CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2018-5750 – kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass
https://notcve.org/view.php?id=CVE-2018-5750
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. La función acpi_smbus_hc_add en drivers/acpi/sbshc.c en el kernel de Linux hastas la versión 4.14.15 permite que usuarios locales obtengan información sensible de direcciones leyendo datos dmesg de una llamada SBS HC printk. The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call. • http://www.securitytracker.com/id/1040319 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:2948 https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html https://patchwork.kernel.org/patch/10174835 https://usn.ubuntu.com/3631-1 https://usn.ubuntu.com/3631-2 https://usn.ubuntu.com/3697-1 https://usn.ubuntu.com/3697-2 https://usn.ubuntu.com/3698-1 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-15132
https://notcve.org/view.php?id=CVE-2017-15132
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to memory exhaustion. Se ha detectado un fallo en dovecot desde la versión 2.0 hasta la 2.2.33 y 2.3.0. El aborto de una autenticación SASL resulta en una fuga de memoria en el cliente de autenticación de dovecot utilizado por los procesos de inicio de sesión. • https://bugzilla.redhat.com/show_bug.cgi?id=1532768 https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch https://lists.debian.org/debian-lts-announce/2018/03/msg00036.html https://usn.ubuntu.com/3556-1 https://usn.ubuntu.com/3556-2 https://www.debian.org/security/2018/dsa-4130 https://www.dovecot.org/list/dovecot-news/2018-February/000370.html • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6197
https://notcve.org/view.php?id=CVE-2018-6197
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. w3m hasta la versión 0.5.3 es propenso a un error de desreferencia de puntero NULL en formUpdateBuffer en form.c. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html http://www.securityfocus.com/bid/102846 https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8 https://github.com/tats/w3m/issues/89 https://lists.debian.org/debian-lts-announce/2020/04/msg00025.html https://usn.ubuntu.com/3555-1 https://usn.ubuntu.com/3555-2 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-6196
https://notcve.org/view.php?id=CVE-2018-6196
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. w3m hasta la versión 0.5.3 es propenso a un error de recursión infinita en HTMLlineproc0 debido a que la función feed_table_block_tag en table.c no evita un valor negativo de sangría. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html https://github.com/tats/w3m/commit/8354763b90490d4105695df52674d0fcef823e92 https://github.com/tats/w3m/issues/88 https://lists.debian.org/debian-lts-announce/2020/04/msg00025.html https://usn.ubuntu.com/3555-1 https://usn.ubuntu.com/3555-2 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6198
https://notcve.org/view.php?id=CVE-2018-6198
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. w3m hasta la versión 0.5.3 no gestiona correctamente los archivos temporales cuando no se puede escribir en el directorio ~/.w3m, lo que permite que un atacante local cree un ataque symlink para sobrescribir archivos arbitrarios. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html http://www.securityfocus.com/bid/102855 https://bugs.debian.org/888097 https://github.com/tats/w3m/commit/18dcbadf2771cdb0c18509b14e4e73505b242753 https://salsa.debian.org/debian/w3m/commit/18dcbadf2771cdb0c18509b14e4e73505b242753 https://usn.ubuntu.com/3555-1 https://usn.ubuntu.com/3555-2 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •