CVSS: 5.3EPSS: 4%CPEs: 35EXPL: 0CVE-2018-17189 – httpd: mod_http2: DoS via slow, unneeded request bodies
https://notcve.org/view.php?id=CVE-2018-17189
23 Jan 2019 — In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections. En Apache HTTP Server, en sus versiones 2.4.37 y anteriores, mediante el envío de cuerpos de respuesta mediante la técnica del "slow loris" a recursos planos, la transmisión h2 para esa petición ocupó de forma innecesaria un hilo de servidor que... • http://www.securityfocus.com/bid/106685 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 65%CPEs: 18EXPL: 5CVE-2019-6116 – Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-6116
23 Jan 2019 — In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. En Artifex Ghostscript hasta la versión 9.26, los procedimientos ephemeral o transient pueden permitir el acceso a los operadores del sistema, lo que conduce a la ejecución remota de código. It was found that ghostscript could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this f... • https://packetstorm.news/files/id/151307 •
CVSS: 8.1EPSS: 1%CPEs: 10EXPL: 1CVE-2019-6251 – webkitgtk: processing maliciously crafted web content lead to URI spoofing
https://notcve.org/view.php?id=CVE-2019-6251
14 Jan 2019 — WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. WebKitGTK y WPE WebKit versiones anteriores a 2.24.1 permite la suplantación de la barra de direcciones en determinadas redirecciones de JavaScript. Un atacante puede hacer que el contenido web malicioso se muestre como si se tratara de ... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00025.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2018-20662 – poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
https://notcve.org/view.php?id=CVE-2018-20662
03 Jan 2019 — In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. En la versión 0.72.0 de Poppler, PDFDoc::setup en PDFDoc.cc permite a los atacantes remotos provocar una denegación de servicio (cierre inesperado de la aplicación provocado por un SIGABRT en Object.h debido a un va... • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2019-3500 – Ubuntu Security Notice USN-3965-1
https://notcve.org/view.php?id=CVE-2019-3500
02 Jan 2019 — aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. aria2c en la versión 1.33.1 de aria2, cuando se utiliza --log, puede almacenar un nombre de usuario y contraseña de HTTP Basic Authentication en un archivo, lo que podría permitir a usuarios locales obtener información sensible al leer dicho archivo. Dhiraj Mishra discovered that aria2 incorrectly stored authen... • https://packetstorm.news/files/id/150994 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-20592
https://notcve.org/view.php?id=CVE-2018-20592
30 Dec 2018 — In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc. En Mini-XML (también conocido como mxml) v2.12, hay un uso de memoria previamente liberada en la función mxmlAdd del archivo mxml-node.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo xml manip... • https://github.com/michaelrsweet/mxml/issues/237 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-20593
https://notcve.org/view.php?id=CVE-2018-20593
30 Dec 2018 — In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. En Mini-XML (también conocido como mxml) v2.12, hay un desbordamiento de búfer basado en pila en la función scan_file de mxmldoc.c. • https://github.com/michaelrsweet/mxml/issues/237 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2018-20406 – python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data
https://notcve.org/view.php?id=CVE-2018-20406
23 Dec 2018 — Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2018-20191 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-20191
20 Dec 2018 — hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). hw/rdma/vmw/pvrdma_main.c en QEMU no implementa una operación de lectura (como uar_read por analogía con uar_write), lo que permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL). Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attack... • http://www.openwall.com/lists/oss-security/2018/12/18/1 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2018-1000877 – libarchive: Double free in RAR decoder resulting in a denial of service
https://notcve.org/view.php?id=CVE-2018-1000877
20 Dec 2018 — libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive. libarchive, con el commit con ID 416694915449219d505531b1096384f3237dd6cc y siguientes (desde la v3.1.0) cont... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html • CWE-415: Double Free CWE-416: Use After Free •