CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20189 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-20189
17 Dec 2018 — In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization. En GraphicsMagick 1.3.31, la función ReadDIBImage de coders/dib.c tiene una vulnerabilidad que permite un cierre inesperado y una denegación de servicio (DoS) mediante un archivo dib que está manipulado par... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e2b406589 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20184 – Ubuntu Security Notice USN-5974-1
https://notcve.org/view.php?id=CVE-2018-20184
17 Dec 2018 — In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification. En GraphicsMagick 1.4 snapshot-20181209 Q8, hay un desbordamiento de búfer basado en memoria dinámica (heap) en la función WriteTGAImage de tga.c, lo que permite que los atacantes provoquen una denegación... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/15d1b5fd003b • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20185 – Debian Security Advisory 4640-1
https://notcve.org/view.php?id=CVE-2018-20185
17 Dec 2018 — In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en GraphicsMagick 1.4 snapshot-20181209 Q8 en plataformas de 32 bits, en la función ReadBMPImage de bmp.c que permite que atacantes provoquen una den... • http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/648e3977a293 • CWE-125: Out-of-bounds Read •
CVSS: 5.4EPSS: 5%CPEs: 2EXPL: 1CVE-2018-18245
https://notcve.org/view.php?id=CVE-2018-18245
17 Dec 2018 — Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE. Nagios Core 4.4.2 tiene Cross-Site Scripting (XSS) mediante los informes de sumario de alertas de los resultados de los plugins, tal y como queda demostrado por un elemento SCRIPT entregado por un plugin check_load modificado en NRPE. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00014.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2018-20169 – kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS
https://notcve.org/view.php?id=CVE-2018-20169
17 Dec 2018 — An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. Se ha descubierto un problema en el kernel de Linux hasta antes de la versión 4.19.9. El subsistema USB gestiona de manera incorrecta las comprobaciones de tamaño durante la lectura de un descriptor extra, relacionado con __usb_get_extra_descriptor en drivers/usb/core/usb.c. A flaw was discovered in the... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=704620afc70cf47abb9d6a1a57f3825d2bca49cf • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2018-16872 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-16872
13 Dec 2018 — A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 4.7EPSS: 0%CPEs: 12EXPL: 0CVE-2018-19489 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-19489
13 Dec 2018 — v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. v9fs_wstat en hw/9pfs/9p.c en QEMU permite que los usuarios invitados del sistema operativo provoquen una denegación de servicio (cierre inesperado) debido a una condición de carrera durante el renombrado de los archivos. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 9%CPEs: 18EXPL: 0CVE-2018-18493 – Mozilla: Buffer overflow in accelerated 2D canvas with Skia
https://notcve.org/view.php?id=CVE-2018-18493
13 Dec 2018 — A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Puede ocurrir un desbordamiento de búfer en la librería SKIA durante los cálculos de un desplazamiento de búfer con acciones de hardware aceleradas de CANVAS 2D, debido al uso de cálculos de 32-b... • http://www.securityfocus.com/bid/106168 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 1%CPEs: 18EXPL: 0CVE-2018-18494 – Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
https://notcve.org/view.php?id=CVE-2018-18494
12 Dec 2018 — A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Una violación de una política del mismo origen permite el robo de entradas URL Cross-Origin cuando utiliza la propiedad de ubicación JavaScript para provocar un re... • http://www.securityfocus.com/bid/106168 • CWE-346: Origin Validation Error CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.7EPSS: 5%CPEs: 4EXPL: 0CVE-2018-20147 – WordPress Core < 5.0.1 - Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2018-20147
12 Dec 2018 — In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files. En WordPress, en versiones anteriores a la 4.9.9 y versiones 5.x anteriores a la 5.0.1, los autores podrían modificar metadatos para omitir las restricciones planeadas de la eliminación de archivos. Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) and PHP injections attacks, delet... • http://www.securityfocus.com/bid/106220 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •