Page 65 of 2048 results (0.009 seconds)

CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0

CVE-2018-18337 – chromium-browser: Use after free in Blink

https://notcve.org/view.php?id=CVE-2018-18337

Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Manejo incorrecto de hojas de estilo que provoca un uso de memoria previamente liberada en Blink en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía a un atacante remoto explotar la corrupción de la memoria dinámica (heap) • http://www.securityfocus.com/bid/106084 https://access.redhat.com/errata/RHSA-2018:3803 https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html https://crbug.com/886753 https://security.gentoo.org/glsa/201908-18 https://www.debian.org/security/2018/dsa-4352 https://access.redhat.com/security/cve/CVE-2018-18337 https://bugzilla.redhat.com/show_bug.cgi?id=1656551 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 97%CPEs: 18EXPL: 4

CVE-2018-15982 – Adobe Flash Player Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2018-15982

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. Flash Player, en versiones 31.0.0.153 y anteriores y en la 31.0.0.108 y anteriores, tiene una vulnerabilidad de uso de memoria previamente liberada. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability • https://www.exploit-db.com/exploits/46051 https://github.com/scanfsec/CVE-2018-15982 https://github.com/FlatL1neAPT/CVE-2018-15982 https://github.com/SyFi/CVE-2018-15982 http://www.securityfocus.com/bid/106116 https://access.redhat.com/errata/RHSA-2018:3795 https://helpx.adobe.com/security/products/flash-player/apsb18-42.html https://access.redhat.com/security/cve/CVE-2018-15982 https://bugzilla.redhat.com/show_bug.cgi?id=1656585 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-9568 – kernel: Memory corruption due to incorrect socket cloning

https://notcve.org/view.php?id=CVE-2018-9568

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. • https://access.redhat.com/errata/RHSA-2019:0512 https://access.redhat.com/errata/RHSA-2019:0514 https://access.redhat.com/errata/RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2736 https://access.redhat.com/errata/RHSA-2019:3967 https://access.redhat.com/errata/RHSA-2019:4056 https://access.redhat.com/errata/RHSA-2019:4159 https://access.redhat.com/errata/RHSA-2019:4164 https://access.redhat.com/errata/RHSA • CWE-122: Heap-based Buffer Overflow CWE-704: Incorrect Type Conversion or Cast •

CVSS: 6.5EPSS: 2%CPEs: 6EXPL: 0

CVE-2018-6116 – chromium-browser: Incorrect low memory handling in WebAssembly

https://notcve.org/view.php?id=CVE-2018-6116

A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una desreferencia nullptr en WebAssembly en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto pudiese realizar un acceso a la memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 https://access.redhat.com/errata/RHSA-2018:1195 https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html https://crbug.com/822266 https://security.gentoo.org/glsa/201804-22 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6116 https://bugzilla.redhat.com/show_bug.cgi?id=1568796 • CWE-476: NULL Pointer Dereference •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-16863 – ghostscript: incomplete fix for CVE-2018-16509

https://notcve.org/view.php?id=CVE-2018-16863

It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. Se ha detectado que RHSA-2018:2918 no ha resuelto por completo CVE-2018-16509. Un atacante podría explotar otra variante del fallo y omitir la protección -dSAFER para, por ejemplo, ejecutar comandos de shell arbitrarios a través de un documento PostScript especialmente diseñado. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=520bb0ea7519 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=5516c614dc33 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=78911a01b67d http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=79cccf641486 https://access.redhat.com/errata/RHSA-2018:3761 https://bugzilla.redhat.com/show_bug.cgi? • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-184: Incomplete List of Disallowed Inputs •