CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2019-7576 – SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
https://notcve.org/view.php?id=CVE-2019-7576
07 Feb 2019 — SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop). SDL (Simple DirectMedia Layer), hasta la versión 1.2.15 y en versiones 2.x hasta la 2.0.9, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en InitMS_ADPCM en audio/SDL_wave.c (fuera del bucle wNumCoef). Simple DirectMedia Layer is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 4.8EPSS: 0%CPEs: 7EXPL: 1CVE-2019-3820 – gnome-shell: partial lock screen bypass
https://notcve.org/view.php?id=CVE-2019-3820
06 Feb 2019 — It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. Se ha descubierto que la pantalla de bloqueo de gnome-shell, desde la versión 3.15.91 no restringió correctamente todas las acciones contextuales. Un atacante con acceso físico a una estación de trabajo bloqueada podría invocar ciertos atajos de teclado y, pot... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 57EXPL: 1CVE-2019-7317 – libpng: use-after-free in png_image_free in png.c
https://notcve.org/view.php?id=CVE-2019-7317
04 Feb 2019 — png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. La función png_image_free en el archivo png.c en libpng versiones 1.6.x anteriores a 1.6.37, presenta un uso de la memoria previamente liberada porque la función png_image_free_function es llamada bajo png_safe_execute. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2018-18506 – Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied
https://notcve.org/view.php?id=CVE-2018-18506
31 Jan 2019 — When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 8%CPEs: 18EXPL: 5CVE-2019-6116 – Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-6116
23 Jan 2019 — In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. En Artifex Ghostscript hasta la versión 9.26, los procedimientos ephemeral o transient pueden permitir el acceso a los operadores del sistema, lo que conduce a la ejecución remota de código. It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this f... • https://packetstorm.news/files/id/151307 •
CVSS: 3.1EPSS: 0%CPEs: 34EXPL: 0CVE-2019-2422 – OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290)
https://notcve.org/view.php?id=CVE-2019-2422
16 Jan 2019 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessib... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.2EPSS: 0%CPEs: 6EXPL: 0CVE-2019-3811 – sssd: fallback_homedir returns '/' for empty home directories in passwd file
https://notcve.org/view.php?id=CVE-2019-3811
15 Jan 2019 — A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable. Se ha encontrado una vulnerabilidad en sssd. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00026.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 1CVE-2019-6251 – webkitgtk: processing maliciously crafted web content lead to URI spoofing
https://notcve.org/view.php?id=CVE-2019-6251
14 Jan 2019 — WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. WebKitGTK y WPE WebKit versiones anteriores a 2.24.1 permite la suplantación de la barra de direcciones en determinadas redirecciones de JavaScript. Un atacante puede hacer que el contenido web malicioso se muestre como si se tratara de ... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00025.html • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 82%CPEs: 6EXPL: 2CVE-2018-20346 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2018-20346
21 Dec 2018 — SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. SQLite anterior a la versión 3.25.3, cuando la extensión FTS3 está habilitada, encuentra un desbordamiento de enteros (y el desbordamiento del búfer result... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 2%CPEs: 8EXPL: 0CVE-2018-16874 – Gentoo Linux Security Advisory 201812-09
https://notcve.org/view.php?id=CVE-2018-16874
14 Dec 2018 — In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in module mode (the distinction is documented at https://golang.org/cmd/go/#hdr-Module_aware_go_get). The attacker can cause an arbitrary filesystem write, which can lead to code execution. En Go en versiones anteriores a la 1.1... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00044.html • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •