CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-1114 – undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service
https://notcve.org/view.php?id=CVE-2018-1114
04 Sep 2018 — It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak. Se ha detectado que URLResource.getLastModified() en Undertow cierra los descriptores de archivo solo cuando están finalizados, lo que puede provocar el agotamiento de dichos descriptores. Esto conduce a una fuga del manejador de archivos. Red Hat OpenShift Application Runtimes provides an application platform tha... • https://access.redhat.com/errata/RHSA-2018:2643 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2018-10904 – glusterfs: Unsanitized file names in debug/io-stats translator can allow remote attackers to execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-10904
04 Sep 2018 — It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. Se ha detectado que el servidor glusterfs no sanea correctamente las rutas de archivo en el atributo extendido "trusted.io-stats-dump", empleado po... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2018-10907 – glusterfs: Stack-based buffer overflow in server-rpc-fops.c allows remote attackers to execute arbitrary code
https://notcve.org/view.php?id=CVE-2018-10907
04 Sep 2018 — It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. Se ha detectado que el servidor glusterfs es vulnerable a múltiples desbordamientos de búfer basados en pila debido a que las funciones en server-rpc-fopc.c asign... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2018-10929 – glusterfs: Arbitrary file creation on storage server allows for execution of arbitrary code
https://notcve.org/view.php?id=CVE-2018-10929
04 Sep 2018 — A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. Se ha detectado un error en las peticiones RPC que emplean gfs2_create_req en el servidor glusterfs. Un atacante autenticado podría emplear este error para crear archivos arbitrarios y ejecutar código arbitrario en un nodo del servidor glusterfs. The redhat-virtualization-host packages provide the Red Hat Virt... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 1%CPEs: 8EXPL: 0CVE-2018-10927 – glusterfs: File status information leak and denial of service
https://notcve.org/view.php?id=CVE-2018-10927
04 Sep 2018 — A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. Se ha detectado un error en las peticiones RPC que emplean gfs3_lookup_req en el servidor glusterfs. Un atacante autenticado podría emplear este error para filtrar información y ejecutar una denegación de servicio (DoS) remota provocando el cierre inesperado del proceso brick de gluster. The redhat... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 0CVE-2018-10928 – glusterfs: Improper resolution of symlinks allows for privilege escalation
https://notcve.org/view.php?id=CVE-2018-10928
04 Sep 2018 — A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. Se ha detectado un error en las peticiones RPC que emplean gfs3_symlink_req en el servidor glusterfs, lo que permite que los destinos symlink señalen a rutas de archivo fuera del volumen g... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 4%CPEs: 12EXPL: 0CVE-2018-10911 – glusterfs: Improper deserialization in dict.c:dict_unserialize() can allow attackers to read arbitrary memory
https://notcve.org/view.php?id=CVE-2018-10911
04 Sep 2018 — A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. Se ha detectado un error en la forma en la que la función dic_unserialize en glusterfs no gestiona los valores de longitud de clave negativos. Un atacante podría utilizar este error para leer la memoria de otras ubicaciones en el valor dict almacenado. A flaw was found in dict.c:dict_unserialize function ... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2018-10873 – spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service
https://notcve.org/view.php?id=CVE-2018-10873
17 Aug 2018 — A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts. Se ha descubierto una vulnerabilidad en SPICE en versiones anteriores a la 0.14.1 en la que el código generado utilizado para deserializar mensajes carecía de comprobaciones de límites suficientes... • http://www.securityfocus.com/bid/105152 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 7%CPEs: 12EXPL: 0CVE-2018-10858 – samba: Insufficient input validation in libsmbclient
https://notcve.org/view.php?id=CVE-2018-10858
14 Aug 2018 — A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. Se ha descubierto un desbordamiento de búfer en la manera en la que los clientes de samba procesaban nombres de archivo excesivamente largos en un listado de directorios. Un servidor samba malicioso podría utilizar este defecto para provoca... • http://www.securityfocus.com/bid/105085 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-10875 – ansible: ansible.cfg is being read from current working directory allowing possible code execution
https://notcve.org/view.php?id=CVE-2018-10875
10 Jul 2018 — A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. Se ha encontrado un error en ansible. ansible.cfg se lee desde el directorio de trabajo actual, que puede alterarse para hacer que señale a un plugin o una ruta de módulo bajo el control de un atacante, permitiendo que el atacante ejecute código arbitrario. It was found th... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html • CWE-426: Untrusted Search Path •