CVSS: 4.3EPSS: 0%CPEs: 17EXPL: 0CVE-2018-12374 – thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field
https://notcve.org/view.php?id=CVE-2018-12374
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. El texto plano de los emails descifrados puede ser filtrado por usuarios que envían un formulario embebido al presionar la tecla enter en un campo de introducción de texto. La vulnerabilidad afecta a Thunderbird en versiones anteriores a la 52.9. • http://www.securityfocus.com/bid/104613 https://access.redhat.com/errata/RHSA-2018:2251 https://access.redhat.com/errata/RHSA-2018:2252 https://bugzilla.mozilla.org/show_bug.cgi?id=1462910 https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html https://security.gentoo.org/glsa/201811-13 https://usn.ubuntu.com/3714-1 https://www.debian.org/security/2018/dsa-4244 https://www.mozilla.org/security/advisories/mfsa2018-18 https://access.redhat.com/security/cve/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-356: Product UI does not Warn User of Unsafe Actions •
CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 2CVE-2018-3760 – rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files
https://notcve.org/view.php?id=CVE-2018-3760
There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. Existe una vulnerabilidad de fuga de información en Sprockets. • https://github.com/mpgn/CVE-2018-3760 https://github.com/cyberharsh/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760- https://access.redhat.com/errata/RHSA-2018:2244 https://access.redhat.com/errata/RHSA-2018:2245 https://access.redhat.com/errata/RHSA-2018:2561 https://access.redhat.com/errata/RHSA-2018:2745 https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sproc • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0CVE-2018-1333 – DoS for HTTP/2 connections by crafted requests
https://notcve.org/view.php?id=CVE-2018-1333
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33). Al manipular especialmente las peticiones HTTP/2, los trabajadores se asignarían 60 segundos más de los necesarios, lo que conduce a un agotamiento de los trabajadores y a una denegación de servicio (DoS). Esto se ha solucionado en Apache HTTP Server 2.4.34 (2.4.18 - 2.4.30, 2.4.33 afectadas). • http://www.securitytracker.com/id/1041402 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0367 https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333 https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E https://lists.apache.o • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.6EPSS: 0%CPEs: 481EXPL: 0CVE-2018-3665 – Kernel: FPU state information leakage via lazy FPU restore
https://notcve.org/view.php?id=CVE-2018-3665
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. El software de sistema que emplea la técnica de restauración de estado Lazy FP en los sistemas que emplean microprocesadores de Intel Core podrían permitir que un proceso local infiera datos de otro proceso mediante un canal lateral de ejecución especulativa. A Floating Point Unit (FPU) state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker could use this flaw to read FPU state bits by conducting targeted cache side-channel attacks, similar to the Meltdown vulnerability disclosed earlier this year. • http://www.securityfocus.com/bid/104460 http://www.securitytracker.com/id/1041124 http://www.securitytracker.com/id/1041125 https://access.redhat.com/errata/RHSA-2018:1852 https://access.redhat.com/errata/RHSA-2018:1944 https://access.redhat.com/errata/RHSA-2018:2164 https://access.redhat.com/errata/RHSA-2018:2165 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2018-1000180 – bouncycastle: flaw in the low-level interface to RSA key pair generator
https://notcve.org/view.php?id=CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 y anteriores tiene un vulnerabilidad en la interfaz de bajo nivel del generador de claves RSA; específicamente, los pares de claves RSA generados en la API de bajo nivel con un valor certainty añadido pueden tener menos tests M-R de lo esperado. Parece que se ha resuelto en versiones BC 1.60 beta 4 y posteriores y BC-FJA 1.0.2 y posteriores. A vulnerability was found in BouncyCastle. • http://www.securityfocus.com/bid/106567 https://access.redhat.com/errata/RHSA-2018:2423 https://access.redhat.com/errata/RHSA-2018:2424 https://access.redhat.com/errata/RHSA-2018:2425 https://access.redhat.com/errata/RHSA-2018:2428 https://access.redhat.com/errata/RHSA-2018:2643 https://access.redhat.com/errata/RHSA-2018:2669 https://access.redhat.com/errata/RHSA-2019:0877 https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad https://github.com/bcgit/ • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •