CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2CVE-2018-11577 – liblouis: Segmentation fault in logging.c:lou_logPrint()
https://notcve.org/view.php?id=CVE-2018-11577
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. Liblouis 3.5.0 tiene un fallo de segmentación en lou_logPrint en logging.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html https://github.com/Edward-L/fuzzing-pocs/tree/master/liblouis https://github.com/liblouis/liblouis/issues/582 https://usn.ubuntu.com/3669-1 https://access.redhat.com/security/cve/CVE-2018-11577 https://bugzilla.redhat.com/show_bug.cgi?id=1585905 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11440
https://notcve.org/view.php?id=CVE-2018-11440
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html http://www.securityfocus.com/bid/104321 https://github.com/liblouis/liblouis/issues/575 https://usn.ubuntu.com/3669-1 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 1CVE-2018-11410
https://notcve.org/view.php?id=CVE-2018-11410
An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Se ha descubierto un problema en versiones anteriores a la 1.2.1 de CppCMS. Hay una denegación de servicio (DoS) en el módulo de análisis JSON. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html http://www.securityfocus.com/bid/104324 https://bugzilla.redhat.com/show_bug.cgi?id=1582024 https://docs.google.com/document/d/1Uw3D6ECXZr8S2cWOTY81kg6ivv0WpR4kQqxVpUSyGUA/edit?usp=sharing https://usn.ubuntu.com/3669-1 • CWE-416: Use After Free •