CVSS: 6.5EPSS: 2%CPEs: 2EXPL: 0CVE-2018-19968 – Ubuntu Security Notice USN-4639-1
https://notcve.org/view.php?id=CVE-2018-19968
11 Dec 2018 — An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system. Un atacante puede explotar phpMyAdmin en versiones anteriores a la 4... • http://www.securityfocus.com/bid/106178 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 1%CPEs: 2EXPL: 0CVE-2018-19970 – Ubuntu Security Notice USN-4639-1
https://notcve.org/view.php?id=CVE-2018-19970
11 Dec 2018 — In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name. En phpMyAdmin, en versiones anteriores a la 4.8.4, se ha encontrado una vulnerabilidad Cross-Site Scripting (XSS) en el árbol de navegación, donde un atacante puede entregar una carga útil a un usuario mediante un nombre de base de datos/tabla manipulado. It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin ... • http://www.securityfocus.com/bid/106181 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0CVE-2018-18356 – mozilla: Use after free in Skia
https://notcve.org/view.php?id=CVE-2018-18356
11 Dec 2018 — An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en el manejo de rutas conduce a un uso de memoria previamente liberada en Skia en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. An update that fix... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2CVE-2018-20004
https://notcve.org/view.php?id=CVE-2018-20004
10 Dec 2018 — An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2018-5808 – openSUSE Security Advisory - openSUSE-SU-2018:4299-1
https://notcve.org/view.php?id=CVE-2018-5808
07 Dec 2018 — An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Un error en la función "find_green()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y la ejecución de código arbitrario. An update that fixes 5 vulnerabilities is now available. This update for libraw fi... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 11%CPEs: 6EXPL: 0CVE-2018-19935 – Debian Security Advisory 4353-1
https://notcve.org/view.php?id=CVE-2018-19935
07 Dec 2018 — ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function. ext/imap/php_imap.c en PHP 5.x y 7.x anteriores a la 7.3.0 permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicación) mediante una cadena vacía en el argumento del mensaje en la función imap_mail. Multiple secu... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-19824 – kernel: Use-after-free in sound/usb/card.c:usb_audio_probe()
https://notcve.org/view.php?id=CVE-2018-19824
03 Dec 2018 — In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. En el kernel de Linux hasta la versión 4.19.6, un usuario local podría explotar memoria previamente liberada en el controlador ALSA suministrando un dispositivo de sonido USB malicioso (con cero interfaces) que no se maneja correctamente en usb_audio_probe en sound/usb/card.c. A flaw was ... • http://www.securityfocus.com/bid/106109 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 41%CPEs: 8EXPL: 5CVE-2018-19788 – polkit: Improper handling of user with uid > INT_MAX leading to authentication bypass
https://notcve.org/view.php?id=CVE-2018-19788
03 Dec 2018 — A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command. Se ha detectado un fallo en PolicyKit (también conocido como polkit) 0.115 que permite que un usuario con una uid mayor que INT_MAX ejecute con éxito cualquier comando systemctl. USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PolicyKit incorrectly handled certain large user... • https://github.com/AbsoZed/CVE-2018-19788 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-19787 – Ubuntu Security Notice USN-3841-1
https://notcve.org/view.php?id=CVE-2018-19787
02 Dec 2018 — An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146. Se ha descubierto un problema en lxml en versiones anteriores a la 4.2.5. lxml/html/clean.py en el módulo lxml.html.clean no elimina las URL javascript: que utilizan escapado, permitiendo que un atacante remo... • https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19777
https://notcve.org/view.php?id=CVE-2018-19777
30 Nov 2018 — In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. En Artifex MuPDF 1.14.0, hay un bucle infinito en la función svg_dev_end_tile en fitz/svg-device.c, tal y como queda demostrado con mutool. • https://bugs.ghostscript.com/show_bug.cgi?id=700301 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •