CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16082 – chromium-browser: Stack buffer overflow in SwiftShader
https://notcve.org/view.php?id=CVE-2018-16082
09 Sep 2018 — An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una lectura fuera de límites en Swiftshader en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto pudiese realizar un acceso a la memoria fuera de límites mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.... • http://www.securityfocus.com/bid/105215 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 18%CPEs: 4EXPL: 2CVE-2018-16083 – WebRTC - FEC Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2018-16083
09 Sep 2018 — An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Una lectura fuera de límites en el código de redirección de corrección de errores en WebRTC en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. Chromium is an open-source web browser... • https://packetstorm.news/files/id/149460 • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16084 – chromium-browser: User confirmation bypass in external protocol handling
https://notcve.org/view.php?id=CVE-2018-16084
09 Sep 2018 — The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page. El botón de diálogo seleccionado por defecto en CustomHandlers en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto, que hubiese convencido a un usuario para que realizase ciertas operaciones, abriese programas externos mediante una página HTML manip... • http://www.securityfocus.com/bid/105215 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12376 – Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
https://notcve.org/view.php?id=CVE-2018-12376
08 Sep 2018 — Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Hay errores de seguridad de memoria en Firefox 61 y Firefox ESR 60.1. Algunos de estos errores mostraron evidencias de corrupción de memoria y se entiende que, con el suficiente esfuerzo, algunos de estos p... • http://www.securityfocus.com/bid/105280 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12377 – Mozilla: Use-after-free in driver timers
https://notcve.org/view.php?id=CVE-2018-12377
08 Sep 2018 — A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando se actualizan los temporizadores de los drivers de actualización en algunas circunstancias durante el apagado cuando el temporizado... • http://www.securityfocus.com/bid/105280 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-12378 – Mozilla: Use-after-free in IndexedDB
https://notcve.org/view.php?id=CVE-2018-12378
07 Sep 2018 — A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploitable crash. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada cuando un índice IndexedDB se elimina mientras sigue en uso por parte de código JavaScript que está proporcionando valores de carga útil para q... • http://www.securityfocus.com/bid/105280 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1CVE-2018-12383 – Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
https://notcve.org/view.php?id=CVE-2018-12383
07 Sep 2018 — If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Firefox < 62, Firefox ESR < 60.2.1, and Thunderbird < 60.2.1. • http://www.securityfocus.com/bid/105276 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-522: Insufficiently Protected Credentials •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2018-14618 – curl: NTLM password overflow via integer overflow
https://notcve.org/view.php?id=CVE-2018-14618
05 Sep 2018 — curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length excee... • http://www.securitytracker.com/id/1041605 • CWE-122: Heap-based Buffer Overflow CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 91%CPEs: 14EXPL: 7CVE-2018-16509 – Ghostscript - Failed Restore Command Execution
https://notcve.org/view.php?id=CVE-2018-16509
05 Sep 2018 — An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. Se ha descubierto un problema en versiones anteriores a la 9.24 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" durante el manejo de excepciones /invalidaccess podría ser empleada por atacantes que sean capaces de proporc... • https://packetstorm.news/files/id/149263 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-10904 – glusterfs: Unsanitized file names in debug/io-stats translator can allow remote attackers to execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-10904
04 Sep 2018 — It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. Se ha detectado que el servidor glusterfs no sanea correctamente las rutas de archivo en el atributo extendido "trusted.io-stats-dump", empleado po... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-426: Untrusted Search Path •