CVSS: 5.3EPSS: 0%CPEs: 25EXPL: 5CVE-2019-11038 – Uninitialized read in gdImageCreateFromXbm
https://notcve.org/view.php?id=CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. Cuando se usa la función gdImageCreateFromXbm () en la Biblioteca de gráficos GD (también conocida como LibGD) 2.2.5, como se usa en la extensión PHP GD en las versiones de PHP 7.1.x debajo de 7.1.30, 7.2.x debajo de 7.2.19 y 7.3.x debajo 7.3.6, es posible suministrar datos que harán que la función use el valor de la variable no inicializada. Esto puede llevar a revelar el contenido de la pila que ha quedado allí por código anterior. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821 https://bugs.php.net/bug.php?id=77973 https://bugzilla.redhat.com/show_bug.cgi?id=1724149 https://bugzilla.redhat.com/show_bug.cgi?id=1724432 https://bugzilla.suse.com/show_bug.cgi? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2019-3474 – Path traversal vulnerability in Filr web application
https://notcve.org/view.php?id=CVE-2019-3474
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. Una vulnerabilidad de salto de directorio en el componente de aplicación web de Micro Focus Filr, en versiones 3.x, permite que un atacante remoto autenticado como usuario con pocos privilegios descargue archivos arbitrarios del servidor Filr. Esta vulnerabilidad afecta a todas las versiones 3.x de Filr anteriores al Security Update 6. Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/46450 https://download.novell.com/Download?buildid=nZUCSDkvpxk~ https://support.microfocus.com/kb/doc.php?id=7023726 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2019-3475 – Local privilege escalation in Filr famtd
https://notcve.org/view.php?id=CVE-2019-3475
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. Una vulnerabilidad de escalado de privilegios local en el componente famtd de Micro Focus Filr 3.0 permite que un atacante local autenticado como usuario con bajos privilegios escale a root. Esta vulnerabilidad afecta a todas las versiones 3.x de Filr anteriores al Security Update 6. Micro Focus Filr version 3.4.0.217 suffers from privilege escalation and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/46450 https://download.novell.com/Download?buildid=nZUCSDkvpxk~ https://support.microfocus.com/kb/doc.php?id=7023727 • CWE-264: Permissions, Privileges, and Access Controls CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2CVE-2018-19655
https://notcve.org/view.php?id=CVE-2018-19655
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file. Un desbordamiento de búfer basado en pila en la función find_green() de dcraw hasta la versión 9.28, tal y como se emplea en ufraw-batch y muchos otros productos, podría permitir que un atacante remoto provoque el secuestro de un flujo de control, denegación de servicio (DoS) u otro tipo de impacto sin especificar mediante un archivo de fotografía RAW maliciosamente manipulado. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3JX4A5F4DWP6NOEULXQXZ5AIH4GA62U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RD65NMWZ5OQNUIF7CLGKLDG4LVPPMJY7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XK4SHVVIZT6FHJVHOQSAFJMQWDLMWKDE • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-19541
https://notcve.org/view.php?id=CVE-2018-19541
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c. Se ha descubierto un problema en JasPer versiones 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.10, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16. Existe un desbordamiento de búfer basado en memoria dinámica (heap) del tamaño 8 en la función jas_image_depalettize in libjasper/base/jas_image.c. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00025.html https://github.com/mdadams/jasper/issues/182 https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html https://www.oracle.com/security-alerts/cpuapr2020.html • CWE-125: Out-of-bounds Read •