CVSS: 9.8EPSS: 9%CPEs: 30EXPL: 0CVE-2018-18311 – perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
https://notcve.org/view.php?id=CVE-2018-18311
30 Nov 2018 — Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Perl, en versiones anteriores a la 5.26.3 y versiones 5.28.0.x anteriores a la 5.28.1, tiene un desbordamiento de búfer mediante una expresión regular manipulada que desencadena operaciones inválidas de escritura. Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of se... • http://seclists.org/fulldisclosure/2019/Mar/49 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 11%CPEs: 16EXPL: 1CVE-2018-8786 – freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function
https://notcve.org/view.php?id=CVE-2018-8786
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un truncamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función zgfx_decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota de ... • http://www.securityfocus.com/bid/106938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 9%CPEs: 15EXPL: 1CVE-2018-8787 – freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function
https://notcve.org/view.php?id=CVE-2018-8787
29 Nov 2018 — FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. FreeRDP en versiones anteriores a la 2.0.0-rc4 contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función gdi_Bitmap_Decompress() y que resulta en una corrupción de memoria y, probablemente, incluso en la ejecución remota d... • http://www.securityfocus.com/bid/106938 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2018-14646 – kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() allows for denial of service
https://notcve.org/view.php?id=CVE-2018-14646
26 Nov 2018 — The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the __netlink_ns_capable() function in the net/netlink/af_netlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service. El kernel de Linux en versiones anteriores a la 4.15-rc8 era vulnerable a un error de desreferencia de puntero NULL en la función __netlink_ns_capable() en el archivo net/netlink/af_netlink.c. Un atacante loc... • https://access.redhat.com/errata/RHSA-2018:3651 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 74%CPEs: 15EXPL: 1CVE-2018-19475 – ghostscript: access bypass in psi/zdevice2.c (700153)
https://notcve.org/view.php?id=CVE-2018-19475
23 Nov 2018 — psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. psi/zdevice2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a que el espacio de pila disponible no se comprueba cuando el dispositivo no cambia. The Ghostscript suite contains utilities for rendering PostScript and PDF docum... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3005fcb9bb160af199e761e03bc70a9f249a987e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2018-19476 – ghostscript: access bypass in psi/zicc.c (700169)
https://notcve.org/view.php?id=CVE-2018-19476
23 Nov 2018 — psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. psi/zicc.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo setcolorspace. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code ca... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=67d760ab775dae4efe803b5944b0439aa3c0b04a • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2018-19477 – ghostscript: access bypass in psi/zfjbig2.c (700168)
https://notcve.org/view.php?id=CVE-2018-19477
23 Nov 2018 — psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. psi/zfjbig2.c en Artifex Ghostscript en versiones anteriores a la 9.26 permite a los atacantes remotos omitir las restricciones de acceso planeadas debido a una confusión del tipo JBIG2Decode. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code ... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=ef252e7dc214bcbd9a2539216aab9202848602bb • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2018-19115 – keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or possibly arbitrary code execution
https://notcve.org/view.php?id=CVE-2018-19115
08 Nov 2018 — keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap. keepalived hasta la versión 2.0.8 tiene un desbordamiento de búfer basado en memoria dinámica (heap) cuando se analizan los códigos de estado HTTP, lo que resulta en una denegación de servicio (DoS) o, posiblemente, en otro impact... • https://access.redhat.com/errata/RHSA-2019:0022 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 3CVE-2018-5407 – Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
https://notcve.org/view.php?id=CVE-2018-5407
02 Nov 2018 — Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. SMT (Simultaneous Multi-threading) en los procesadores puede habilitar que usuarios locales exploten software vulnerable a ataques de sincronización mediante un ataques de sincronización de canal lateral en la "contención de puertos". A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An... • https://packetstorm.news/files/id/150138 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-15688 – Out-of-Bounds write in systemd-networkd dhcpv6 option handling
https://notcve.org/view.php?id=CVE-2018-15688
26 Oct 2018 — A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. Una vulnerabilidad de desbordamiento de búfer en el cliente dhcp6 de systemd permite que un servidor dhcp6 malicioso sobrescriba memoria dinámica (heap) en systemd-networkd. Las versiones afectadas de systemd son todas hasta la 239 incluida. It was discovered that systemd-network does not correctly keep t... • http://www.securityfocus.com/bid/105745 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •