CVSS: 8.1EPSS: 3%CPEs: 16EXPL: 2CVE-2017-0902 – rubygems: DNS hijacking vulnerability
https://notcve.org/view.php?id=CVE-2017-0902
31 Aug 2017 — RubyGems version 2.6.12 and earlier is vulnerable to a DNS hijacking vulnerability that allows a MITM attacker to force the RubyGems client to download and install gems from a server that the attacker controls. RubyGems 2.6.12 y anteriores es vulnerable a secuestro de DNS, lo que permite a un atacante Man-in-the-Middle (MitM) forzar el cliente RubyGems a que descargue e instale gemas desde un servidor que está bajo el control del atacante. A vulnerability was found where rubygems did not sanitize DNS respon... • http://blog.rubygems.org/2017/08/27/2.6.13-released.html • CWE-138: Improper Neutralization of Special Elements CWE-346: Origin Validation Error CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action •
CVSS: 9.8EPSS: 3%CPEs: 29EXPL: 1CVE-2017-14064 – ruby: Arbitrary heap exposure during a JSON.generate call
https://notcve.org/view.php?id=CVE-2017-14064
31 Aug 2017 — Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. Ruby hasta la versión 2.2.7, 2.3.x hasta la 2.3.4, y 2.4.x hasta la 2.4.1 puede exponer memoria arbitraria durante una llamada JSON.generate. Los problemas surgen al usar strdup ... • http://www.securityfocus.com/bid/100890 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 26%CPEs: 13EXPL: 2CVE-2017-10661 – Linux kernel < 4.10.15 - Race Condition Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-10661
19 Aug 2017 — Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. Una condición de carrera en fs/timerfd.c en el kernel Linux en versiones anteriores a la 4.10.15 permite que usuarios locales obtengan privilegios o provoquen una denegación de servicio (corrupción de lista o use-after-free) mediante operaciones simultá... • https://www.exploit-db.com/exploits/43345 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0CVE-2017-1000115 – Mercurial: pathaudit: path traversal via symlink
https://notcve.org/view.php?id=CVE-2017-1000115
11 Aug 2017 — Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository Las versiones anteriores a la 4.3 de Mercurial son vulnerables a una falta de comprobación de symlink. Los repositorios maliciosos pueden aprovecharse de esto para modificar archivos fuera del repositorio. A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing s... • http://www.debian.org/security/2017/dsa-3963 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 1%CPEs: 13EXPL: 0CVE-2017-1000116 – mercurial: command injection on clients through malicious ssh URLs
https://notcve.org/view.php?id=CVE-2017-1000116
11 Aug 2017 — Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. Las versiones anteriores a la 4.3 de Mercurial no sanitizaban adecuadamente los nombres de host pasados a ssh, lo que conducía a posibles ataques de inyección de shell. A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for examp... • http://www.debian.org/security/2017/dsa-3963 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 9%CPEs: 10EXPL: 4CVE-2017-2885 – libsoup: Stack based buffer overflow with HTTP Chunked Encoding
https://notcve.org/view.php?id=CVE-2017-2885
10 Aug 2017 — An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability. Existe una vulnerabilidad explotable de desbordamiento de búfer basado en pila en GNOME libsoup 2.58. Una petición HTTP especialmente manipulada puede provocar un desbordamiento de pila que daría lugar a la ejecución remota d... • https://packetstorm.news/files/id/160388 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 2%CPEs: 18EXPL: 1CVE-2017-7753 – Mozilla: Out-of-bounds read with cached style data and pseudo-elements (MFSA 2017-19)
https://notcve.org/view.php?id=CVE-2017-7753
10 Aug 2017 — An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Ocurre una lectura fuera de límites al aplicar reglas de estilo a pseudo-elementos, como ::first-line, mediante el uso de datos de estilo en caché. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.3, Firefox ESR en versiones anteriores a la 52.3 y Firefox en versiones anteriores a l... • http://www.securityfocus.com/bid/100315 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 2%CPEs: 14EXPL: 0CVE-2017-7779 – Mozilla: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 (MFSA 2017-19)
https://notcve.org/view.php?id=CVE-2017-7779
10 Aug 2017 — Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Se han reportado errores de seguridad de memoria en Firefox 54, Firefox ESR 52.2, y Thunderbird 52.2. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entie... • http://www.securityfocus.com/bid/100201 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 22EXPL: 1CVE-2017-7784 – Mozilla: Use-after-free with image observers (MFSA 2017-19)
https://notcve.org/view.php?id=CVE-2017-7784
10 Aug 2017 — A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada al leer un observador de imagen durante la reconstrucción de frames una vez se ha liberado el observador. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/100202 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 11%CPEs: 22EXPL: 1CVE-2017-7785 – Mozilla: Buffer overflow manipulating ARIA elements in DOM (MFSA 2017-19)
https://notcve.org/view.php?id=CVE-2017-7785
10 Aug 2017 — A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. Puede ocurrir un desbordamiento de búfer al manipular atributos ARIA (Accessible Rich Internet Applications) en el DOM. Esto resulta en un cierre inesperado potencialmente explotable. • http://www.securityfocus.com/bid/100206 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •