CVSS: 6.8EPSS: 0%CPEs: 29EXPL: 0CVE-2018-3180 – OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613)
https://notcve.org/view.php?id=CVE-2018-3180
17 Oct 2018 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedde... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-295: Improper Certificate Validation •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-10839 – QEMU: ne2000: integer overflow leads to buffer overflow issue
https://notcve.org/view.php?id=CVE-2018-10839
16 Oct 2018 — Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. El emulador Qemu en versiones iguales o anteriores a la 3.0.0 con soporte para emulación NE2000 NIC es vulnerable a un desbordamiento de enteros, lo que podría conducir a un problema de desbordamiento de búfer. Podría ocurri... • https://access.redhat.com/errata/RHSA-2019:2892 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2018-18310 – elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl
https://notcve.org/view.php?id=CVE-2018-18310
15 Oct 2018 — An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes. Se ha descubierto una desreferencia de dirección de memoria inválida en dwfl_segment_report_module.c en libdwfl en elfutils 0.4.8 hasta la versión v0.174. La vulnerabilidad permite que los atacantes provoquen una denegación de servicio (cierre ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.6EPSS: 0%CPEs: 13EXPL: 3CVE-2018-17961 – ghostscript - executeonly Bypass with errorhandler Setup
https://notcve.org/view.php?id=CVE-2018-17961
11 Oct 2018 — Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con la configuración de errorhandler. NOTA: este problema existe debido a una solución incompleta para CVE-2018-17183. Ghostscript suffers from an executeonly byp... • https://www.exploit-db.com/exploits/45573 • CWE-209: Generation of Error Message Containing Sensitive Information CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-18073 – ghostscript: Saved execution stacks can leak operator arrays
https://notcve.org/view.php?id=CVE-2018-18073
11 Oct 2018 — Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Artifex Ghostscript permite que los atacantes omitan un mecanismo de protección de sandbox aprovechando la exposición de los operadores del sistema en la pila de ejecución guardada en un objeto error. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=34cc326eb2c5695833361887fe0b32e8d987741c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-460: Improper Cleanup on Thrown Exception •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2018-17958 – QEMU: rtl8139: integer overflow leads to buffer overflow
https://notcve.org/view.php?id=CVE-2018-17958
09 Oct 2018 — Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. Qemu tiene un desbordamiento de búfer en rtl8139_do_receive en hw/net/rtl8139.c debido a que se emplea un tipo de datos de enteros incorrecto. An integer overflow issue was found in the RTL8139 NIC emulation in QEMU. It could occur while receiving packets over the network if the size value is greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 16EXPL: 0CVE-2018-17963 – QEMU: net: ignore packets with large size
https://notcve.org/view.php?id=CVE-2018-17963
09 Oct 2018 — qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. qemu_deliver_packet_iov en net/net.c en Qemu acepta tamaños de paquetes mayores a INT_MAX, lo que permite que los atacantes provoquen una denegación de servicio (DoS) o tengan otro tipo de impacto sin especificar. A potential integer overflow issue was found in the networking back-end of QEMU. It could occur while receiving pac... • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 1CVE-2018-17962 – QEMU: pcnet: integer overflow leads to buffer overflow
https://notcve.org/view.php?id=CVE-2018-17962
09 Oct 2018 — Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. Qemu tiene un desbordamiento de búfer en pcnet_receive en hw/net/pcnet.c debido a que se emplea un tipo de datos de enteros incorrecto. An integer overflow issue was found in the AMD PC-Net II NIC emulation in QEMU. It could occur while receiving packets, if the size value was greater than INT_MAX. Such overflow would lead to stack buffer overflow issue. • http://www.openwall.com/lists/oss-security/2018/10/08/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 2CVE-2018-18074 – python-requests: Redirect from HTTPS to HTTP does not remove Authorization header
https://notcve.org/view.php?id=CVE-2018-18074
09 Oct 2018 — The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. El paquete Requests antes de la versión 2.20.0 para Python envía una cabecera de autorización HTTP a un URI http al recibir una redirección same-hostname https-to-http, lo que facilita que los atacantes remotos descibran las credenciales esnifando la red. A credentials... • http://docs.python-requests.org/en/master/community/updates/#release-and-version-history • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 2CVE-2018-18065 – net-snmp 5.7.3 - (Authenticated) Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2018-18065
08 Oct 2018 — _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. _set_key en agent/helpers/table_container.c en Net-SNMP en versiones anteriores a la 5.8 tiene un error de excepción de puntero NULL que puede ser empleado por un atacante autenticado para provocar el cierre inesperado de la instancia de forma remota mediante un paque... • https://www.exploit-db.com/exploits/45547 • CWE-476: NULL Pointer Dereference •