CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2019-7524 – dovecot: Buffer overflow in indexer-worker process results in privilege escalation
https://notcve.org/view.php?id=CVE-2019-7524
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components. En Dovecot, en versiones anteriores a la 2.2.36.3 y en las 2.3.x anteriores a la 2.3.5.1, un atacante local puede provocar un desbordamiento de búfer en el proceso "indexer-worker", que se podría utilizar para elevar a root. Esto ocurre debido a la falta de comprobaciones en los componentes fts y pop3-uidl. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html http://www.openwall.com/lists/oss-security/2019/03/28/1 http://www.securityfocus.com/bid/107672 https://dovecot.org/list/dovecot-news/2019-March/000403.html https://dovecot.org/security.html https://lists.debian.org/debian-lts-announce/2019/03/msg00038.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.o • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-12180 – edk2: Buffer Overflow in BlockIo service for RAM disk
https://notcve.org/view.php?id=CVE-2018-12180
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. Desbordamiento de búfer en el servicio BlockIo para EDK II podría permitir que un usuario no autenticado escale privilegios, divulgue información y/o provoque una denegación de servicio mediante acceso de red. A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html https://access.redhat.com/errata/RHSA-2019:0809 https://access.redhat.com/errata/RHSA-2019:0968 https://access.redhat.com/errata/RHSA-2019:1116 https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ https://support.hpe.com/hpsc/doc/public/display?docLocale&# • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0160 – edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media
https://notcve.org/view.php?id=CVE-2019-0160
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access. Desbordamiento de búfer en el firmware del sistema para EDK II podría permitir que un usuario no autenticado escale privilegios y/o provoque una denegación de servicio mediante acceso de red. Buffer overflows were discovered in UDF-related codes under MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe, which could be triggered with long file names or invalid formatted UDF media. • https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html https://access.redhat.com/security/cve/CVE-2019-0160 https://bugzilla.redhat.com/show_bug.cgi?id=1691640 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 8%CPEs: 4EXPL: 1CVE-2019-1788 – ClamAV OLE2 File Out-Of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2019-1788
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms for OLE2 files sent an affected device. An attacker could exploit this vulnerability by sending malformed OLE2 files to the device running an affected version ClamAV Software. An exploit could allow the attacker to cause an out-of-bounds write condition, resulting in a crash that could result in a denial of service condition on an affected device. Una vulnerabilidad en la funcionalidad de análisis de archivos Object Linking & Embedding (OLE2) de las versiones 0.101.1 y anteriores del software Clam AntiVirus (ClamAV) podría permitir que un atacante remoto no autenticado cause una condición de denegación de servicio en un dispositivo afectado. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166 https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html https://security.gentoo.org/glsa/201904-12 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-1787 – Clam AntiVirus PDF Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1787
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of proper data handling mechanisms within the device buffer while indexing remaining file data on an affected device. An attacker could exploit this vulnerability by sending crafted PDF files to an affected device. A successful exploit could allow the attacker to cause a heap buffer out-of-bounds read condition, resulting in a crash that could result in a denial of service condition on an affected device. Una vulnerabilidad en la funcionalidad de escaneo del PDF (Portable Document Format) en las versiones de software 0.101.1 y anteriores de Clam AntiVirus (ClamAV), podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181 https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html https://security.gentoo.org/glsa/201904-12 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •