CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0CVE-2019-3838 – ghostscript: forceput in DefineResource is still accessible (700576)
https://notcve.org/view.php?id=CVE-2019-3838
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Se ha observado que el operador forceput podía ser extraído del método DefineResource en ghostscript en las versiones anteriores a la 9.27. Un archivo PostScript especialmente manipulado podría explotar este error, por ejemplo, para obtener acceso al sistema de archivos fuera de las restricciones impuestas por -dSAFER. It was found that the forceput operator could be extracted from the DefineResource method. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00018.html http://packetstormsecurity.com/files/152367/Slackware-Security-Advisory-ghostscript-Updates.html https://access.redhat.com/errata/RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:0971 https://bugs.ghostscript.com/show_bug.cgi?id=700576 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3838 https://lists.debian.org/debian-lts-announce/2 • CWE-648: Incorrect Use of Privileged APIs •
CVSS: 9.8EPSS: 1%CPEs: 41EXPL: 0CVE-2019-9636 – python: Information Disclosure due to urlsplit improper NFKC normalization
https://notcve.org/view.php?id=CVE-2019-9636
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securityfocus.com/bid/107400 https://access. • CWE-172: Encoding Error •
CVSS: 5.9EPSS: 1%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html http://www.securityfocus.com/bid/107174 https://access. • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-5782 – chromium-browser: Inappropriate implementation in V8
https://notcve.org/view.php?id=CVE-2019-5782
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Asunciones de optimización incorrectas en Google Chrome, en sus versiones V8 anteriores a la 72.0.3626.81, permitía a un atacante remoto ejecutar código arbitrario dentro de un sandbox mediante una página HTML manipulada. • http://www.securityfocus.com/bid/106767 https://access.redhat.com/errata/RHSA-2019:0309 https://chromereleases.googleblog.com/2019/01/stable-channel-update-for-desktop.html https://crbug.com/906043 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVFHYCJGMZQUKYSIE2BXE4NLEGFGUXU5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQOP53LXXPRGD4N5OBKGQTSMFXT32LF6 https://www.debian.org/security/2019/dsa-4395 https://access.redhat.com&# • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10934 – wildfly-core: Cross-site scripting (XSS) in JBoss Management Console
https://notcve.org/view.php?id=CVE-2018-10934
A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users. Se ha descubierto una vulnerabilidad Cross-Site Scripting (XSS) en JBoss Management Console, en versiones anteriores a la 7.1.6.CR1 y la 7.1.6.GA. Los usuarios con roles que pueden crear objetos en la aplicación pueden explotar esto para atacar a otros usuarios privilegiados. • https://access.redhat.com/errata/RHSA-2019:1159 https://access.redhat.com/errata/RHSA-2019:1160 https://access.redhat.com/errata/RHSA-2019:1161 https://access.redhat.com/errata/RHSA-2019:1162 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10934 https://security.netapp.com/advisory/ntap-20190611-0002 https://access.redhat.com/security/cve/CVE-2018-10934 https://bugzilla.redhat.com/show_bug.cgi?id=1615673 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •