CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-10360 – file: out-of-bounds read via a crafted ELF file
https://notcve.org/view.php?id=CVE-2018-10360
11 Jun 2018 — The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. La función do_core_note en readelf.c en libmagic.a en file 5.33 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites y cierre inesperado de la aplicación) utilizando un archivo ELF manipulado. Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attack... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12085 – liblouis: Stack-based buffer overflow in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-12085
09 Jun 2018 — Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Liblouis 3.6.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. Esta vulnerabilidad es diferente de CVE-2018-11440. Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracte... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11685 – liblouis: Stack-based buffer overflow in function compileHyphenation in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-11685
04 Jun 2018 — Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función compileHyphenation en compileTranslationTable.c. Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11684 – liblouis: Stack-based buffer overflow in function includeFile in compileTranslationTable.c
https://notcve.org/view.php?id=CVE-2018-11684
04 Jun 2018 — Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función includeFile en compileTranslationTable.c. Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be add... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11683 – Ubuntu Security Notice USN-3672-1
https://notcve.org/view.php?id=CVE-2018-11683
04 Jun 2018 — Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. Esta vulnerabilidad es diferente de CVE-2018-11440. Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2CVE-2018-11577 – liblouis: Segmentation fault in logging.c:lou_logPrint()
https://notcve.org/view.php?id=CVE-2018-11577
31 May 2018 — Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. Liblouis 3.5.0 tiene un fallo de segmentación en lou_logPrint en logging.c. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-11440 – Ubuntu Security Notice USN-3669-1
https://notcve.org/view.php?id=CVE-2018-11440
25 May 2018 — Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. Liblouis 3.5.0 tiene un desbordamiento de búfer basado en pila en la función parseChars en compileTranslationTable.c. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 3CVE-2018-1124 – Procps-ng - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-1124
22 May 2018 — procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users. procps-ng en versiones anteriores a la 3.3.15 es vulnerable a múltiples desbordamientos de enteros que conducen a una corrupción de la memoria dinámica (heap) en la función f... • https://packetstorm.news/files/id/147806 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 1CVE-2018-11212 – libjpeg-turbo: Divide By Zero in alloc_sarray function in jmemmgr.c
https://notcve.org/view.php?id=CVE-2018-11212
16 May 2018 — An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. Se ha descubierto un problema en libjpeg 9a y 9d. La función alloc_sarray en jmemmgr.c permite que los atacantes remotos provoquen una denegación de servicio (error de división entre cero) mediante un archivo manipulado. A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgr.c file... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10380 – Debian Security Advisory 4200-1
https://notcve.org/view.php?id=CVE-2018-10380
08 May 2018 — kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. kwallet-pam en KDE KWallet en versiones anteriores a la 5.12.6 permite que los usuarios locales obtengan la propiedad de archivos arbitrarios mediante un ataque symlink. Fabian Vogt discovered that incorrect permission handling in the PAM module of the KDE Wallet could allow an unprivileged local user to gain ownership of arbitrary files. • https://bugzilla.suse.com/show_bug.cgi?id=1090863 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •