CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-15967 – flash-plugin: Information Disclosure vulnerability (APSB18-31)
https://notcve.org/view.php?id=CVE-2018-15967
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.154 y anteriores, tiene una vulnerabilidad de escalado de privilegios. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105315 http://www.securitytracker.com/id/1041620 https://access.redhat.com/errata/RHSA-2018:2707 https://helpx.adobe.com/security/products/flash-player/apsb18-31.html https://access.redhat.com/security/cve/CVE-2018-15967 https://bugzilla.redhat.com/show_bug.cgi?id=1627892 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-14638 – 389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly
https://notcve.org/view.php?id=CVE-2018-14638
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service. Se ha descubierto un problema en versiones anteriores a la 1.3.8.4-13 de 389-ds-base. El proceso ns-slapd se cierra inesperadamente en la función delete_passwdPolicy cuando las conexiones de búsqueda persistente se terminan inesperadamente, lo que conduce a una denegación de servicio (DoS) remota. A double-free of a password policy structure was found in the way slapd was handling certain errors during persistent search. • https://access.redhat.com/errata/RHSA-2018:2757 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14638 https://pagure.io/389-ds-base/c/78fc627accacfa4061ce48977e22301f81ea8d73 https://access.redhat.com/security/cve/CVE-2018-14638 https://bugzilla.redhat.com/show_bug.cgi?id=1626079 • CWE-400: Uncontrolled Resource Consumption CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2018-12379 – Mozilla: Out-of-bounds write with malicious MAR file
https://notcve.org/view.php?id=CVE-2018-12379
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Cuando Mozilla Updater abre un archivo de formato MAR que contiene un nombre de archivo de ítem muy largo, puede desencadenarse una escritura fuera de límites que conduce a un cierre inesperado potencialmente explotable. Esto requiere la ejecución manual de Mozilla Updater en el sistema local con el archivo MAR malicioso para que ocurra. • http://www.securityfocus.com/bid/105280 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1473113 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810-01 https://security.gentoo.org/glsa/20181 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16088 – chromium-browser: User gesture requirement bypass
https://notcve.org/view.php?id=CVE-2018-16088
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page. La falta de comprobaciones para los eventos simulados por JS en Blink en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto descargase archivos arbitrarios sin entradas de usuario mediante una página HTML manipulada. • https://access.redhat.com/errata/RHSA-2018:2666 https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html https://crbug.com/848531 https://security.gentoo.org/glsa/201811-10 https://access.redhat.com/security/cve/CVE-2018-16088 https://bugzilla.redhat.com/show_bug.cgi?id=1626286 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-16802 – ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling
https://notcve.org/view.php?id=CVE-2018-16802
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. Se ha descubierto un problema en versiones anteriores a la 9.25 de Artifex Ghostscript. La comprobación incorrecta de "restoration of privilege" al quedarse sin pila durante el manejo de excepciones podría ser empleada por atacantes que sean capaces de proporcionar PostScript manipulado para ejecutar código mediante la instrucción "pipe". • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47 https://access.redhat.com/errata/RHSA-2018:3834 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://seclists.org/oss-sec/2018/q3/228 https://seclists.org/oss-sec/2018/q3/229 https://security • CWE-20: Improper Input Validation •