CVSS: 6.5EPSS: 4%CPEs: 22EXPL: 0CVE-2015-5239 – Ubuntu Security Notice USN-2745-1
https://notcve.org/view.php?id=CVE-2015-5239
25 Sep 2015 — Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. Un desbordamiento de enteros en el controlador de pantalla VNC en QEMU versiones anteriores a 2.1.0, permite a atacantes causar una denegación de servicio (bloqueo del proceso) mediante un mensaje CLIENT_CUT_TEXT, que desencadena un bucle infinito. Lian Yihan discovered that QEMU incorrectly handled certain payload messa... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2015-0272 – NetworkManager: remote DoS using IPv6 RA with bogus MTU
https://notcve.org/view.php?id=CVE-2015-0272
23 Sep 2015 — GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215. NOME NetworkManager permite a atacantes remotos causar una denegación de servicio (interrupción del tráfico IPv6) a través de un valor MTU manipulado en un mensaje Router Advertisement (RA) IPv6, una vulnerabilidad diferente a CVE-2015-8215. It was discovered that NetworkManager would set device... • http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=d5fc88e573fa58b93034b04d35a2454f5d28cad9 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 13EXPL: 0CVE-2015-6855 – Gentoo Linux Security Advisory 201602-01
https://notcve.org/view.php?id=CVE-2015-6855
21 Sep 2015 — hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. hw/ide/core.c en QEMU no restringe adecuadamente los comandos aceptados por un dispositivo ATAPI, lo que permite a usuarios invitados provocar una denegación de servicio o p... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html • CWE-369: Divide By Zero •
CVSS: 9.3EPSS: 12%CPEs: 65EXPL: 0CVE-2015-5165 – Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)
https://notcve.org/view.php?id=CVE-2015-5165
12 Aug 2015 — The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. Vulnerabilidad en la emulación de modo offload C+ en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, tal y como se utiliza en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria dinámica del proceso a través de vectores no especificados. An information leak flaw was found in the wa... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2015-5707 – Ubuntu Security Notice USN-2759-1
https://notcve.org/view.php?id=CVE-2015-5707
07 Aug 2015 — Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. Desbordamiento de entero en la función sg_start_req en drivers/scsi/sg.c en el kernel de Linux 2.6.x hasta la versión 4.x en versiones anteriores a 4.1 permite a usuarios locales provocar una denegación de servicio o posiblemente tener otro impacto no especi... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=451a2886b6bf90e2fb378f7c46c655450fb96e81 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 75%CPEs: 49EXPL: 4CVE-2015-4495 – Mozilla Firefox Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-4495
07 Aug 2015 — The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. Vulnerabilidad en el lector de PDF en Mozilla Firefox en versiones anteriores a 39.0.3, Firefox ESR 38.x en versiones anteriores a 38.1.1 y Firefox OS en versiones anteriores a 2.2, permite a at... • https://packetstorm.news/files/id/180630 •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2015-5154 – qemu: ide: atapi: heap overflow during I/O buffer memory access
https://notcve.org/view.php?id=CVE-2015-5154
27 Jul 2015 — Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. Desbordamiento del buffer basado en memoria dinámica en el subsistema IDE en QEMU, usado en Xen 4.5.x y versiones anteriores, cuando el contenedor tiene una unidad CDROM habilitada, permite a usuarios invitados locales ejecutar código arbitrario en el host a través de comandos AT... • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 27EXPL: 0CVE-2015-1283 – chromium-browser: Heap-buffer-overflow in expat.
https://notcve.org/view.php?id=CVE-2015-1283
23 Jul 2015 — Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 6%CPEs: 28EXPL: 0CVE-2015-3405 – ntp: ntp-keygen may generate non-random symmetric keys on big-endian systems
https://notcve.org/view.php?id=CVE-2015-3405
22 Jul 2015 — ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. ntp-keygen en ntp en versiones 4.2.8px anteriores a la 4.2.8p2-RC2 y en versiones 4.3.x anteriores a la 4.3.12 no genera claves MD5 con la suficiente entrop... • http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg • CWE-330: Use of Insufficiently Random Values CWE-331: Insufficient Entropy •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2015-1931 – JDK: plain text data stored in memory dumps
https://notcve.org/view.php?id=CVE-2015-1931
22 Jul 2015 — IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. IBM Java Security Components en IBM SDK, Java Technology Edition 8 versiones anteriores a SR1 FP10, 7 R1 anteriores a SR3 FP10, 7 anteriores a SR9 FP10, 6 R1 anteriores a SR8 FP7, 6 anteriores a SR16 ... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html • CWE-312: Cleartext Storage of Sensitive Information •