CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 1CVE-2012-6655
https://notcve.org/view.php?id=CVE-2012-6655
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. Existe un problema en AccountService versión 0.6.37, en la función user_change_password_authorized_cb() en el archivo user.c, lo que podría permitir a usuarios locales obtener contraseñas cifradas. • http://www.openwall.com/lists/oss-security/2014/08/16/7 http://www.securityfocus.com/bid/69245 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655 https://exchange.xforce.ibmcloud.com/vulnerabilities/95325 https://security-tracker.debian.org/tracker/CVE-2012-6655 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2010-4661
https://notcve.org/view.php?id=CVE-2010-4661
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. udisks versiones anteriores a la versión 1.0.3, permite a un usuario local cargar módulos arbitrarios del kernel de Linux. • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html https://access.redhat.com/security/cve/cve-2010-4661 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4661 https://security-tracker.debian.org/tracker/CVE-2010-4661 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 2CVE-2019-18804
https://notcve.org/view.php?id=CVE-2019-18804
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. DjVuLibre versión 3.5.27, presenta una desreferencia del puntero NULL en la función DJVU::filter_fv en el archivo IW44EncodeCodec.cpp. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00069.html https://github.com/TeamSeri0us/pocs/blob/master/djvulibre/DJVU__filter_fv%40IW44EncodeCodec.cpp_499-43___SEGV_UNKNOW.md https://lists.debian.org/debian-lts-announce/2019/11/msg00004.html https://lists.debian.org/debian-lts-announce/2021/05/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JO65AW • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2015-8980
https://notcve.org/view.php?id=CVE-2015-8980
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. La fórmula de forma plural en la familia de llamadas ngettext en php-gettext versiones anteriores a la versión 1.0.12, permite a atacantes remotos ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html http://seclists.org/fulldisclosure/2016/Aug/76 http://www.openwall.com/lists/oss-security/2017/01/18/4 http://www.securityfocus.com/bid/95754 https://bugzilla.redhat.com/show_bug.cgi?id=1367462 https://launchpad.net/php-gettext/trunk/1.0.12 https://lwn.net/Alerts/708838 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2019-18218 – file: heap-based buffer overflow in cdf_read_property_info in cdf.c
https://notcve.org/view.php?id=CVE-2019-18218
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). La función cdf_read_property_info en el archivo cdf.c en file versiones hasta 5.37, no restringe el número de elementos CDF_VECTOR, lo que permite un desbordamiento del búfer en la región heap de la memoria (escritura fuera de límites de 4 bytes). • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780 https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ https://lists.fedoraproject.org/archives/list/p • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •