Page 77 of 820 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2018-19409 – ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c

https://notcve.org/view.php?id=CVE-2018-19409

An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. Se ha descubierto un problema en versiones anteriores a la 9.26 de Artifex Ghostscript. LockSafetyParams no se comprueba correctamente si se emplea otro dispositivo. • http://www.securityfocus.com/bid/105990 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=700176 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=661e8d8fb8248c38d67958beda32f3a5876d0c3f https://lists.debian.org/debian-lts-announce/2018/11/msg00036.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3831-1 https://www.debian.org/security/2018/dsa-4346 https://www.ghostscript.com/doc/9.26/History9.htm#Version9 • CWE-391: Unchecked Error Condition •

CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-16850 – postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING

https://notcve.org/view.php?id=CVE-2018-16850

postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges. postgresql en versiones anteriores a la 11.1 y 10.6 es vulnerable a una inyección SQL en pg_upgrade y pg_dump mediante CREATE TRIGGER ... REFERENCING. Mediante una definición de detonador manipulado para tal propósito, un atacante puede provocar que la ejecución con privilegios de superusuario de instrucciones SQL. • http://www.securityfocus.com/bid/105923 http://www.securitytracker.com/id/1042144 https://access.redhat.com/errata/RHSA-2018:3757 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16850 https://security.gentoo.org/glsa/201811-24 https://usn.ubuntu.com/3818-1 https://www.postgresql.org/about/news/1905 https://access.redhat.com/security/cve/CVE-2018-16850 https://bugzilla.redhat.com/show_bug.cgi?id=1645937 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2018-19115 – keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or possibly arbitrary code execution

https://notcve.org/view.php?id=CVE-2018-19115

keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap. keepalived hasta la versión 2.0.8 tiene un desbordamiento de búfer basado en memoria dinámica (heap) cuando se analizan los códigos de estado HTTP, lo que resulta en una denegación de servicio (DoS) o, posiblemente, en otro impacto indeterminado, debido a que extract_status_code en lib/html.c no tiene ninguna validación del código de estado y, en su lugar, escribe una cantidad ilimitada de datos en la memoria dinámica. Heap-based buffer overflow vulnerability in extract_status_code() function in lib/html.c that parses HTTP status code returned from web server allows malicious web server or man-in-the-middle attacker pretending to be a web server to cause either a denial of service or potentially execute arbitrary code on keepalived load balancer. • https://access.redhat.com/errata/RHSA-2019:0022 https://access.redhat.com/errata/RHSA-2019:1792 https://access.redhat.com/errata/RHSA-2019:1945 https://bugzilla.suse.com/show_bug.cgi?id=1015141 https://github.com/acassen/keepalived/pull/961 https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9 https://lists.debian.org/debian-lts-announce/2018/11/msg00034.html https://security.gentoo.org/glsa/201903-01 https://usn.ubuntu.com/3995-1 https:/& • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-16396 – ruby: Tainted flags are not propagated in Array#pack and String#unpack with some directives

https://notcve.org/view.php?id=CVE-2018-16396

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats. Se ha descubierto un problema en Ruby, en versiones anteriores a la 2.3.8, versiones 2.4.x anteriores a la 2.4.5, versiones 2.5.x anteriores a la 2.5.2 y versiones 2.6.x anteriores a la 2.6.0-preview3. No contamina las cadenas que resultan de desempaquetar cadenas contaminadas con algunos formatos. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html http://www.securitytracker.com/id/1042106 https://access.redhat.com/errata/RHSA-2018:3729 https://access.redhat.com/errata/RHSA-2018:3730 https://access.redhat.com/errata/RHSA-2018:3731 https://access.redhat.com/errata/RHSA-2019:2028 https://hackerone.com/reports/385070 https://lists.debian.org/debian-lts-announce/2018/10/msg00020.html https://security.netapp.com/advisory/ntap-20190221-0002 https://usn • CWE-20: Improper Input Validation •

CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 2

CVE-2018-5407 – Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel

https://notcve.org/view.php?id=CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. SMT (Simultaneous Multi-threading) en los procesadores puede habilitar que usuarios locales exploten software vulnerable a ataques de sincronización mediante un ataques de sincronización de canal lateral en la "contención de puertos". A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. • https://www.exploit-db.com/exploits/45785 http://www.securityfocus.com/bid/105897 https://access.redhat.com/errata/RHSA-2019:0483 https://access.redhat.com/errata/RHSA-2019:0651 https://access.redhat.com/errata/RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:3929 https://access.redhat.com/errata/RHSA-2019:3931 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •