Page 116 of 2433 results (0.008 seconds)

CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2018-19409 – ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c

https://notcve.org/view.php?id=CVE-2018-19409

An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. Se ha descubierto un problema en versiones anteriores a la 9.26 de Artifex Ghostscript. LockSafetyParams no se comprueba correctamente si se emplea otro dispositivo. • http://www.securityfocus.com/bid/105990 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=700176 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=661e8d8fb8248c38d67958beda32f3a5876d0c3f https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3831-1 https://www.debian.org/security/2018/dsa-4346 https://www.ghostscript.com/doc/9.26/History9.htm#Version9 • CWE-391: Unchecked Error Condition •

CVSS: 10.0EPSS: 27%CPEs: 16EXPL: 0

CVE-2018-15981 – flash-plugin: Arbitrary code execution vulnerability (APSB18-44)

https://notcve.org/view.php?id=CVE-2018-15981

Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. Flash Player, en versiones 31.0.0.148 y anteriores, tiene una vulnerabilidad de confusión de tipos. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. • http://www.securityfocus.com/bid/105964 http://www.securitytracker.com/id/1042151 https://access.redhat.com/errata/RHSA-2018:3644 https://helpx.adobe.com/security/products/flash-player/apsb18-44.html https://access.redhat.com/security/cve/CVE-2018-15981 https://bugzilla.redhat.com/show_bug.cgi?id=1651640 • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-15978 – flash-plugin: Information Disclosure vulnerability (APSB18-39)

https://notcve.org/view.php?id=CVE-2018-15978

Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Flash Player, en versiones 31.0.0.122 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105909 http://www.securitytracker.com/id/1042098 https://access.redhat.com/errata/RHSA-2018:3618 https://helpx.adobe.com/security/products/flash-player/apsb18-39.html https://access.redhat.com/security/cve/CVE-2018-15978 https://bugzilla.redhat.com/show_bug.cgi?id=1649537 • CWE-125: Out-of-bounds Read •

CVSS: 9.6EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-17472

https://notcve.org/view.php?id=CVE-2018-17472

Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. La colocación incorrecta de diálogos en WebContents en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto ocultase la advertencia total de pantalla mediante una página HTML manipulada. • http://www.securityfocus.com/bid/105666 https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html https://crbug.com/822518 https://security.gentoo.org/glsa/201811-10 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2018-19208 – libwpd: NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp

https://notcve.org/view.php?id=CVE-2018-19208

In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. En libwpd 0.10.2, hay una desreferencia de puntero NULL en la función WP6ContentListener::defineTable en WP6ContentListener.cpp que conducirá a un ataque de denegación de servicio (DoS). Esto está relacionado con WPXTable.h. • https://access.redhat.com/errata/RHSA-2019:2126 https://bugzilla.redhat.com/show_bug.cgi?id=1643752 https://access.redhat.com/security/cve/CVE-2018-19208 https://bugzilla.redhat.com/show_bug.cgi?id=1649414 • CWE-476: NULL Pointer Dereference •