CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 2CVE-2018-20545
https://notcve.org/view.php?id=CVE-2018-20545
28 Dec 2018 — There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. Hay un acceso de ESCRITURA de memoria ilegal en common-image.c (en la función load_image) en los datos 4bpp de la versión 0.99.beta19 de libcaca. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2018-20546
https://notcve.org/view.php?id=CVE-2018-20546
28 Dec 2018 — There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. Hay un acceso de LECTURA ilegal en la memoria en caca/dither.c (función get_rgba_default) en libcaca 0.99.beta19 para el caso bpp por defecto. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 1CVE-2018-20547
https://notcve.org/view.php?id=CVE-2018-20547
28 Dec 2018 — There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. Hay un acceso de LECTURA ilegal en la memoria en caca/dither.c (función get_rgba_default) en libcaca 0.99.beta19 para los datos 24bpp. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-20548 – Ubuntu Security Notice USN-3860-1
https://notcve.org/view.php?id=CVE-2018-20548
28 Dec 2018 — There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. Hay un acceso de ESCRITURA ilegal en la memoria en common-image.c (función load_image) en libcaca 0.99.beta19 para los datos 1bpp. It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that libcaca incorrectly handled certain images. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2018-20549
https://notcve.org/view.php?id=CVE-2018-20549
28 Dec 2018 — There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. Hay un acceso de ESCRITURA ilegal en la memoria en caca/file.c (función caca_file_read) en libcaca 0.99.beta19. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00033.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-20481 – poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc
https://notcve.org/view.php?id=CVE-2018-20481
26 Dec 2018 — XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc. XRef::getEntry en XRef.cc en Poppler 0.72.0 gestiona de manera incorrecta las entradas XRef no asignadas, lo que permite que los atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL) mediante un documen... • http://www.securityfocus.com/bid/106321 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-20124 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-20124
20 Dec 2018 — hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. hw/rdma/rdma_backend.c en QEMU permite que los usuarios invitados del sistema operativo desencadenen un acceso fuera de límites mediante un elemento de anillo PvrdmaSqWqe con un valor num_sge grande. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read or write arbitrary fi... • http://www.openwall.com/lists/oss-security/2018/12/18/2 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2018-20191 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-20191
20 Dec 2018 — hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). hw/rdma/vmw/pvrdma_main.c en QEMU no implementa una operación de lectura (como uar_read por analogía con uar_write), lo que permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL). Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attack... • http://www.openwall.com/lists/oss-security/2018/12/18/1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2018-20125
https://notcve.org/view.php?id=CVE-2018-20125
20 Dec 2018 — hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. hw/rdma/vmw/pvrdma_cmd.c en QEMU permite que los atacantes provoquen una denegación de servicio (desreferencia de puntero NULL o asignación de memoria excesiva) en create_cq_ring o create_qp_rings. • http://www.openwall.com/lists/oss-security/2018/12/19/3 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-20126 – Ubuntu Security Notice USN-3923-1
https://notcve.org/view.php?id=CVE-2018-20126
20 Dec 2018 — hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. hw/rdma/vmw/pvrdma_cmd.c en QEMU permite filtrados de memoria en create_cq y create_qp debido a la gestión incorrecta de los errores. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html • CWE-772: Missing Release of Resource after Effective Lifetime •