CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2018-6797 – perl: heap write overflow in regcomp.c
https://notcve.org/view.php?id=CVE-2018-6797
16 Apr 2018 — An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. Se ha descubierto un problema en Perl 5.26. Una expresión regular manipulada puede provocar un desbordamiento de búfer basado en memoria dinámica (heap), con control sobre los bytes que se escriben. A heap buffer write overflow, with control over the bytes written, was found in the way regular expressions employing Unicode rules are compiled. • http://www.securitytracker.com/id/1040681 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2018-6798 – perl: heap read overflow in regexec.c
https://notcve.org/view.php?id=CVE-2018-6798
16 Apr 2018 — An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. Se ha descubierto un problema en Perl, de la versión 5.22 a la 5.26. Si se hace que coincida una expresión regular dependiente de una locale manipulada, se puede provocar una sobrelectura de búfer basada en memoria dinámica (heap) y una potencial divulgación de información. A heap buffer over read flaw was found in the way P... • http://www.securitytracker.com/id/1040681 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 8EXPL: 0CVE-2018-6913 – Apple Security Advisory 2018-10-30-14
https://notcve.org/view.php?id=CVE-2018-6913
16 Apr 2018 — Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. Desbordamiento de búfer basado en memoria dinámica (heap) en la función pack de Perl, en versiones anteriores a la 5.26.2, permite que atacantes dependientes del contexto ejecuten código arbitrario mediante un conteo de items largo. It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to ca... • http://www.securityfocus.com/bid/103953 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 28%CPEs: 5EXPL: 0CVE-2018-0737 – Cache timing vulnerability in RSA Key Generation
https://notcve.org/view.php?id=CVE-2018-0737
16 Apr 2018 — The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). Se ha demostrado que el algoritmo de generación de claves RSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral de caché. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1084 – corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function
https://notcve.org/view.php?id=CVE-2018-1084
12 Apr 2018 — corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. corosync en versiones anteriores a la 2.4.4 es vulnerable a un desbordamiento de enteros en exec/totemcrypto.c. An integer overflow leading to an out-of-bound read was found in authenticate_nss_2_3() in Corosync. An attacker could craft a malicious packet that would lead to a denial of service. The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user t... • http://www.securityfocus.com/bid/103758 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1100 – zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution
https://notcve.org/view.php?id=CVE-2018-1100
11 Apr 2018 — zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user. zsh hasta la versión 5.4.2 es vulnerable a un desbordamiento de búfer basado en pila en la función utils.c:checkmailpath. Un atacante local podría explotarlo para ejecutar código arbitrario en el contexto de otro usuario. A buffer overflow flaw was found in the zsh shell check path functionality. A local,... • https://access.redhat.com/errata/RHSA-2018:1932 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-9918 – Ubuntu Security Notice USN-3638-1
https://notcve.org/view.php?id=CVE-2018-9918
10 Apr 2018 — libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted. libqpdf.a en QPDF hasta la versión 8.0.2 gestiona de manera incorrecta ciertos casos de "clave de diccionario esperada pero objeto sin nombre encontrado". Esto permite que los atacantes remotos provoquen una deneg... • https://github.com/qpdf/qpdf/commit/b4d6cf6836ce025ba1811b7bbec52680c7204223 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 42%CPEs: 29EXPL: 1CVE-2018-1000156 – patch: Malicious patch files cause ed to execute arbitrary commands
https://notcve.org/view.php?id=CVE-2018-1000156
06 Apr 2018 — GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. La versión 2.7.6 de GNU Patch contiene una vulnerabilidad de validación de entradas al procesar archivos patch; espe... • https://packetstorm.news/files/id/154124 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9234 – Ubuntu Security Notice USN-3675-1
https://notcve.org/view.php?id=CVE-2018-9234
04 Apr 2018 — GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. GnuPG 2.2.4 y 2.2.5 no aplica una configuración en la que la certificación de claves requiere una clave maestra Certify offline. Esto resulta en que certificados aparentemente válidos ocurran solo con acceso a una subclave de firma. Marcus Brinkmann discovered that during decryption or ve... • https://dev.gnupg.org/T3844 • CWE-320: Key Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1CVE-2018-1094 – kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image
https://notcve.org/view.php?id=CVE-2018-1094
02 Apr 2018 — The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. La función ext4_fill_super en fs/ext4/super.c en el kernel de Linux hasta la versión 4.15.15 no inicializa siempre el controlador de las sumas de verificación crc32c, lo que permite que los atacantes provoquen una denegación de s... • http://openwall.com/lists/oss-security/2018/03/29/1 • CWE-476: NULL Pointer Dereference •