CVSS: 8.6EPSS: 0%CPEs: 78EXPL: 0CVE-2018-5743 – Limiting simultaneous TCP clients was ineffective
https://notcve.org/view.php?id=CVE-2018-5743
25 Apr 2019 — By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.... • https://kb.isc.org/docs/cve-2018-5743 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 351EXPL: 0CVE-2019-6609
https://notcve.org/view.php?id=CVE-2019-6609
15 Apr 2019 — Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) versions 14.0.0-14.1.0.1, 13.0.0-13.1.1.3, and 12.1.1 HF2-12.1.4, the secureKeyCapable attribute was not set which causes secure vault to not use the F5 hardware support to store the unit key. Instead the unit key is stored in plaintext on disk as would be the case for Z100 systems. Additionally this caus... • https://support.f5.com/csp/article/K18535734 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 13EXPL: 0CVE-2019-6592
https://notcve.org/view.php?id=CVE-2019-6592
26 Feb 2019 — On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles. En BIG-IP 14.1.0-14.1.0.1, TMM puede reiniciarse y producir un archivo core durante la validación de certificados SSL en los perfiles SSL del cliente o del servidor. • http://www.securityfocus.com/bid/107176 • CWE-295: Improper Certificate Validation •
CVSS: 5.9EPSS: 1%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2019-9075 – Gentoo Linux Security Advisory 202107-24
https://notcve.org/view.php?id=CVE-2019-9075
24 Feb 2019 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en _bfd_archive_64_bit_slurp_armap en archive64.c. USN-4336-1 fixed several vulnerabiliti... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 1%CPEs: 56EXPL: 3CVE-2019-8331 – bootstrap: XSS in the tooltip or popover data-template attribute
https://notcve.org/view.php?id=CVE-2019-8331
20 Feb 2019 — In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. En Bootstrap, en versiones anteriores a la 3.4.1 y versiones 4.3.x anteriores a la 4.3.1, es posible Cross-Site Scripting (XSS) en los atributos de data-template tooltip o popover. A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popov... • https://github.com/Thampakon/CVE-2019-8331 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 8%CPEs: 60EXPL: 4CVE-2019-6974 – Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2019-6974
15 Feb 2019 — In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. En el kernel de Linux en versiones anteriores a la 4.20.8, kvm_ioctl_create_device en virt/kvm/kvm_main.c gestiona de manera incorrecta el conteo de referencias debido a una condición de carrera, lo que conduce a un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor imp... • https://packetstorm.news/files/id/151690 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.5EPSS: 3%CPEs: 16EXPL: 1CVE-2018-16890 – curl: NTLM type-2 heap out-of-bounds buffer read
https://notcve.org/view.php?id=CVE-2018-16890
06 Feb 2019 — libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds. Libcurl, desde la versión 7.36.0 hasta antes de la 7.64... • https://github.com/michelleamesquita/CVE-2018-16890 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15334
https://notcve.org/view.php?id=CVE-2018-15334
28 Dec 2018 — A cross-site request forgery (CSRF) vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication. Una vulnerabilidad Cross-Site Request Forgery (CSRF) en APM webtop, en versiones 11.2.1 o posteriores, podría permitir que un atacante fuerce una sesión de APM webtop a que cierre la sesión y requiera reautenticarse. • http://www.securityfocus.com/bid/106364 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 52EXPL: 0CVE-2018-15333
https://notcve.org/view.php?id=CVE-2018-15333
28 Dec 2018 — On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such as QKView and TCPDumps. En versiones 11.2.1. y posteriores, el acceso a los archivos de instantánea sin restricciones permite que un usuario del sistema BIG-IP con cualquier rol, incluyendo Guest, tenga acceso y descargue archivos de captura previamente generad... • http://www.securityfocus.com/bid/106380 • CWE-434: Unrestricted Upload of File with Dangerous Type •