CVSS: 6.5EPSS: 1%CPEs: 15EXPL: 0CVE-2018-12824 – Adobe Flash MP3 Parsing COMM Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-12824
16 Aug 2018 — Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/105066 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 17%CPEs: 16EXPL: 0CVE-2018-12825 – flash-plugin: Security Mitigation Bypass vulnerability (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12825
16 Aug 2018 — Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de omisión de seguridad. Su explotación con éxito podría resultar en una omisión de la mitigación de seguridad. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. • http://www.securityfocus.com/bid/105070 •
CVSS: 7.5EPSS: 2%CPEs: 15EXPL: 0CVE-2018-12826 – flash-plugin: Information Disclosure vulnerabilities (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12826
16 Aug 2018 — Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. • http://www.securityfocus.com/bid/105066 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 30%CPEs: 15EXPL: 2CVE-2018-12827 – Adobe Flash - AVC Processing Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2018-12827
16 Aug 2018 — Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. • https://packetstorm.news/files/id/149072 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 17%CPEs: 16EXPL: 0CVE-2018-12828 – flash-plugin: Privilege Escalation vulnerability (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12828
16 Aug 2018 — Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de "uso de un componente con una vulnerabilidad conocida". Su explotación con éxito podría conducir al escalado de privilegios. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. • http://www.securityfocus.com/bid/105071 •
CVSS: 7.8EPSS: 1%CPEs: 152EXPL: 0CVE-2018-5391 – The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets
https://notcve.org/view.php?id=CVE-2018-5391
14 Aug 2018 — The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. El kernel de Linux en versio... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 19%CPEs: 127EXPL: 0CVE-2018-5390 – Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
https://notcve.org/view.php?id=CVE-2018-5390
06 Aug 2018 — Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP pac... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2018-10883 – kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function
https://notcve.org/view.php?id=CVE-2018-10883
30 Jul 2018 — A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. Se ha encontrado un error en el sistema de archivos ext4 del kernel de Linux. Un usuario local puede provocar una escritura fuera de límites en jbd2_journal_dirty_metadata, una denegación de servicio (DoS) y un cierre inesperado del sistema montando y operando una imagen de... • https://access.redhat.com/errata/RHSA-2018:2948 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-10882 – kernel: stack-out-of-bounds write infs/jbd2/transaction.c
https://notcve.org/view.php?id=CVE-2018-10882
27 Jul 2018 — A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. Se ha detectado una vulnerabilidad en el sistema de archivos ext4 del kernel de Linux. Un usuario local puede provocar una escritura fuera de límites en el código de fs/jbd2/transaction.c, una denegación de servicio (DoS) y un cierre inesperado del sistema al desmontar una imagen del siste... • http://www.securityfocus.com/bid/106503 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-6151 – chromium-browser: Bad cast in DevTools
https://notcve.org/view.php?id=CVE-2018-6151
27 Jul 2018 — Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Una mala conversión en DevTools en Google Chrome, en versiones anteriores a la 66.0.3359.117 para Windows, Linux, Mac y Chrome OS, permitía que un atacante, que hubiese convencido a un usuario para que instale una extensión maliciosa, realizase una lectura de memoria fuera d... • http://www.securityfocus.com/bid/104887 • CWE-125: Out-of-bounds Read •