CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-17294
https://notcve.org/view.php?id=CVE-2018-17294
The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. La función matchCurrentInput dentro de lou_translateString.c de Liblouis en versiones anteriores a la 3.7 no comprueba la longitud de la cadena entrante, permitiendo a los atacantes provocar una denegación de servicio (cierre inesperado de la aplicación mediante una lectura fuera de límites) creando un archivo entrante con determinados diccionarios de traducción. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html http://www.securityfocus.com/bid/105511 https://github.com/liblouis/liblouis/commit/5e4089659bb49b3095fa541fa6387b4c40d7396e https://github.com/liblouis/liblouis/issues/635 https://usn.ubuntu.com/3782-1 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12085 – liblouis: Stack-based buffer overflow in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-12085
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Liblouis 3.6.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. Esta vulnerabilidad es diferente de CVE-2018-11440. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/liblouis/liblouis/issues/595 https://usn.ubuntu.com/3782-1 https://access.redhat.com/security/cve/CVE-2018-12085 https://bugzilla.redhat.com/show_bug.cgi?id=1589940 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11683
https://notcve.org/view.php?id=CVE-2018-11683
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. Esta vulnerabilidad es diferente de CVE-2018-11440. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/liblouis/liblouis/issues/591 https://usn.ubuntu.com/3672-1 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11684 – liblouis: Stack-based buffer overflow in function includeFile in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-11684
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función includeFile en compileTranslationTable.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/liblouis/liblouis/issues/592 https://usn.ubuntu.com/3672-1 https://access.redhat.com/security/cve/CVE-2018-11684 https://bugzilla.redhat.com/show_bug.cgi?id=1588631 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11685 – liblouis: Stack-based buffer overflow in function compileHyphenation in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-11685
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función compileHyphenation en compileTranslationTable.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/liblouis/liblouis/issues/593 https://usn.ubuntu.com/3672-1 https://access.redhat.com/security/cve/CVE-2018-11685 https://bugzilla.redhat.com/show_bug.cgi?id=1588636 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •