CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-15687 – systemd: chown_one() can dereference symlinks
https://notcve.org/view.php?id=CVE-2018-15687
26 Oct 2018 — A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. Una condición de carrera en chown_one() en systemd permite que un atacante provoque que systemd establezca permisos arbitrarios en archivos arbitrarios. Las versiones afectadas de systemd son todas hasta la 239 incluida. Linux suffers from an issue with systemd where chown_one() can dereference symlinks. • https://www.exploit-db.com/exploits/45715 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18661 – libtiff: tiff2bw tool failed memory allocation leads to crash
https://notcve.org/view.php?id=CVE-2018-18661
26 Oct 2018 — An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c. Se ha descubierto un problema en LibTIFF 4.0.9. Hay una desreferencia de puntero NULL en la función LZWDecode en tif_lzw.c. • http://bugzilla.maptools.org/show_bug.cgi?id=2819 • CWE-121: Stack-based Buffer Overflow CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2018-15686 – systemd: reexec state injection: fgets() on overlong lines leads to line splitting
https://notcve.org/view.php?id=CVE-2018-15686
26 Oct 2018 — A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. Una vulnerabilidad en unit_deserialize de systemd permite que un atacante proporcione estados arbitrarios en la reejecución de systemd mediante NotifyAccess. Esto puede emplearse para influenciar incorre... • https://www.exploit-db.com/exploits/45714 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 4%CPEs: 11EXPL: 11CVE-2018-14665 – Xorg X11 Server (AIX) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-14665
25 Oct 2018 — A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. Se ha descubierto un problema en versiones anteriores a la 1.20.3 de xorg-x11-server. Hay una comprobación incorrecta de permisos para las opciones -modulepath y -logfile al iniciar Xorg. • https://www.exploit-db.com/exploits/45938 • CWE-271: Privilege Dropping / Lowering Errors CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2018-17466 – firefox: Memory corruption in Angle
https://notcve.org/view.php?id=CVE-2018-17466
25 Oct 2018 — Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. El manejo incorrecto de texturas en Angle en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/105666 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2018-12397 – Mozilla: WebExtension local file permission check bypass
https://notcve.org/view.php?id=CVE-2018-12397
25 Oct 2018 — A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. WebExtensions pueden solicitar el acceso a archivos locales sin que salte un aviso de advertencia en el que consta que la extensión accederá a sus datos para... • http://www.securityfocus.com/bid/105718 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2018-12396 – Mozilla: WebExtension content scripts can execute in disallowed contexts
https://notcve.org/view.php?id=CVE-2018-12396
25 Oct 2018 — A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. Una vulnerabilidad en la que WebExtensions pueden ejecutar scripts de contenido en contextos no permitidos tras una navegación u otros eventos. Esto permite el escalado de privilegios potencial mediante WebExt... • http://www.securityfocus.com/bid/105718 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 4%CPEs: 19EXPL: 0CVE-2018-12390 – Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
https://notcve.org/view.php?id=CVE-2018-12390
25 Oct 2018 — Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron problemas de seguridad existentes en Firefox 62 y Firefox ESR 60.2. Algunos de estos ... • http://www.securityfocus.com/bid/105718 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 3%CPEs: 18EXPL: 0CVE-2018-12393 – Mozilla: Integer overflow during Unicode conversion while loading JavaScript
https://notcve.org/view.php?id=CVE-2018-12393
25 Oct 2018 — A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. Se ha encontrado una vulnerabilidad potencial en los builds de 32 bit en la que un desbordamiento de enteros ... • http://www.securityfocus.com/bid/105718 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 18EXPL: 0CVE-2018-12389 – Mozilla: Memory safety bugs fixed in Firefox ESR 60.3
https://notcve.org/view.php?id=CVE-2018-12389
25 Oct 2018 — Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron problemas de seguridad existentes en Firefox ESR 60.2. Algunos de estos errores mostraban evidencias de corrupción ... • http://www.securityfocus.com/bid/105723 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •