CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-18495
https://notcve.org/view.php?id=CVE-2018-18495
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64. Se pueden cargar los scripts del contenido de WebExtensions en páginas about:, en algunas circunstancias, en violación de los permisos otorgados a las extensiones. Esto podría permitir a una extensión interferir con la carga y el uso de estas páginas y utilizar capacidades que deberían estar restringidas para extensiones. • http://www.securityfocus.com/bid/106167 https://bugzilla.mozilla.org/show_bug.cgi?id=1427585 https://usn.ubuntu.com/3844-1 https://www.mozilla.org/security/advisories/mfsa2018-29 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 2CVE-2018-12406
https://notcve.org/view.php?id=CVE-2018-12406
Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron problemas de seguridad existentes en Firefox 63. Algunos de estos errores mostraban evidencias de corrupción de memoria y se cree que, con el esfuerzo necesario, se podrían explotar para ejecutar código arbitrario. • http://www.securityfocus.com/bid/106167 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129 https://usn.ubuntu.com/3844-1 https://www.mozilla.org/security/advisories/mfsa2018-29 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12402
https://notcve.org/view.php?id=CVE-2018-12402
The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63. • http://www.securityfocus.com/bid/105721 http://www.securitytracker.com/id/1041944 https://bugzilla.mozilla.org/show_bug.cgi?id=1447087 https://bugzilla.mozilla.org/show_bug.cgi?id=1469916 https://usn.ubuntu.com/3801-1 https://www.mozilla.org/security/advisories/mfsa2018-26 • CWE-346: Origin Validation Error •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-3824
https://notcve.org/view.php?id=CVE-2019-3824
A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. Se ha detectado un fallo en la manera en la que una expresión de búsqueda LDAP podría provocar el cierre inesperado del proceso del servidor LDAP de un AD DC de samba en samba en versiones anteriores a la 4.10. Un usuario autenticado con permisos de lectura en el servidor LDAP podría aprovechar este fallo para provocar una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00035.html http://www.securityfocus.com/bid/107347 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3824 https://bugzilla.samba.org/show_bug.cgi?id=13773 https://lists.debian.org/debian-lts-announce/2019/03/msg00000.html https://security.netapp.com/advisory/ntap-20190226-0001 https://usn.ubuntu.com/3895-1 https://www.debian.org/security/2019/dsa-4397 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-9210 – advancecomp: integer overflow in png_compress in pngex.cc
https://notcve.org/view.php?id=CVE-2019-9210
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.) En la versión 2.1 de AdvanceCOMP, png_compress en pngex.cc en advpng tiene un desbordamiento de enteros, al encontrarse con un tamaño de PNG inválido, lo que conduce a que un memcpy intente escribirse en un búfer que es demasiado pequeño. (Hay, también, una sobrelectura de búfer basada en memoria dinámica o heap). • https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4 https://sourceforge.net/p/advancemame/bugs/277 https://usn.ubuntu.com/3936-1 https://usn.ubuntu.com/3936-2 https://access.redhat.com/security/cve/CVE-2019-9210 https://bugzilla.redhat.com/show_bug.cgi?id=1684596 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •