CVSS: 5.3EPSS: 1%CPEs: 9EXPL: 0CVE-2018-7537 – django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'
https://notcve.org/view.php?id=CVE-2018-7537
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. Se ha descubierto un problema en Django, en versiones 2.0 anteriores a la 2.0.3; versiones 1.11 anteriores a la 1.11.11 y versiones 1.8 anteriores a la 1.8.19. Si los métodos de django.utils.text.Truncator chars() y words() se pasaban al argumento html=True, eran extremadamente lentos a la hora de evaluar ciertas entradas debido a una vulnerabilidad catastrófica de búsqueda hacia atrás en una expresión regular. • http://www.securityfocus.com/bid/103357 https://access.redhat.com/errata/RHSA-2018:2927 https://access.redhat.com/errata/RHSA-2019:0265 https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html https://usn.ubuntu.com/3591-1 https://www.debian.org/security/2018/dsa-4161 https://www.djangoproject.com/weblog/2018/mar/06/security-releases https://access.redhat.com/security/cve/CVE-2018-7537 https://bugzilla.redhat.com/show_bug.cgi?id=1549779 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7073
https://notcve.org/view.php?id=CVE-2018-7073
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. Se ha identificado una vulnerabilidad de modificación de archivos arbitrarios locales en HPE Moonshot Provisioning Manager en versiones anteriores a la v1.24. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03843en_us https://www.tenable.com/security/research/tra-2018-15 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2017-7518 – Kernel: KVM: debug exception via syscall emulation
https://notcve.org/view.php?id=CVE-2017-7518
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this. Se ha detectado un error en el kernel de Linux en versiones anteriores a la 4.12 en la forma en la que el módulo KVM procesó el bit trap flag(TF) en EFLAGS durante la emulación de la instrucción de la llamada del sistema, lo que conduce a que se lance una excepción de depuración (#DB) en la pila invitada. Un usuario/proceso en un invitado podría utilizar este error para escalar sus privilegios en el invitado. • http://www.openwall.com/lists/oss-security/2017/06/23/5 http://www.securityfocus.com/bid/99263 http://www.securitytracker.com/id/1038782 https://access.redhat.com/articles/3290921 https://access.redhat.com/errata/RHSA-2018:0395 https://access.redhat.com/errata/RHSA-2018:0412 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518 https://usn.ubuntu.com/3619-1 https://usn.ubuntu.com/3619-2 https://usn.ubuntu.com/3754-1 https://www.debian.org/security&# • CWE-250: Execution with Unnecessary Privileges CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7729
https://notcve.org/view.php?id=CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. Se ha descubierto un problema en Exempi hasta su versión 2.4.4. Hay una sobrelectura de búfer basada en pila en la función PostScript_MetaHandler::ParsePSFile() en XMPFiles/source/FileHandlers/PostScript_Handler.cpp. • https://bugs.freedesktop.org/show_bug.cgi?id=105206 https://cgit.freedesktop.org/exempi/commit/?id=baa4b8a02c1ffab9645d13f0bfb1c0d10d311a0c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCFXKOOATZ2B5G3G7EBXZWVZHEABN4ZV https://usn.ubuntu.com/3668-1 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-7730 – exempi: Heap-based buffer overflow in PSD_MetaHandler::CacheFileData function in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp allows for denial of service via crafted XLS file
https://notcve.org/view.php?id=CVE-2018-7730
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. Se ha descubierto un problema en Exempi hasta su versión 2.4.4. Cierto caso de longitud 0xffffffff se gestiona de manera incorrecta en XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, lo que conduce a una sobrelectura de búfer basada en memoria dinámica (heap) en la función PSD_MetaHandler::CacheFileData(). An integer wraparound, leading to a buffer overflow, was found in Exempi in the way it handles Adobe Photoshop Images. • https://access.redhat.com/errata/RHSA-2019:2048 https://bugs.freedesktop.org/show_bug.cgi?id=105204 https://cgit.freedesktop.org/exempi/commit/?id=6cbd34025e5fd3ba47b29b602096e456507ce83b https://lists.debian.org/debian-lts-announce/2018/03/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCFXKOOATZ2B5G3G7EBXZWVZHEABN4ZV https://usn.ubuntu.com/3668-1 https://access.redhat.com/security/cve/CVE-2018-7730 https://bugzilla.redhat.com/show_bug.cgi?id& • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •