CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2018-6913
https://notcve.org/view.php?id=CVE-2018-6913
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. Desbordamiento de búfer basado en memoria dinámica (heap) en la función pack de Perl, en versiones anteriores a la 5.26.2, permite que atacantes dependientes del contexto ejecuten código arbitrario mediante un conteo de items largo. • http://www.securityfocus.com/bid/103953 http://www.securitytracker.com/id/1040681 https://lists.debian.org/debian-lts-announce/2018/04/msg00009.html https://rt.perl.org/Public/Bug/Display.html?id=131844 https://security.gentoo.org/glsa/201909-01 https://usn.ubuntu.com/3625-1 https://usn.ubuntu.com/3625-2 https://www.debian.org/security/2018/dsa-4172 https://www.oracle.com/security-alerts/cpujul2020.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2018-6798 – perl: heap read overflow in regexec.c
https://notcve.org/view.php?id=CVE-2018-6798
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. Se ha descubierto un problema en Perl, de la versión 5.22 a la 5.26. Si se hace que coincida una expresión regular dependiente de una locale manipulada, se puede provocar una sobrelectura de búfer basada en memoria dinámica (heap) y una potencial divulgación de información. A heap buffer over read flaw was found in the way Perl regular expression engine handled inputs with invalid UTF-8 characters. • http://www.securitytracker.com/id/1040681 https://access.redhat.com/errata/RHSA-2018:1192 https://rt.perl.org/Public/Bug/Display.html?id=132063 https://security.gentoo.org/glsa/201909-01 https://usn.ubuntu.com/3625-1 https://www.debian.org/security/2018/dsa-4172 https://www.oracle.com/security-alerts/cpujul2020.html https://access.redhat.com/security/cve/CVE-2018-6798 https://bugzilla.redhat.com/show_bug.cgi?id=1547779 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-10124
https://notcve.org/view.php?id=CVE-2018-10124
The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. La función kill_something_info en kernel/signal.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) mediante un argumento INT_MIN. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea77014af0d6205b05503d1c7aac6eace11d473 http://www.securitytracker.com/id/1040684 https://github.com/torvalds/linux/commit/4ea77014af0d6205b05503d1c7aac6eace11d473 https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html https://news.ycombinator.com/item?id=2972021 https://usn.ubuntu.com/3696-1 https://usn.ubuntu.com/3696-2 https://usn.ubuntu.com/3754-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 1%CPEs: 5EXPL: 0CVE-2018-0737 – Cache timing vulnerability in RSA Key Generation
https://notcve.org/view.php?id=CVE-2018-0737
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). Se ha demostrado que el algoritmo de generación de claves RSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral de caché. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/103766 http://www.securitytracker.com/id/1040685 https://access.redhat.com/errata/RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https://access.redhat.com/errata/RHSA-2019:3935 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5f • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2018-10119 – libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document
https://notcve.org/view.php?id=CVE-2018-10119
sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. sot/source/sdstor/stgstrms.cxx en LibreOffice, en versiones anteriores a la 5.4.5.1 y versiones 6.x anteriores a la 6.0.1.1, emplea un tipo de datos incorrecto en la clase StgSmallStrm. Esto permite que atacantes remotos provoquen una denegación de servicio (uso de memoria previamente liberada con acceso de escritura) o que puedan causar otro tipo de impacto sin especificar mediante un documento manipulado que emplea el formato contenedor de archivo ole2 de almacenamiento estructurado. • https://access.redhat.com/errata/RHSA-2018:3054 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5747 https://gerrit.libreoffice.org/#/c/48751 https://gerrit.libreoffice.org/#/c/48756 https://gerrit.libreoffice.org/#/c/48757 https://gerrit.libreoffice.org/#/c/48758 https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=commit%3Bh=fdd41c995d1f719e92c6f083e780226114762f05 https://lists.debian.org/debian-lts-announce/2018/04/msg00021.html https://usn.ubuntu.com/3883- • CWE-416: Use After Free •