Page 130 of 1833 results (0.015 seconds)

CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2018-10858 – samba: Insufficient input validation in libsmbclient

https://notcve.org/view.php?id=CVE-2018-10858

A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. Se ha descubierto un desbordamiento de búfer en la manera en la que los clientes de samba procesaban nombres de archivo excesivamente largos en un listado de directorios. Un servidor samba malicioso podría utilizar este defecto para provocar la ejecución de código arbitrario en un cliente de samba. • http://www.securityfocus.com/bid/105085 http://www.securitytracker.com/id/1042002 https://access.redhat.com/errata/RHSA-2018:2612 https://access.redhat.com/errata/RHSA-2018:2613 https://access.redhat.com/errata/RHSA-2018:3056 https://access.redhat.com/errata/RHSA-2018:3470 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10858 https://kc.mcafee.com/corporate/index?page=content&id=SB10284 https://security.gentoo.org/glsa/202003-52 https://security.netapp.com/advisory • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0

CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets

https://notcve.org/view.php?id=CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegación de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/105108 http://www.securitytracker.com/id/1041476 http://www.securitytracker.com/id/1041637 https://access.redhat.co • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-10925 – postgresql: Missing authorization and memory disclosure in INSERT ... ON CONFLICT DO UPDATE statements

https://notcve.org/view.php?id=CVE-2018-10925

It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table. Se ha descubierto que las versiones anteriores a la 10.5, 9.6.10, 9.5.14, 9.4.19 y 9.3.24 de PostgreSQL no comprobaron correctamente la autorización de ciertas instrucciones relacionadas con "INSERT ... • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html http://www.securityfocus.com/bid/105052 http://www.securitytracker.com/id/1041446 https://access.redhat.com/errata/RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2565 https://access.redhat.com/errata/RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:3816 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10925 https://security.gentoo.org/glsa/201810-08 https://usn.ubuntu.com/ • CWE-863: Incorrect Authorization •

CVSS: 8.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2018-10915 – postgresql: Certain host connection parameters defeat client-side security defenses

https://notcve.org/view.php?id=CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. Se ha encontrado una vulnerabilidad en qemu-img, la biblioteca de cliente por defecto de PostgreSQL por la que libpq fracasa a la hora de restablecer su estado interno entre conexiones. Si se emplea una versión afectada de libpq se emplea con parámetros de conexión "host" o "hostaddr" desde entradas no fiables, los atacantes podrían omitir características de seguridad de conexión del lado del cliente, obtener acceso a conexiones con mayores privilegios o, posiblemente, provocar otro tipo de impacto mediante una inyección SQL. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html http://www.securityfocus.com/bid/105054 http://www.securitytracker.com/id/1041446 https://access.redhat.com/errata/RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2557 https://access.redhat.com/errata/RHSA-2018:2565 https://access.redhat.com/errata/RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2018:2721 https://access.redhat.com/errata&#x • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •

CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-14526 – wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant

https://notcve.org/view.php?id=CVE-2018-14526

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information. Se ha descubierto un problema en rsn_supp/wpa.c en wpa_supplicant, desde la versión 2.0 hasta la 2.6. En determinadas condiciones, no se comprueba la integridad de los mensajes EAPOL-Key, lo que conduce a un oráculo de descripción. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00013.html http://www.securitytracker.com/id/1041438 https://access.redhat.com/errata/RHSA-2018:3107 https://cert-portal.siemens.com/productcert/pdf/ssa-344983.pdf https://lists.debian.org/debian-lts-announce/2018/08/msg00009.html https://papers.mathyvanhoef.com/woot2018.pdf https://security.FreeBSD.org/advisories/FreeBSD-SA-18:11.hostapd.asc https://usn.ubuntu.com/3745-1 https://w1.fi/security/2018-1/unauthenticated- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •