CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16758 – Debian Security Advisory 4312-1
https://notcve.org/view.php?id=CVE-2018-16758
08 Oct 2018 — Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets. La falta de autenticación de mensajes en el protocolo meta en Tinc VPN en versiones 1.0.34 y anteriores permite que un ataque Man-in-the-Middle (MitM) deshabilite el cifrado de paquetes VPN. Several vulnerabilities were discovered in tinc, a Virtual Private Network (VPN) daemon. • http://tinc-vpn.org/security • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-3837 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2018-3837
10 Apr 2018 — An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability. Existe una vulnerabilidad explotable de divulgación de información en la funcionalidad de renderización de imágenes PCX de Simple DirectMedia Layer SDL2_image-2.0.2. Una im... • https://security.gentoo.org/glsa/201903-17 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 1CVE-2018-3839 – Gentoo Linux Security Advisory 201903-17
https://notcve.org/view.php?id=CVE-2018-3839
10 Apr 2018 — An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad de renderización de imágenes XCF de Simple DirectMedia Layer SDL2_image-2.0.2. Una imagen XCF especialmente ... • https://security.gentoo.org/glsa/201903-17 • CWE-787: Out-of-bounds Write •