CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-12975 – imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c
https://notcve.org/view.php?id=CVE-2019-12975
26 Jun 2019 — ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ImageMagick versión 7.0.8-34 tiene una vulnerabilidad de pérdida de memoria en la función WriteDPXImage en coders/dpx.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them cras... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 6%CPEs: 25EXPL: 5CVE-2019-11038 – Uninitialized read in gdImageCreateFromXbm
https://notcve.org/view.php?id=CVE-2019-11038
18 Jun 2019 — When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. Cuando se usa la función gdImageCreateFromXbm () en la Biblioteca de gráficos GD (también conocida como LibGD) 2.... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 2CVE-2019-12387 – python-twisted: Improper neutralization of CRLF characters in URIs and HTTP methods
https://notcve.org/view.php?id=CVE-2019-12387
10 Jun 2019 — In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. En las versiones anteriores a 19.2.1. de Twisted, twisted.web no validó ni saneó los URIs o los métodos HTTP, permitiendo que un atacante inyecte caracteres no válidos tales como CRLF. it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possib... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 1CVE-2019-5827 – sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces
https://notcve.org/view.php?id=CVE-2019-5827
16 May 2019 — Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento de enteros en SQLite a través de WebSQL en Google Chrome antes de 74.0.3729.131 permitió que un atacante remoto pudiera explotar la corrupción del heap a través de una página HTML diseñada. Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabil... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 7%CPEs: 6EXPL: 1CVE-2019-5018 – sqlite: Use-after-free in window function leading to remote code execution
https://notcve.org/view.php?id=CVE-2019-5018
10 May 2019 — An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability. Existe una vulnerabilidad de uso de memoria previamente liberada en la función de ventana de Sqlite3 3.26.0. Un comando SQL especialmente diseñado puede causar un uso de memoria previamente liberada, resulta... • http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2019-3843 – systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process
https://notcve.org/view.php?id=CVE-2019-3843
26 Apr 2019 — It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled. Se descubrió que un servicio systemd que utiliza la propiedad DynamicUser puede crear un binario SUID/SGID que podría ejecutarse como servicio transito... • https://www.exploit-db.com/exploits/46760 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2019-3844 – systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process
https://notcve.org/view.php?id=CVE-2019-3844
25 Apr 2019 — It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled. Se ha descubierto una vulnerabilidad en el servicio systemd que utilice la propiedad DynamicUser pudiendo obtener nuevos pr... • https://packetstorm.news/files/id/152635 • CWE-268: Privilege Chaining •
CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 0CVE-2019-11338 – Debian Security Advisory 4449-1
https://notcve.org/view.php?id=CVE-2019-11338
18 Apr 2019 — libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. libavcodec/hevcdec.c en FFmpeg versión 3.4 y versión 4.1.2 maneja de forma incorrecta la detección de los primeros cortes duplicados, lo que permite a los atacantes remotos causar una denegación de servicio (desreferencia de puntero NULL y acce... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 41EXPL: 0CVE-2019-2602 – OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936)
https://notcve.org/view.php?id=CVE-2019-2602
17 Apr 2019 — Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE... • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 9%CPEs: 10EXPL: 2CVE-2019-9169 – glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
https://notcve.org/view.php?id=CVE-2019-9169
26 Feb 2019 — In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. En la biblioteca GNU C (también conocida como glibc o libc6), hasta la versión 2.29, proceed_next_node en posix/regexec.c tiene una sobrelectura de búfer basada en memoria dinámica (heap) mediante un intento de coincidencia de expresiones regulares que no distinguen entre mayúsculas y minúsculas. Red Hat Advanced Cluster Ma... • http://www.securityfocus.com/bid/107160 • CWE-125: Out-of-bounds Read •