Page 153 of 2170 results (0.022 seconds)

CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 2

CVE-2018-12264 – exiv2: integer overflow in getData function in preview.cpp

https://notcve.org/view.php?id=CVE-2018-12264

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. Exiv2 0.26 tiene desbordamientos de enteros en LoaderTiff::getData() en preview.cpp, lo que conduce a una lectura fuera de límites en Exiv2::ValueType::setDataArea en value.hpp. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/366 https://github.com/TeamSeri0us/pocs/blob/master/exiv2/2-out-of-read-Poc https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html https://security.gentoo.org/glsa/201811-14 https://usn.ubuntu.com/3700-1 https://www.debian.org/security/2018/dsa-4238 https://access.redhat.com/security/cve/CVE-2018 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 4%CPEs: 13EXPL: 0

CVE-2018-0732 – Client DoS due to large DH parameter

https://notcve.org/view.php?id=CVE-2018-0732

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o). • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/104442 http://www.securitytracker.com/id/1041090 https://access.redhat.com/errata/RHSA-2018:2552 https://access.redhat.com/errata/RHSA-2018:2553 https://access.redhat.com/errata/RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2019:1296 https://access.redhat.com/errata/RHSA-2019:1297 https://access.redhat.com/errata/ • CWE-320: Key Management Errors CWE-325: Missing Cryptographic Step •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2018-12233

https://notcve.org/view.php?id=CVE-2018-12233

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to create files and execute programs. A kmalloc call is incorrect, leading to slab-out-of-bounds in jfs_xattr. En la función ea_get en fs/jfs/xattr.c en el kernel de Linux hasta la versión 4.17.1, un error de corrupción de memoria en JFS puede desencadenarse mediante una llamada a setxattr dos veces con dos nombres de atributo extendidos diferentes en el mismo archivo. Esta vulnerabilidad puede ser desencadenada por un usuario no privilegiado con la capacidad de crear archivos y ejecutar programas. • http://www.securityfocus.com/bid/104452 https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://lkml.org/lkml/2018/6/2/2 https://marc.info/?l=linux-kernel&m=152814391530549&w=2 https://usn.ubuntu.com/3752-1 https://usn.ubuntu.com/3752-2 https://usn.ubuntu.com/3752-3 https://usn.ubuntu.com/3753-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-5119

https://notcve.org/view.php?id=CVE-2018-5119

The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox < 58. La vista del lector mostrará el contenido de orígenes cruzados cuando las cabeceras CORS estén configurados para prohibir la carga de contenido de orígenes cruzados por un sitio. Esto podría permitir el acceso a contenidos que deberían ser restringidos en la vista del lector. • http://www.securityfocus.com/bid/102786 http://www.securitytracker.com/id/1040270 https://bugzilla.mozilla.org/show_bug.cgi?id=1420507 https://usn.ubuntu.com/3544-1 https://www.mozilla.org/security/advisories/mfsa2018-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-5122

https://notcve.org/view.php?id=CVE-2018-5122

A potential integer overflow in the "DoCrypt" function of WebCrypto was identified. If a means was found of exploiting it, it could result in an out-of-bounds write. This vulnerability affects Firefox < 58. Se ha identificado un potencial desbordamiento de enteros en la función "DoCrypt" de WebCrypto. Si se encuentra un medio para explotarlo, podría resultar en una escritura fuera de límites. • http://www.securityfocus.com/bid/102786 http://www.securitytracker.com/id/1040270 https://bugzilla.mozilla.org/show_bug.cgi?id=1413841 https://usn.ubuntu.com/3544-1 https://www.mozilla.org/security/advisories/mfsa2018-02 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •