CVSS: 6.8EPSS: 3%CPEs: 12EXPL: 0CVE-2015-1858
https://notcve.org/view.php?id=CVE-2015-1858
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image. Múltiples desbordamientos del buffer en gui/image/qbmphandler.cpp en el módulo QtBase en Qt en versiones anteriores a 4.8.7 y 5.x en versiones anteriores a 5.4.2 permiten a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) y posiblemente ejecutar código arbitrario a través de una imagen BMP manipulada. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html http://lists.qt-project.org/pipermail/announce/2015-April/000067.html http://www.securityfocus.com/bid/74309 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 3%CPEs: 12EXPL: 0CVE-2015-1859
https://notcve.org/view.php?id=CVE-2015-1859
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image. Múltiples desbordamientos de buffer en plugins/imageformats/ico/qicohandler.cpp en el módulo QtBase en Qt en versiones anteriores a 4.8.7 y 5.x en versiones anteriores a 5.4.2 permiten a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) y posiblemente ejecutar código arbitrario a través de una imagen ICO manipulada. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html http://lists.qt-project.org/pipermail/announce/2015-April/000067.html http://www.securityfocus.com/bid/74307 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 4%CPEs: 12EXPL: 0CVE-2015-1860
https://notcve.org/view.php?id=CVE-2015-1860
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image. Múltiples desbordamientos de buffer en gui/image/qgifhandler.cpp en el módulo QtBase en Qt en versiones anteriores a 4.8.7 y 5.x en versiones anteriores a 5.4.2 permiten a atacantes remotos provocar una denegación de servicio (fallo de segmentación) y posiblemente ejecutar código arbitrario a través de una imagen GIF manipulada. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155947.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155962.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155976.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156727.html http://lists.fedoraproject.org/pipermai • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 58EXPL: 0CVE-2015-0844
https://notcve.org/view.php?id=CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file. La API WML/Lua en Battle for Wesnoth 1.7.x hasta 1.11.x y 1.12.x anterior a 1.12.2 permite a atacantes remotos leer ficheros arbitrarios a través de un fichero manipulado de (1) campañas o (2) mapas. • http://forums.wesnoth.org/viewtopic.php?t=41870 http://forums.wesnoth.org/viewtopic.php?t=41872 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155031.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155968.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156001.html http://www.debian.org/security/2015/dsa-3218 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2015-2806 – libtasn1: stack overflow in asn1_der_decoding
https://notcve.org/view.php?id=CVE-2015-2806
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. Desbordamiento de buffer basado en pila en asn1_der_decoding en libtasn1 anterior a 4.4 permite a atacantes remotos tener un impacto no especificado a través de vectores desconocidos. A stack-based buffer overflow was found in the way libtasn1 decoded certain DER encoded data. An attacker could use this flaw to crash an application using the libtasn1 library. • http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=4d4f992826a4962790ecd0cce6fbba4a415ce149 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154741.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154805.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155117.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155270.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155435.html http://lists. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •