CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6249
https://notcve.org/view.php?id=CVE-2018-6249
NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. NVIDIA GPU Display Driver contiene una vulnerabilidad en el controlador de capas del modo kernel, en donde una desreferencia de puntero NULL podría provocar una denegación de servicio o un posible escalado de privilegios. • http://nvidia.custhelp.com/app/answers/detail/a_id/4649 https://usn.ubuntu.com/3662-1 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6253
https://notcve.org/view.php?id=CVE-2018-6253
NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service. NVIDIA GPU Display Driver contiene una vulnerabilidad en los controladores de modo de usuario de DirectX y OpenGL, donde un sombreador de píxeles especialmente creado puede causar una recursión infinita que conlleva a la denegación de servicio. • http://nvidia.custhelp.com/app/answers/detail/a_id/4649 https://usn.ubuntu.com/3662-1 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0522 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1171 – Joyent SmartOS DTrace DOF Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-1171
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.securityfocus.com/bid/104799 http://www.securitytracker.com/id/1041303 https://help.joyent.com/hc/en-us/articles/360000608188 https://zerodayinitiative.com/advisories/ZDI-18-236 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1165 – Joyent SmartOS SMB_IOC_SVCENUM Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-1165
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. • https://help.joyent.com/hc/en-us/articles/360000124928 https://www.oracle.com/security-alerts/cpuapr2020.html https://zerodayinitiative.com/advisories/ZDI-18-158 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-2710
https://notcve.org/view.php?id=CVE-2018-2710
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via ICMP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.5 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102608 http://www.securitytracker.com/id/1040215 •