CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2018-5170 – Mozilla: Filename spoofing for external attachments
https://notcve.org/view.php?id=CVE-2018-5170
It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. Es posible falsificar el nombre de archivo de un archivo adjunto y mostrar un nombre de archivo adjunto arbitrario. Esto podría llevar a un usuario a abrir un archivo adjunto remoto que es un tipo de archivo diferente al esperado. • http://www.securitytracker.com/id/1040946 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1411732 https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3660-1 https://www.debian.org/security/2018/dsa-4209 https://www.mozilla.org/security/advisories/mfsa2018-13 https://access.redhat.com/security/cve&#x • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2018-5161 – Mozilla: Hang via malformed headers
https://notcve.org/view.php?id=CVE-2018-5161
Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. Las cabeceras de mensaje manipuladas pueden hacer que un proceso Thunderbird deje de responder al recibir el mensaje. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR y las versiones anteriores a la 52.8 de Thunderbird. • http://www.securitytracker.com/id/1040946 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1411720 https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3660-1 https://www.debian.org/security/2018/dsa-4209 https://www.mozilla.org/security/advisories/mfsa2018-13 https://access.redhat.com/security/cve&#x • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2018-5162 – Mozilla: Encrypted mail leaks plaintext through src attribute
https://notcve.org/view.php?id=CVE-2018-5162
Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8. El texto plano de los correos electrónicos descifrados puede filtrarse a través del atributo src de imágenes remotas o enlaces. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR y las versiones anteriores a la 52.8 de Thunderbird. • http://www.securityfocus.com/bid/104240 http://www.securitytracker.com/id/1040946 https://access.redhat.com/errata/RHSA-2018:1725 https://access.redhat.com/errata/RHSA-2018:1726 https://bugzilla.mozilla.org/show_bug.cgi?id=1457721 https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3660-1 https://www.debian.org/security/2018/dsa-4209 https://www.mozilla.org/security/advisories/mfsa2018-13&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2CVE-2018-1124 – Procps-ng - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-1124
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. procps-ng en versiones anteriores a la 3.3.15 es vulnerable a múltiples desbordamientos de enteros que conducen a una corrupción de la memoria dinámica (heap) en la función file2strvec. Esto permite el escalado de privilegios para un atacante local que puede crear entradas en procfs empezando procesos, lo que podría resultar en cierres inesperados o la ejecución de código arbitrario en las utilidades proc ejecutadas por otros usuarios. Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). • https://www.exploit-db.com/exploits/44806 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104214 http://www.securitytracker.com/id/1041057 https://access.redhat.com/errata/RHSA-2018:1700 https://access.redhat.com/errata/RHSA-2018:1777 https://access.redhat.com/errata/RHSA-2018:1820 https://access.redha • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.6EPSS: 0%CPEs: 665EXPL: 5CVE-2018-3639 – AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
https://notcve.org/view.php?id=CVE-2018-3639
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas las anteriores escrituras de memoria podrían permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un análisis de canal lateral. Esto también se conoce como Speculative Store Bypass (SSB), Variant 4. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). • https://www.exploit-db.com/exploits/44695 https://github.com/mmxsrup/CVE-2018-3639 https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4- https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html http://support.lenovo.com/us/en/solutions/LEN-2213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •