CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2018-8779 – ruby: Unintentional socket creation by poisoned NULL byte in UNIXServer and UNIXSocket
https://notcve.org/view.php?id=CVE-2018-8779
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos UNIXServer.open y UNIXSocket.open no se comprueban en busca de caracteres null. Podría estar relacionado con un socket no planeado. It was found that the UNIXSocket::open and UNIXServer::open ruby methods did not handle the NULL byte properly. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103767 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://lists.debian.org/debian-lts-announce/2018/04/msg00023.html https://lists.debian.org/debian-lts-announce/2018/04/msg00024.html& • CWE-20: Improper Input Validation CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2018-8780 – ruby: Unintentional directory traversal by poisoned NULL byte in Dir
https://notcve.org/view.php?id=CVE-2018-8780
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos Dir.open, Dir.new, Dir.entries y Dir.empty? no comprueban los caracteres NULL. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103739 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-8777 – ruby: DoS by large request in WEBrick
https://notcve.org/view.php?id=CVE-2018-8777
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, un atacante puede pasar una petición HTTP larga con una cabecera manipulada al servidor WEBrick o un cuerpo manipulado al servidor/manipulador WEBrick y provocar una denegación de servicio (consumo de memoria). It was found that WEBrick could be forced to use an excessive amount of memory during the processing of HTTP requests, leading to a Denial of Service. An attacker could use this flaw to send huge requests to a WEBrick application, resulting in the server running out of memory. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securityfocus.com/bid/103683 http://www.securitytracker.com/id/1042004 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://access.redhat.com/errata/RHSA-2020:0542 https://access.redhat.com/errata/RHSA-2020:0591 https://access.redhat.com/errata&#x • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9132
https://notcve.org/view.php?id=CVE-2018-9132
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. libming 0.4.8 tiene una desreferencia de puntero NULL en la función getInt del archivo decompile.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo swf manipulado. • https://github.com/libming/libming/issues/133 https://lists.debian.org/debian-lts-announce/2018/05/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/47KZ5RYWQMBN5DVDITBVRDNDCSFNBJ3V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 27CVE-2018-7600 – Drupal Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7600
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. Drupal en versiones anteriores a la 7.58, 8.x anteriores a la 8.3.9, 8.4.x anteriores a la 8.4.6 y 8.5.x anteriores a la 8.5.1 permite que los atacantes remotos ejecuten código arbitrario debido a un problema que afecta a múltiples subsistemas con configuraciones de módulos por defecto o comunes. Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. • https://www.exploit-db.com/exploits/44482 https://www.exploit-db.com/exploits/44449 https://www.exploit-db.com/exploits/44448 https://github.com/a2u/CVE-2018-7600 https://github.com/pimps/CVE-2018-7600 https://github.com/g0rx/CVE-2018-7600-Drupal-RCE https://github.com/firefart/CVE-2018-7600 https://github.com/r3dxpl0it/CVE-2018-7600 https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE https://github.com/sl4cky/CVE-2018-7600 https://github.com/s • CWE-20: Improper Input Validation •