CVSS: 9.8EPSS: 2%CPEs: 18EXPL: 0CVE-2018-18498 – Mozilla: Integer overflow when calculating buffer sizes for images
https://notcve.org/view.php?id=CVE-2018-18498
12 Dec 2018 — A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64. Puede ocurrir una vulnerabilidad potencial que conduce a un desbordamiento de enteros durante los cálculos de tamaño de búfer cuando se emplea un valor bruto en vez del valor comprobado. Esto conduce a una escritura ... • http://www.securityfocus.com/bid/106168 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0CVE-2018-18356 – mozilla: Use after free in Skia
https://notcve.org/view.php?id=CVE-2018-18356
11 Dec 2018 — An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en el manejo de rutas conduce a un uso de memoria previamente liberada en Skia en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. An update that fix... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2018-9568 – kernel: Memory corruption due to incorrect socket cloning
https://notcve.org/view.php?id=CVE-2018-9568
06 Dec 2018 — In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. • https://access.redhat.com/errata/RHSA-2019:0512 • CWE-122: Heap-based Buffer Overflow CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16863 – ghostscript: incomplete fix for CVE-2018-16509
https://notcve.org/view.php?id=CVE-2018-16863
03 Dec 2018 — It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. Se ha detectado que RHSA-2018:2918 no ha resuelto por completo CVE-2018-16509. Un atacante podría explotar otra variante del fallo y omitir la protección -dSAFER para, por ej... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=520bb0ea7519 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 9.8EPSS: 11%CPEs: 30EXPL: 0CVE-2018-18311 – perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
https://notcve.org/view.php?id=CVE-2018-18311
30 Nov 2018 — Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Perl, en versiones anteriores a la 5.26.3 y versiones 5.28.0.x anteriores a la 5.28.1, tiene un desbordamiento de búfer mediante una expresión regular manipulada que desencadena operaciones inválidas de escritura. Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of se... • http://seclists.org/fulldisclosure/2019/Mar/49 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 21%CPEs: 16EXPL: 1CVE-2018-8786 – freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function
https://notcve.org/view.php?id=CVE-2018-8786
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un truncamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de ... • http://www.securityfocus.com/bid/106938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 16%CPEs: 15EXPL: 1CVE-2018-8787 – freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function
https://notcve.org/view.php?id=CVE-2018-8787
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función gdi_Bitmap_Decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota d... • http://www.securityfocus.com/bid/106938 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2018-14646 – kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
https://notcve.org/view.php?id=CVE-2018-14646
26 Nov 2018 — The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. El kernel de Linux en versiones anteriores a la 4.15-rc8 era vulnerable a un error de desreferencia de puntero NULL en la función __netlink_ns_capable() en el archivo net/netlink/af_netlink.c. Un atacante loc... • https://access.redhat.com/errata/RHSA-2018:3651 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 72%CPEs: 15EXPL: 1CVE-2018-19475 – ghostscript: access bypass in psi/zdevice2.c (700153)
https://notcve.org/view.php?id=CVE-2018-19475
23 Nov 2018 — psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. psi/zdevice2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a que el espacio de pila disponible no se comprueba cuando el dispositivo no cambia. The Ghostscript suite contains utilities for rendering PostScript and PDF docum... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2018-19476 – ghostscript: access bypass in psi/zicc.c (700169)
https://notcve.org/view.php?id=CVE-2018-19476
23 Nov 2018 — psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. psi/zicc.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo setcolorspace. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code ca... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=67d760ab775dae4efe803b5944b0439aa3c0b04a • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •