CVSS: 8.8EPSS: 35%CPEs: 22EXPL: 1CVE-2018-5146 – Mozilla Firefox libvorbis OGG Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5146
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. Una escritura de memoria fuera de límites mientras se procesaban los datos de audio de Vorbis fue reportada a través de la competición Pwn2Own. Esta vulnerabilidad afecta a las versiones anteriores a la 59.0.1 de Firefox, las versiones anteriores a la 52.7.2 de Firefox ESR y las versiones anteriores a la 52.7 de Thunderbird. An out of bounds write flaw was found in the processing of vorbis audio data. • https://github.com/f01965/CVE-2018-5146 http://www.securityfocus.com/bid/103432 http://www.securitytracker.com/id/1040544 https://access.redhat.com/errata/RHSA-2018:0549 https://access.redhat.com/errata/RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0648 https://access.redhat.com/errata/RHSA-2018:0649 https://access.redhat.com/errata/RHSA-2018:1058 https://bugzilla.mozilla.org/show_bug.cgi?id=1446062 https://lists.debian.org/debian-lts-announce/2018/03/msg • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0CVE-2018-1068 – kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c
https://notcve.org/view.php?id=CVE-2018-1068
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. Se ha encontrado un error en la implementación de la interfaz syscall de 32 bits para puentes de red (bridging) en el kernel de las versiones 4.x de Linux. Esto permitía que un usuario privilegiado escribiese de forma arbitraria en un rango limitado de memoria del kernel. A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. • http://www.securityfocus.com/bid/103459 https://access.redhat.com/errata/RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:4159 https://bugzilla.redhat.com/show_bug.cgi?id=1552048 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2018-5145 – Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07)
https://notcve.org/view.php?id=CVE-2018-5145
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. Se han informado de errores de seguridad de memoria en Firefox ESR 52.6. Estos errores mostraron evidencias de corrupción de memoria y se cree que, con el esfuerzo necesario, se podrían explotar para ejecutar código arbitrario. • http://www.securityfocus.com/bid/103384 http://www.securitytracker.com/id/1040514 https://access.redhat.com/errata/RHSA-2018:0526 https://access.redhat.com/errata/RHSA-2018:0527 https://access.redhat.com/errata/RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0648 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1261175%2C1348955 https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html https:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-7858 – QEMU: cirrus: OOB access when updating VGA display
https://notcve.org/view.php?id=CVE-2018-7858
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. Quick Emulator (también conocido como QEMU), cuando se integra con soporte para Cirrus CLGD 54xx VGA Emulator, permite que usuarios privilegiados locales, invitados del sistema operativo, provoquen una denegación de servicio (acceso fuera de límites y cierre inesperado del proceso QEMU) aprovechando los cálculos de región incorrectos al actualizar la pantalla VGA. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html http://www.openwall.com/lists/oss-security/2018/03/09/1 http://www.securityfocus.com/bid/103350 https://access.redhat.com/errata/RHSA-2018:1369 https://access.redhat.com/errata/RHSA-2018:1416 https://access.redhat.com/errata/RHSA-2018:2162 https://bugzilla.redhat.com/show_bug.cgi?id=1553402 https://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg02174.html https://usn.ubuntu.com/3649-1 ht • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2016-9600 – jasper: JP2 encoder NULL pointer dereference due to uninitialized cmprof_
https://notcve.org/view.php?id=CVE-2016-9600
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. JasPer, en versiones anteriores a la 2.0.10, es vulnerable a una desreferencia de puntero NULL, tal y como se descubrió en la creación descifrada de archivos de imagen JPEG 2000. Un archivo especialmente manipulado podría provocar el cierre inesperado de una aplicación que esté utilizando JasPer. • https://access.redhat.com/errata/RHSA-2017:1208 https://bugzilla.redhat.com/show_bug.cgi?id=1410026 https://usn.ubuntu.com/3693-1 https://access.redhat.com/security/cve/CVE-2016-9600 • CWE-476: NULL Pointer Dereference •