CVSS: 9.8EPSS: 25%CPEs: 18EXPL: 0CVE-2018-5379 – quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-5379
15 Feb 2018 — The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. El demonio Quagga BGP (bgpd), en versiones anteriores a la 1.2.3, puede realizar una doble liberación (double free) de memoria al procesar ciertos formularios de un mensaje UPDATE que contienen atributos cluster-list y/o desc... • http://savannah.nongnu.org/forum/forum.php?forum_id=9095 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 9.8EPSS: 50%CPEs: 22EXPL: 3CVE-2018-6871 – LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
https://notcve.org/view.php?id=CVE-2018-6871
08 Feb 2018 — LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. LibreOffice, en versiones anteriores a la 5.4.5 y versiones 6.x anteriores a la 6.0.1, permite que atacantes remotos lean archivos arbitrarios mediante llamadas =WEBSERVICE en un documento, que emplea la función COM.MICROSOFT.WEBSERVICE. A flaw was found in libreoffice before 5.4.5 and before 6.0.1. Arbitrary remote file disclosur... • https://packetstorm.news/files/id/146319 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-6560 – flatpak: sandbox escape in D-Bus filtering by a crafted authentication handshake
https://notcve.org/view.php?id=CVE-2018-6560
02 Feb 2018 — In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon. En dbus-proxy/flatpak-proxy.c en Flatpak en versiones anteriores a la 0.8.9, 0.9.x y 0.10.x anteriores a la 0.10.3, se pueden utilizar mensajes D-Bus manipulados para salir del sandbox, ya que la gestión de los espacios en blanco en el proxy no es i... • https://access.redhat.com/errata/RHSA-2018:2766 • CWE-270: Privilege Context Switching Error CWE-436: Interpretation Conflict •
CVSS: 5.9EPSS: 0%CPEs: 17EXPL: 0CVE-2018-1049 – systemd: automount: access to automounted volumes can lock up
https://notcve.org/view.php?id=CVE-2018-1049
31 Jan 2018 — In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted. En systemd en versiones anteriores a la 234, existe una condición de carrera entre las unidades .mount y .automount, de forma que las peticiones automount del kernel... • http://www.securitytracker.com/id/1041520 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2018-5748 – libvirt: Resource exhaustion via qemuMonitorIORead() method
https://notcve.org/view.php?id=CVE-2018-5748
25 Jan 2018 — qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. qemu/qemu_monitor.c en libvirt permite que los atacantes provoquen una denegación de servicio (consumo de memoria) mediante una respuesta QEMU grande. Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, cont... • http://www.securityfocus.com/bid/102825 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 10%CPEs: 51EXPL: 0CVE-2017-3144 – Failure to properly clean up closed OMAPI connections can exhaust available sockets
https://notcve.org/view.php?id=CVE-2017-3144
25 Jan 2018 — A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested. Una vulnerabilidad derivada del error al limpiar correctamente las conexiones OMAPI cerradas puede conducir al agotamiento del grupo de descrip... • http://www.securityfocus.com/bid/102726 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 7%CPEs: 38EXPL: 0CVE-2018-1000007 – curl: HTTP authentication leak in redirects
https://notcve.org/view.php?id=CVE-2018-1000007
24 Jan 2018 — libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers... • http://www.openwall.com/lists/oss-security/2022/04/27/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-5098 – Mozilla: Use-after-free while manipulating form input elements (MFSA 2018-03)
https://notcve.org/view.php?id=CVE-2018-5098
24 Jan 2018 — A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando los elementos de entrada del formulario, el foco y la selección se manipulan mediante un script. Esto resulta en un cierre inesperado explotable. • http://www.securityfocus.com/bid/102783 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-5099 – Mozilla: Use-after-free with widget listener (MFSA 2018-03)
https://notcve.org/view.php?id=CVE-2018-5099
24 Jan 2018 — A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando el listener de widgets tiene referencias robustas con los objetos del navegador que se han liberado previamente, resultando ... • http://www.securityfocus.com/bid/102783 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 22%CPEs: 18EXPL: 0CVE-2018-5102 – Mozilla: Use-after-free in HTML media elements (MFSA 2018-03)
https://notcve.org/view.php?id=CVE-2018-5102
24 Jan 2018 — A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando se manipulan elementos HTML media con media streams, resultando en un cierre inesperado potencialmente explotable. Esta vulnerabilidad afecta a las versiones anteriores a la 52.6 de Thunderbird, las vers... • http://www.securityfocus.com/bid/102783 • CWE-416: Use After Free •