CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0207
https://notcve.org/view.php?id=CVE-2010-0207
In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. En xpdf, la tabla xref contiene un bucle infinito el cual permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) en visualizadores de PDF basados ??en xpdf. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207 https://security-tracker.debian.org/tracker/CVE-2010-0207 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2010-0206
https://notcve.org/view.php?id=CVE-2010-0206
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. xpdf, permite a atacantes remotos causar una denegación de servicio (desreferencia del puntero NULL y bloqueo) en la manera en que se procesan los objetos de flujo PDF de JBIG2. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206 https://security-tracker.debian.org/tracker/CVE-2010-0206 • CWE-476: NULL Pointer Dereference •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2011-1408
https://notcve.org/view.php?id=CVE-2011-1408
ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. ikiwiki versiones anteriores a 3.20110608, permite a atacantes remotos secuestrar tty de root y ejecutar ataques de tipo symlink. • https://ikiwiki.info/security/#index40h2 https://security-tracker.debian.org/tracker/CVE-2011-1408 https://snyk.io/vuln/SNYK-LINUX-IKIWIKI-133098 https://www.tenable.com/plugins/nessus/55157 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 0CVE-2019-15681
https://notcve.org/view.php?id=CVE-2019-15681
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appear to be exploitable via network connectivity. These vulnerabilities have been fixed in commit d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a. LibVNC en el commit anterior a d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a, contiene una pérdida de memoria (CWE-655) en el código del servidor VNC, lo que permite a un atacante leer la memoria de la pila y puede ser abusada para la divulgación de información. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00073.html https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a https://lists.debian.org/debian-lts-announce/2019/10/msg00039.html https://lists.debian.org/debian-lts-announce/2019/10/msg00042.html https://lists.debian.org/debian-lts-announce/2019/11/msg00032.html https:/ • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-18602
https://notcve.org/view.php?id=CVE-2019-18602
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer. OpenAFS versiones anteriores a la versión 1.6.24 y versiones anteriores 1.8.x anteriores a 1.8.5, es propenso a una vulnerabilidad de divulgación de información porque los escalares no inicializados son enviados a través de la red a un peer. • https://lists.debian.org/debian-lts-announce/2019/11/msg00002.html https://openafs.org/pages/security/OPENAFS-SA-2019-002.txt • CWE-908: Use of Uninitialized Resource •