CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12376 – Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
https://notcve.org/view.php?id=CVE-2018-12376
08 Sep 2018 — Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Hay errores de seguridad de memoria en Firefox 61 y Firefox ESR 60.1. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos p... • http://www.securityfocus.com/bid/105280 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12377 – Mozilla: Use-after-free in driver timers
https://notcve.org/view.php?id=CVE-2018-12377
08 Sep 2018 — A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando se actualizan los temporizadores de los drivers de actualización en algunas circunstancias durante el apagado cuando el temporizado... • http://www.securityfocus.com/bid/105280 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1CVE-2018-12383 – Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
https://notcve.org/view.php?id=CVE-2018-12383
07 Sep 2018 — If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1. • http://www.securityfocus.com/bid/105276 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12378 – Mozilla: Use-after-free in IndexedDB
https://notcve.org/view.php?id=CVE-2018-12378
07 Sep 2018 — A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando un índice IndexedDB se elimina mientras sigue en uso por parte de código JavaScript que está proporcionando valores de carga útil para q... • http://www.securityfocus.com/bid/105280 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 92%CPEs: 14EXPL: 7CVE-2018-16509 – Ghostscript Failed Restore Command Execution
https://notcve.org/view.php?id=CVE-2018-16509
05 Sep 2018 — An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. Se ha descubierto un problema en versiones anteriores a la 9.24 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" durante el manejo de excepciones /invalidaccess podría ser empleada por atacantes que sean capaces de proporc... • https://packetstorm.news/files/id/149263 •
CVSS: 7.5EPSS: 4%CPEs: 12EXPL: 0CVE-2018-10911 – glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
https://notcve.org/view.php?id=CVE-2018-10911
04 Sep 2018 — A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. Se ha detectado un error en la forma en la que la función dic_unserialize en glusterfs no gestiona los valores de longitud de clave negativos. Un atacante podría utilizar este error para leer la memoria de otras ubicaciones en el valor dict almacenado. A flaw was found in dict.c:dict_unserialize function ... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-16435 – lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-16435
04 Sep 2018 — Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. Little CMS (también conocido como Little Color Management System) 2.9 tiene un desbordamiento de enteros en la función AllocateDataSet en cmscgats.c que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función SetData mediante un ar... • https://access.redhat.com/errata/RHSA-2018:3004 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 58%CPEs: 26EXPL: 1CVE-2018-5740 – A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named
https://notcve.org/view.php?id=CVE-2018-5740
28 Aug 2018 — "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. "deny-answer-aliases" es una característica poco utilizada que ... • https://github.com/sischkg/cve-2018-5740 • CWE-617: Reachable Assertion •
CVSS: 10.0EPSS: 4%CPEs: 17EXPL: 0CVE-2011-2767 – mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess
https://notcve.org/view.php?id=CVE-2011-2767
26 Aug 2018 — mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. mod_perl 2.0 hasta la versión 2.0.10 permite que los atacantes ejecuten código Perl colocándolo en u... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00063.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-266: Incorrect Privilege Assignment •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2018-10902 – Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-10902
21 Aug 2018 — It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation. Se ha detectado que el controlador del kernel midi raw no protege contra el acceso concurrente, lo que conduce a un doble realloc (doble liberación) en snd_rawmidi_input_para... • http://www.securityfocus.com/bid/105119 • CWE-415: Double Free CWE-416: Use After Free •