CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18873 – Ubuntu Security Notice USN-4688-1
https://notcve.org/view.php?id=CVE-2018-18873
31 Oct 2018 — An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c. Se ha descubierto un problema en JasPer 2.0.14. Hay una desreferencia de puntero NULL en la función ras_putdatastd en ras/ras_enc.c. It was discovered that Jasper incorrectly certain files. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-476: NULL Pointer Dereference •
CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 1CVE-2018-18585 – libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes
https://notcve.org/view.php?id=CVE-2018-18585
23 Oct 2018 — chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). chmd_read_headers en mspack/chmd.c en libmspack en versiones anteriores a la 0.8alpha acepta un nombre de archivo que tiene "\0" como su primer o segundo carácter (como el nombre "/\0"). Multiple vulnerabilities have been found in cabextract and libmspack, the worst of which could result in a Denial of Service. Versions less than 1.8 are affected. • https://access.redhat.com/errata/RHSA-2019:2049 • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2011-4190 – Missing verification of host key for kdump server
https://notcve.org/view.php?id=CVE-2011-4190
08 Jun 2018 — The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files). La implementación kdump carece de la verificación de clave host en la integración OpenSSH de kdump y mkdumprd d... • https://bugzilla.suse.com/show_bug.cgi?id=722440 • CWE-306: Missing Authentication for Critical Function CWE-310: Cryptographic Issues •
CVSS: 5.6EPSS: 94%CPEs: 1467EXPL: 10CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have imp... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 10.0EPSS: 37%CPEs: 66EXPL: 0CVE-2017-18017 – kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
https://notcve.org/view.php?id=CVE-2017-18017
03 Jan 2018 — The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action. La función tcpmss_mangle_packet en net/netfilter/xt_TCPMSS.c en el kernel de Linux, en versiones anteriores a la 4.11 y en versiones 4.9.x anteriores a la 4.9.36, permite que atacantes remotos p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-15638
https://notcve.org/view.php?id=CVE-2017-15638
09 Nov 2017 — The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services... • http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html •
CVSS: 8.1EPSS: 1%CPEs: 85EXPL: 0CVE-2017-13077 – wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake
https://notcve.org/view.php?id=CVE-2017-13077
16 Oct 2017 — Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave temporal (TK) PTK (Pairwise Transient Key) durante la negociación en cuatro pasos, haciendo que un atacante que se sitúe entro del radio responda, descifre o suplante frames. A new exploitation technique called key re... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 5.3EPSS: 0%CPEs: 85EXPL: 0CVE-2017-13081 – FreeBSD Security Advisory - FreeBSD-SA-17:07.wpa
https://notcve.org/view.php?id=CVE-2017-13081
16 Oct 2017 — Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11w permite la reinstalación de la clave temporal IGTK (Integrity Group Temporal Key) durante el handshake de clave de grupo, haciendo que un atacante en el rango de radio suplante frames desde los puntos d... • http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 0%CPEs: 85EXPL: 1CVE-2017-13082 – wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it
https://notcve.org/view.php?id=CVE-2017-13082
16 Oct 2017 — Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalación de la clave temporal PTK (Pairwise Transient Key) durante la negociación de la transmisión rápida (FT) BSS, haciendo que un atacante en el rango de radio repro... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •
CVSS: 6.8EPSS: 1%CPEs: 85EXPL: 0CVE-2017-13084 – Slackware Security Advisory - wpa_supplicant Updates
https://notcve.org/view.php?id=CVE-2017-13084
16 Oct 2017 — Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave STK (Transient Key) STSL (Station-To-Station-Link) durante la negociación PeerKey, haciendo que un atacante que se sitúe dentro del radio reproduzca, descifre o suplante frames. New wpa_supplicant packages are avai... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt • CWE-323: Reusing a Nonce, Key Pair in Encryption CWE-330: Use of Insufficiently Random Values •