CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2CVE-2018-11577 – liblouis: Segmentation fault in logging.c:lou_logPrint()
https://notcve.org/view.php?id=CVE-2018-11577
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. Liblouis 3.5.0 tiene un fallo de segmentación en lou_logPrint en logging.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/Edward-L/fuzzing-pocs/tree/master/liblouis https://github.com/liblouis/liblouis/issues/582 https://usn.ubuntu.com/3669-1 https://access.redhat.com/security/cve/CVE-2018-11577 https://bugzilla.redhat.com/show_bug.cgi?id=1585905 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11440
https://notcve.org/view.php?id=CVE-2018-11440
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html http://www.securityfocus.com/bid/104321 https://github.com/liblouis/liblouis/issues/575 https://usn.ubuntu.com/3669-1 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 2CVE-2018-1124 – Procps-ng - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-1124
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. procps-ng en versiones anteriores a la 3.3.15 es vulnerable a múltiples desbordamientos de enteros que conducen a una corrupción de la memoria dinámica (heap) en la función file2strvec. Esto permite el escalado de privilegios para un atacante local que puede crear entradas en procfs empezando procesos, lo que podría resultar en cierres inesperados o la ejecución de código arbitrario en las utilidades proc ejecutadas por otros usuarios. Multiple integer overflows leading to heap corruption flaws were discovered in file2strvec(). These vulnerabilities can lead to privilege escalation for a local attacker who can create entries in procfs by starting processes, which will lead to crashes or arbitrary code execution in proc utilities run by other users (eg pgrep, pkill, pidof, w). • https://www.exploit-db.com/exploits/44806 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html http://seclists.org/oss-sec/2018/q2/122 http://www.securityfocus.com/bid/104214 http://www.securitytracker.com/id/1041057 https://access.redhat.com/errata/RHSA-2018:1700 https://access.redhat.com/errata/RHSA-2018:1777 https://access.redhat.com/errata/RHSA-2018:1820 https://access.redha • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html http://www.ijg.org http://www.securityfocus.com/bid/106583 https://access.redhat.com/errata/RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0474 https:/ • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10380
https://notcve.org/view.php?id=CVE-2018-10380
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. kwallet-pam en KDE KWallet en versiones anteriores a la 5.12.6 permite que los usuarios locales obtengan la propiedad de archivos arbitrarios mediante un ataque symlink. • https://bugzilla.suse.com/show_bug.cgi?id=1090863 https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5 https://commits.kde.org/kwallet-pam/2134dec85ce19d6378d03cddfae9e5e464cb24c0 https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8 https://www.debian.org/security/2018/dsa-4200 https://www.kde.org/info/security/advisory-20180503-1.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •