Page 68 of 2118 results (0.015 seconds)

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2018-19115 – keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or possibly arbitrary code execution

https://notcve.org/view.php?id=CVE-2018-19115

keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap. keepalived hasta la versión 2.0.8 tiene un desbordamiento de búfer basado en memoria dinámica (heap) cuando se analizan los códigos de estado HTTP, lo que resulta en una denegación de servicio (DoS) o, posiblemente, en otro impacto indeterminado, debido a que extract_status_code en lib/html.c no tiene ninguna validación del código de estado y, en su lugar, escribe una cantidad ilimitada de datos en la memoria dinámica. Heap-based buffer overflow vulnerability in extract_status_code() function in lib/html.c that parses HTTP status code returned from web server allows malicious web server or man-in-the-middle attacker pretending to be a web server to cause either a denial of service or potentially execute arbitrary code on keepalived load balancer. • https://access.redhat.com/errata/RHSA-2019:0022 https://access.redhat.com/errata/RHSA-2019:1792 https://access.redhat.com/errata/RHSA-2019:1945 https://bugzilla.suse.com/show_bug.cgi?id=1015141 https://github.com/acassen/keepalived/pull/961 https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9 https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html https://security.gentoo.org/glsa/201903-01 https://usn.ubuntu.com/3995-1 https:/& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-19108 – exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp

https://notcve.org/view.php?id=CVE-2018-19108

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. En Exiv2 0.26, Exiv2::PsdImage::readMetadata en psdimage.cpp en el lector de imágenes PSD puede sufrir una denegación de servicio (bucle infinito) causada por un desbordamiento de enteros a través de un archivo de imagen PSD manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/426 https://github.com/Exiv2/exiv2/pull/518 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/4056-1 https://access.redhat.com/security/cve/CVE-2018-19108 https://bugzilla.redhat.com/show_bug.cgi?id=16491 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-19107 – exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp

https://notcve.org/view.php?id=CVE-2018-19107

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file. En Exiv2 0.26, Exiv2::IptcParser::decode en iptc.cpp (llamado desde psdimage.cpp en el lector de imágenes PSD) puede sufrir una denegación de servicio (sobrelectura de búfer basada en memoria dinámica) causada por un desbordamiento de enteros a través de un archivo de imagen PSD manipulado. • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/427 https://github.com/Exiv2/exiv2/pull/518 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/4056-1 https://access.redhat.com/security/cve/CVE-2018-19107 https://bugzilla.redhat.com/show_bug.cgi?id=1649094 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1

CVE-2018-19058 – poppler: reachable abort in Object.h

https://notcve.org/view.php?id=CVE-2018-19058

An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. Se ha descubierto un problema en Poppler 0.71.0. Hay un aborto alcanzable en Object.h, que conducirá a una denegación de servicio (DoS) debido a que EmbFile::save2 en FileSpec.cc carece de una comprobación de flujo antes de guardar un archivo embebido. • https://access.redhat.com/errata/RHSA-2019:2022 https://gitlab.freedesktop.org/poppler/poppler/issues/659 https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://usn.ubuntu.com/3837-1 https://access.redhat.com/security/cve/CVE-2018-19058 https://bugzilla.redhat.com/show_bug.cgi?id=1649435 • CWE-400: Uncontrolled Resource Consumption CWE-670: Always-Incorrect Control Flow Implementation •

CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-16396 – ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives

https://notcve.org/view.php?id=CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats. Se ha descubierto un problema en Ruby, en versiones anteriores a la 2.3.8, versiones 2.4.x anteriores a la 2.4.5, versiones 2.5.x anteriores a la 2.5.2 y versiones 2.6.x anteriores a la 2.6.0-preview3. No contamina las cadenas que resultan de desempaquetar cadenas contaminadas con algunos formatos. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securitytracker.com/id/1042106 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://hackerone.com/reports/385070 https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html https://security.netapp.com/advisory/ntap-20190221-0002 https://usn • CWE-20: Improper Input Validation •