Page 74 of 726 results (0.014 seconds)

CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 2

Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. El navegador Tor en versiones anteriores a la 7.0.9 en macOS y Linux permite que atacantes remotos sin omitan las características de anonimato previstas y descubran una dirección IP de cliente mediante vectores que impliquen un sitio web manipulado que aproveche la mala gestión de file:// en Firefox. Esto también se conoce como TorMoil. NOTA: Tails no se ha visto afectado. • https://github.com/Ethan-Chen-uwo/A-breif-introduction-of-CVE-2017-16541 http://www.securityfocus.com/bid/101665 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://blog.torproject.org/tor-browser-709-released https://bugzilla.mozilla.org/show_bug.cgi?id=1412081 https://lists.debian.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 3%CPEs: 16EXPL: 0

Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. Adobe Flash Player en sus versiones 27.0.0.159 y anteriores tiene un procedimiento de verificación de código de bytes con errores, lo que permite que un valor que no es de confianza se emplee en el cálculo de un índice de arrays. Esto puede llevar a una confusión de tipos, y la explotación con éxito podría desembocar en la ejecución de código arbitrario. Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution. • http://www.securityfocus.com/bid/101286 http://www.securitytracker.com/id/1039582 https://access.redhat.com/errata/RHSA-2017:2899 https://helpx.adobe.com/security/products/flash-player/apsb17-32.html https://security.gentoo.org/glsa/201710-22 https://access.redhat.com/security/cve/CVE-2017-11292 https://bugzilla.redhat.com/show_bug.cgi?id=1502726 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 6%CPEs: 37EXPL: 3

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary. Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). • https://www.exploit-db.com/exploits/42887 https://github.com/RicterZ/PIE-Stack-Clash-CVE-2017-1000253 https://github.com/sxlmnwb/CVE-2017-1000253 http://www.securityfocus.com/bid/101010 http://www.securitytracker.com/id/1039434 https://access.redhat.com/errata/RHSA-2017:2793 https://access.redhat.com/errata/RHSA-2017:2794 https://access.redhat.com/errata/RHSA-2017:2795 https://access.redhat.com/errata/RHSA-2017:2796 https://access.redhat.com/errata/RHSA-2017:2797 https • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 4%CPEs: 9EXPL: 0

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase. El uso inapropiado de la optimización JIT en V8 en Google Chrome, en versiones anteriores a la 61.0.3163.100 para Linux, Windows y Mac, permitía que un atacante remoto ejecutase código arbitrario en un espacio aislado o sandbox mediante una página HTML manipulada. Esto está relacionado con la fase de análisis de escape. • http://www.debian.org/security/2017/dsa-3985 http://www.securityfocus.com/bid/100947 http://www.securitytracker.com/id/1039497 https://access.redhat.com/errata/RHSA-2017:2792 https://blogs.technet.microsoft.com/mmpc/2017/10/18/browser-security-beyond-sandboxing https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html https://crbug.com/765433 https://security.gentoo.org/glsa/201709-25 https://access.redhat.com/security/cve/CVE-2017-5121 https:/ • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 14%CPEs: 16EXPL: 3

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier. Adobe Flash Player tiene una vulnerabilidad de corrupción de memoria explotable en la función de manipulación de texto. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. • https://www.exploit-db.com/exploits/42781 https://www.exploit-db.com/exploits/42782 http://www.securityfocus.com/bid/100710 http://www.securitytracker.com/id/1039314 https://access.redhat.com/errata/RHSA-2017:2702 https://helpx.adobe.com/security/products/flash-player/apsb17-28.html https://security.gentoo.org/glsa/201709-16 https://www.youtube.com/watch?v=CvmnUeza9zw https://access.redhat.com/security/cve/CVE-2017-11281 https://bugzilla.redhat.com/show_bug.cgi?id=149111 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •