CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1CVE-2018-19058 – poppler: reachable abort in Object.h
https://notcve.org/view.php?id=CVE-2018-19058
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. Se ha descubierto un problema en Poppler 0.71.0. Hay un aborto alcanzable en Object.h, que conducirá a una denegación de servicio (DoS) debido a que EmbFile::save2 en FileSpec.cc carece de una comprobación de flujo antes de guardar un archivo embebido. • https://access.redhat.com/errata/RHSA-2019:2022 https://gitlab.freedesktop.org/poppler/poppler/issues/659 https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://usn.ubuntu.com/3837-1 https://access.redhat.com/security/cve/CVE-2018-19058 https://bugzilla.redhat.com/show_bug.cgi?id=1649435 • CWE-400: Uncontrolled Resource Consumption CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 2CVE-2018-5407 – Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
https://notcve.org/view.php?id=CVE-2018-5407
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. SMT (Simultaneous Multi-threading) en los procesadores puede habilitar que usuarios locales exploten software vulnerable a ataques de sincronización mediante un ataques de sincronización de canal lateral en la "contención de puertos". A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. • https://www.exploit-db.com/exploits/45785 http://www.securityfocus.com/bid/105897 https://access.redhat.com/errata/RHSA-2019:0483 https://access.redhat.com/errata/RHSA-2019:0651 https://access.redhat.com/errata/RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:3929 https://access.redhat.com/errata/RHSA-2019:3931 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 1CVE-2018-18897 – poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc
https://notcve.org/view.php?id=CVE-2018-18897
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. Se ha descubierto un problema en Poppler 0.71.0. Hay una fuga de memoria en GfxColorSpace::setDisplayProfile in GfxState.cc, tal y como queda demostrado con pdftocairo. • https://access.redhat.com/errata/RHSA-2019:2022 https://access.redhat.com/errata/RHSA-2019:2713 https://gitlab.freedesktop.org/poppler/poppler/issues/654 https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://usn.ubuntu.com/4042-1 https://access.redhat.com/security/cve/CVE-2018-18897 https://bugzilla.redhat.com/show_bug.cgi?id=1646546 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-15688 – Out-of-Bounds write in systemd-networkd dhcpv6 option handling
https://notcve.org/view.php?id=CVE-2018-15688
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. Una vulnerabilidad de desbordamiento de búfer en el cliente dhcp6 de systemd permite que un servidor dhcp6 malicioso sobrescriba memoria dinámica (heap) en systemd-networkd. Las versiones afectadas de systemd son todas hasta la 239 incluida. It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. • http://www.securityfocus.com/bid/105745 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3665 https://access.redhat.com/errata/RHSA-2019:0049 https://github.com/systemd/systemd/pull/10518 https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html https://security.gentoo.org/glsa/201810-10 https://usn.ubuntu.com/3806-1 https://usn.ubuntu.com/3807-1 https://access.redhat.com/security/cve/CVE-2018-15688 https:/&#x • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.2EPSS: 4%CPEs: 11EXPL: 11CVE-2018-14665 – Xorg X11 Server (AIX) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-14665
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. Se ha descubierto un problema en versiones anteriores a la 1.20.3 de xorg-x11-server. Hay una comprobación incorrecta de permisos para las opciones -modulepath y -logfile al iniciar Xorg. • https://www.exploit-db.com/exploits/45938 https://www.exploit-db.com/exploits/45832 https://www.exploit-db.com/exploits/45922 https://www.exploit-db.com/exploits/45908 https://www.exploit-db.com/exploits/45697 https://www.exploit-db.com/exploits/45742 https://www.exploit-db.com/exploits/46142 https://www.exploit-db.com/exploits/47701 https://github.com/jas502n/CVE-2018-14665 https://github.com/bolonobolo/CVE-2018-14665 http://packetstormsecurity.com/files/154942/ • CWE-271: Privilege Dropping / Lowering Errors CWE-863: Incorrect Authorization •