CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2015-1804 – libXfont: out-of-bounds memory access in bdfReadCharacters
https://notcve.org/view.php?id=CVE-2015-1804
18 Mar 2015 — The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds memory access) and possibly execute arbitrary code via a crafted BDF font file. La función bdfReadCharacters en bitmap/bdfread.c en X.Org libXfont anterior a 1.4.9 y 1.5.x anterior a 1.5.1 no realiza adecuadamente la conversión de tipos para valores métricos, l... • http://advisories.mageia.org/MGASA-2015-0113.html • CWE-189: Numeric Errors CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2014-8159 – kernel: infiniband: uverbs: unprotected physical memory access
https://notcve.org/view.php?id=CVE-2014-8159
11 Mar 2015 — The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/. La implementación InfiniBand (IB) en el paquete del kernel de Linux anterior a 2.6.32-504... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-190: Integer Overflow or Wraparound CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 14%CPEs: 8EXPL: 0CVE-2015-0228 – httpd: Possible mod_lua crash due to websocket bug
https://notcve.org/view.php?id=CVE-2015-0228
08 Mar 2015 — The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function. La función lua_websocket_read en lua_request.c en el módulo mod_lua en Apache HTTP Server hasta 2.4.12 permite a atacantes remotos causar una denegación de servicio (caída del proceso hijo) mediante el envío de un Frame WebSocket... • http://advisories.mageia.org/MGASA-2015-0099.html • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 1%CPEs: 8EXPL: 1CVE-2013-7423 – glibc: getaddrinfo() writes DNS queries to random file descriptors under high load
https://notcve.org/view.php?id=CVE-2013-7423
24 Feb 2015 — The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function. La función send_dg en resolv/res_send.c en GNU C Library (también conocido como glibc o libc6) en versiones anteriores a 2.20 no reutiliza adecuadamente descriptores de fichero, lo que permite a atacantes remotos mandar cons... • https://packetstorm.news/files/id/164014 • CWE-17: DEPRECATED: Code CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 3%CPEs: 7EXPL: 3CVE-2014-9402 – glibc: denial of service in getnetbyname function
https://notcve.org/view.php?id=CVE-2014-9402
24 Feb 2015 — The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process. La implementación nss_dns de getnetbyname en GNU C Library (también conocido como glibc) anterior a 2.21, cuando el backend DNS en la configuración Name Service Switch está habilitado, permite a atacantes remotos cau... • https://packetstorm.news/files/id/154361 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0CVE-2015-1473 – glibc: Stack-overflow in glibc swscanf
https://notcve.org/view.php?id=CVE-2015-1473
24 Feb 2015 — The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call. El macro ADDW en stdio-common/vfscanf.c en la libraría GNU C (ta... • http://openwall.com/lists/oss-security/2015/02/04/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 2CVE-2015-1472 – glibc: heap buffer overflow in glibc swscanf
https://notcve.org/view.php?id=CVE-2015-1472
24 Feb 2015 — The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call. El macro ADDW en stdio-common/vfscanf.c en la libraría GNU C (también conocida como glibc o libc6) anterior a 2.21 no considera co... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2015-1572 – Debian Security Advisory 3166-1
https://notcve.org/view.php?id=CVE-2015-1572
23 Feb 2015 — Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247. Desbordamiento de buffer basado en memoria dinámica en closefs.c en la libraría libext2fs en e2fsprogs anterior a 1.42.12 permite a usuarios locales ejecutar código arbitrario al causar que un descriptor manipulado de grupos en... • http://advisories.mageia.org/MGASA-2015-0088.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 0CVE-2014-9679 – cups: cupsRasterReadPixels buffer overflow
https://notcve.org/view.php?id=CVE-2014-9679
19 Feb 2015 — Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow. Desbordamiento de enteros en la función cupsRasterReadPixels en filter/raster.c en CUPS anterior a 2.0.2 permite a atacantes remotos tener un impacto no especificado a través de un fichero de raster comprimido malformado, lo que provoca un desbordamiento de buffer. An integer overflow flaw, ... • http://advisories.mageia.org/MGASA-2015-0067.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 3%CPEs: 22EXPL: 1CVE-2014-9671 – freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-9671
08 Feb 2015 — Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented. Error de superación de límite (off-by-one) en la función pcf_get_properties en pcf/pcfread.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de aplicación... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-476: NULL Pointer Dereference •