CVSS: 7.5EPSS: 16%CPEs: 12EXPL: 0CVE-2018-16227 – tcpdump: Buffer over-read in print-802_11.c
https://notcve.org/view.php?id=CVE-2018-16227
01 Oct 2019 — The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. El analizador IEEE 802.11 en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en el archivo print-802_11.c para el subcampo Mesh Flags. An out-of-bounds read vulnerability was discovered in tcpdump while printing IEEE 802.11 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0CVE-2018-16229 – tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c
https://notcve.org/view.php?id=CVE-2018-16229
01 Oct 2019 — The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). El analizador DCCP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-dccp.c:dccp_print_option(). An out-of-bounds read vulnerability was discovered in tcpdump while printing DCCP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the a... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16230 – tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c
https://notcve.org/view.php?id=CVE-2018-16230
01 Oct 2019 — The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). El analizador BGP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applic... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16451 – tcpdump: Buffer over-read in print_trans() function in print-smb.c
https://notcve.org/view.php?id=CVE-2018-16451
01 Oct 2019 — The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta lecturas excesivas del búfer en print-smb.c:print_trans() para \MAILSLOT\BROWSE y \PIPE\LANMAN. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade pers... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2019-15166 – lmp_print in tcpdump lacks certain boundary checks
https://notcve.org/view.php?id=CVE-2019-15166
01 Oct 2019 — lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. La función lmp_print_data_link_subobjs() en el archivo print-lmp.c en tcpdump versiones anteriores a 4.9.3, carece de ciertas comprobaciones de límites. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications r... • https://github.com/Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 11%CPEs: 14EXPL: 0CVE-2019-16276 – golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling
https://notcve.org/view.php?id=CVE-2019-16276
29 Sep 2019 — Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Go versiones anteriores a 1.12.10 y versiones 1.13.x anteriores a 1.13.1, permitir el Trafico No Autorizado de Peticiones HTTP. It was discovered that net/http (through net/textproto) in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server implemented in Go or to filter by... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 2%CPEs: 11EXPL: 1CVE-2019-16869 – netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers
https://notcve.org/view.php?id=CVE-2019-16869
26 Sep 2019 — Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. Netty versiones anteriores a 4.1.42.Final, maneja inapropiadamente los espacios en blanco antes de los dos puntos en los encabezados HTTP (tal y como una línea "Transfer-Encoding : chunked"), lo que conlleva al tráfico no autorizado de peticiones HTTP. A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled.... • https://access.redhat.com/errata/RHSA-2019:3892 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.1EPSS: 5%CPEs: 5EXPL: 3CVE-2017-18635 – novnc: XSS vulnerability via the messages propagated to the status field
https://notcve.org/view.php?id=CVE-2017-18635
25 Sep 2019 — An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. Se detectó una vulnerabilidad de tipo XSS en noVNC versiones anteriores a 0.6.2, en la que el servidor remoto VNC podía inyectar HTML arbitrario en la página web de noVNC por medio de los mensajes propagados hacia el campo status, tales como el nombre del servidor VNC. An XSS vulnerability wa... • https://github.com/ShielderSec/CVE-2017-18635 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 1%CPEs: 7EXPL: 1CVE-2019-16680 – file-roller: path traversal vulnerability via a specially crafted filename contained in malicious archive
https://notcve.org/view.php?id=CVE-2019-16680
21 Sep 2019 — An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction. Se detectó un problema en GNOME file-roller versiones anteriores a 3.29.91. Permite un único salto de ruta (path) ./../ por medio de un nombre de archivo contenido en un archivo TAR, posiblemente sobrescribiendo un archivo durante la extracción. A path traversal vulnerability was discovered in the file-roller (Archive M... • https://bugzilla.gnome.org/show_bug.cgi?id=794337 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 60EXPL: 0CVE-2019-14821 – Kernel: KVM: OOB memory access via mmio ring buffer
https://notcve.org/view.php?id=CVE-2019-14821
19 Sep 2019 — An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potenti... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html • CWE-787: Out-of-bounds Write •