CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2019-9631 – poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc
https://notcve.org/view.php?id=CVE-2019-9631
08 Mar 2019 — Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. Poppler en su versión 0.74.0, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función CairoRescaleBox.cc downsample_row_box_filter. Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Issues addressed include buffer overflow and null pointer vulnerabilities. • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 8%CPEs: 35EXPL: 2CVE-2019-8936 – Ubuntu Security Notice USN-4563-2
https://notcve.org/view.php?id=CVE-2019-8936
08 Mar 2019 — NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. A crafted malicious authenticated mode 6 packet from a permitted network address can trigger a NULL pointer dereference. Note for this attack to work, the sending system must be on an address from which the target ntpd(8) accepts mode 6 packets, and must use a private key that is specifically listed as being used for mode 6 authorization. The ntpd daemon can crash due to the NULL pointer derefer... • https://github.com/snappyJack/CVE-2019-8936 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9211
https://notcve.org/view.php?id=CVE-2019-9211
27 Feb 2019 — There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service. Hay un aborto de aserción alcanzable en la función write_long_string_missing_values() en data/sys-file-writer.c en libdata.a en la versión 1.2.0 de GNU PSPP que conducirá a una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00068.html • CWE-617: Reachable Assertion •
CVSS: 5.9EPSS: 6%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2019-9199
https://notcve.org/view.php?id=CVE-2019-9199
26 Feb 2019 — PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. PoDoFo::Impose::PdfTranslator::setSource() en pdftranslator.cpp en la versión 0.9.6 de PoDoFo tiene una vulnerabilidad de desreferencia de puntero NULL que puede desencadenarse, por ejemplo, med... • https://github.com/jjanku/podofo/commit/ada821df68fb0bf673840ed525daf4ec709dbfd9 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-3812 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2019-3812
19 Feb 2019 — QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host. QEMU, hasta la versión 2.10 y la 3.1.0, es vulnerable a una lectura fuera de límites de hasta 128 bytes en la función hw/i2c/i2c-ddc.c:i2c_ddc(). Un atacante local con permisos para ejecutar comandos i2c podría aprovechar este... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 55EXPL: 1CVE-2019-6454 – systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash
https://notcve.org/view.php?id=CVE-2019-6454
18 Feb 2019 — An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). Se ha descubierto un problema en sd-bus en... • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-8376
https://notcve.org/view.php?id=CVE-2019-8376
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • http://www.securityfocus.com/bid/107085 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2019-8377
https://notcve.org/view.php?id=CVE-2019-8377
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • http://www.securityfocus.com/bid/107085 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-8381
https://notcve.org/view.php?id=CVE-2019-8381
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • https://github.com/appneta/tcpreplay/issues/538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •