CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2018-1000300
https://notcve.org/view.php?id=CVE-2018-1000300
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. curl en su versión 7.54.1 hasta la 7.59.0 contiene una vulnerabilidad CWE-122: desbordamiento de búfer basado en memoria dinámica (heap) y una denegación de servicio (DoS) que puede resultar en que se podría desbordar un búfer de memoria dinámica al cerrar una conexión FTP con respuestas de comandos del servidor muy largas. La vulnerabilidad parece haber sido solucionada en las versiones anteriores a la 7.54.1 y en la 7.60.0 y posteriores. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/104207 http://www.securitytracker.com/id/1040933 https://curl.haxx.se/docs/adv_2018-82c2.html https://security.gentoo.org/glsa/201806-05 https://usn.ubuntu.com/3648-1 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html http://www.ijg.org http://www.securityfocus.com/bid/106583 https://access.redhat.com/errata/RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0474 https:/ • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-11213 – libjpeg: Segmentation fault in get_text_gray_row function in rdppm.c
https://notcve.org/view.php?id=CVE-2018-11213
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. Se ha descubierto un problema en libjpeg 9a. La función get_text_gray_row en rdppm.c permite que los atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo manipulado. An out-of-bound read vulnerability has been discovered in libjpeg-turbo when reading one row of pixels of a PGM file. • https://access.redhat.com/errata/RHSA-2019:2052 https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9a https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html https://usn.ubuntu.com/3706-1 https://usn.ubuntu.com/3706-2 https://access.redhat.com/security/cve/CVE-2018-11213 https://bugzilla.redhat.com/show_bug.cgi?id=1579979 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-11214 – libjpeg: Segmentation fault in get_text_rgb_row function in rdppm.c
https://notcve.org/view.php?id=CVE-2018-11214
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. Se ha descubierto un problema en libjpeg 9a. La función get_text_rgb_row en rdppm.c permite que los atacantes remotos provoquen una denegación de servicio (fallo de segmentación) mediante un archivo manipulado. An out-of-bounds read vulnerability has been discovered in libjpeg-turbo when reading one row of pixels of a PPM file. • https://access.redhat.com/errata/RHSA-2019:2052 https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9a https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html https://usn.ubuntu.com/3706-1 https://usn.ubuntu.com/3706-2 https://access.redhat.com/security/cve/CVE-2018-11214 https://bugzilla.redhat.com/show_bug.cgi?id=1579980 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 4%CPEs: 18EXPL: 0CVE-2018-8014 – tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
https://notcve.org/view.php?id=CVE-2018-8014
The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue. Las opciones por defecto para el filtro CORS proporcionado en Apache Tomcat 9.0.0.M1 a 9.0.8, 8.5.0 a 8.5.31, 8.0.0.RC1 a 8.0.52 y 7.0.41 a 7.0.88 son inseguras y permiten "supportsCredentials" para todos los orígenes. Se espera que los usuarios del filtro CORS lo tengan configurado de forma adecuada para su entorno, en lugar de emplearlo con su configuración por defecto. • http://tomcat.apache.org/security-7.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/104203 http://www.securitytracker.com/id/1040998 http://www.securitytracker.com/id/1041888 https://access.redhat.com/errata/RHSA-2018:2469 https://access.redhat.com/errata/RHSA-2018:2470 https://access.redhat.com/errata/RHSA-2018:3768 https://a • CWE-284: Improper Access Control CWE-1188: Initialization of a Resource with an Insecure Default •