en que la pila choque con otra región de memoria, ... • https://packetstorm.news/files/id/152841 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2018-16864 – systemd: stack overflow when calling syslog from a command with long cmdline
https://notcve.org/view.php?id=CVE-2018-16864
09 Jan 2019 — An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. Se ha descubierto una asignación de memoria sin límites, que podría resultar en que la pila choque con otra región de memoria, en systemd-journald, cuando un programa con argumento... • http://www.openwall.com/lists/oss-security/2021/07/20/2 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-5716 – Debian Security Advisory 4416-1
https://notcve.org/view.php?id=CVE-2019-5716
08 Jan 2019 — In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation. En Wireshark desde la versión 2.6.0 hasta la 2.6.5, el disector 6LoWPAN podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-6lowpan.c, evitando el uso de un TVB antes de su creación. It was discovered that Wireshark, a network traffic analyzer, contained several vulnerabilities in the dissectors for 6LoWPAN, P_MUL, RTSE, ISA... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-5717 – Debian Security Advisory 4416-1
https://notcve.org/view.php?id=CVE-2019-5717
08 Jan 2019 — In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. En Wireshark, desde la versión 2.6.0 hasta la 2.6.5 y desde la 2.4.0 hasta la 2.4.11, el disector P_MUL podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-p_mul.c, rechazando el número de secuencia de cero no válido. It was discovered that Wireshark, a network traffic analyzer, contained several vulnerab... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-5719 – Debian Security Advisory 4416-1
https://notcve.org/view.php?id=CVE-2019-5719
08 Jan 2019 — In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. En Wireshark desde la versión 2.6.0 hasta la 2.6.5 y desde la 2.4.0 hasta la 2.4.11, el disector ISAKMP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-isakmp.c, gestionando el caso de un bloque de datos de descifrado de manera correcta. It was discovered that Wireshark, a network tr... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 2%CPEs: 10EXPL: 0CVE-2019-3498 – Ubuntu Security Notice USN-3851-1
https://notcve.org/view.php?id=CVE-2019-3498
08 Jan 2019 — In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. En Django, en versiones 1.11.x anteriores a la 1.11.18, versiones 2.0.x anteriores a la 2.0.10 y 2.1.x anteriores a la 2.1.5, existe una neutralización incorrecta de ele... • http://www.securityfocus.com/bid/106453 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-1320 – thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class
https://notcve.org/view.php?id=CVE-2018-1320
07 Jan 2019 — Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. La librería de cliente Java de Apache Thrift, desde la versión 0.5.0 hasta la 0.11.0, puede omitir la validación de la negociación de SASL "isComplete" en la clase org.apache.thrift.transpo... • http://www.openwall.com/lists/oss-security/2019/07/24/3 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3701 – Ubuntu Security Notice USN-4115-1
https://notcve.org/view.php?id=CVE-2019-3701
03 Jan 2019 — An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2018-20662 – poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
https://notcve.org/view.php?id=CVE-2018-20662
03 Jan 2019 — In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. En la versión 0.72.0 de Poppler, PDFDoc::setup en PDFDoc.cc permite a los atacantes remotos provocar una denegación de servicio (cierre inesperado de la aplicación provocado por un SIGABRT en Object.h debido a un va... • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 9.8EPSS: 14%CPEs: 58EXPL: 0CVE-2018-14718 – jackson-databind: arbitrary code execution in slf4j-ext class
https://notcve.org/view.php?id=CVE-2018-14718
02 Jan 2019 — FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.7 podrían permitir a los atacantes remotos ejecutar código arbitrario aprovechando un fallo para bloquear la clase slf4j-ext de deserialización polimórfica. A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malic... • http://www.securityfocus.com/bid/106601 • CWE-502: Deserialization of Untrusted Data •