CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 2CVE-2018-17581 – exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
https://notcve.org/view.php?id=CVE-2018-17581
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. CiffDirectory::readDirectory() en crwimage_int.cpp en Exiv2 0.26 tiene un consumo excesivo de pila debido a una función recursiva, lo que conduce a una denegación de servicio (DoS). • https://access.redhat.com/errata/RHSA-2019:2101 https://github.com/Exiv2/exiv2/issues/460 https://github.com/SegfaultMasters/covering360/blob/master/Exiv2 https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/3852-1 https://access.redhat.com/security/cve/CVE-2018-17581 https://bugzilla.redhat.com/show_bug.cgi?id=1635045 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2018-14650 – sos-collector: incorrect permissions set on newly created files
https://notcve.org/view.php?id=CVE-2018-14650
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory. Se ha descubierto que sos-collector no establece correctamente los permisos por defecto de los nuevos archivos creados, haciendo que todos los archivos creados por la herramienta puedan ser leídos por cualquier usuario local. Un atacante local podría utilizar este error esperando a que un usuario legítimo ejecute sos-collector y robe los datos recopilados en el directorio /var/tmp. • https://access.redhat.com/errata/RHSA-2018:3663 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650 https://github.com/sosreport/sos-collector/commit/72058f9253e7ed8c7243e2ff76a16d97b03d65ed https://access.redhat.com/security/cve/CVE-2018-14650 https://bugzilla.redhat.com/show_bug.cgi?id=1633243 • CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-17458 – chromium-browser: Function signature mismatch in WebAssembly
https://notcve.org/view.php?id=CVE-2018-17458
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una actualización incorrecta de la tabla "dispatch" de WebAssembly en WebAssembly en Google Chrome, en versiones anteriores a la 69.0.3497.92, permitía que un atacante remoto ejecutase código arbitrario dentro de un sandbox mediante una página HTML manipulada. • https://access.redhat.com/errata/RHSA-2018:2818 https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop_11.html https://crbug.com/875322 https://access.redhat.com/security/cve/CVE-2018-17458 https://bugzilla.redhat.com/show_bug.cgi?id=1628078 • CWE-129: Improper Validation of Array Index •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-17459 – chromium-browser: URL Spoofing in Omnibox
https://notcve.org/view.php?id=CVE-2018-17459
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. La gestión incorrecta de los clics en Omnibox (barra de direcciones) en Navigation en Google Chrome, en versiones anteriores a la 69.0.3497.92, permitía que un atacante remoto suplantase el contenido de Omnibox mediante una página HTML manipulada. • https://access.redhat.com/errata/RHSA-2018:2818 https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop_11.html https://crbug.com/880759 https://access.redhat.com/security/cve/CVE-2018-17459 https://bugzilla.redhat.com/show_bug.cgi?id=1628080 •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2018-11763 – Apache2 mod_http2 header Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-11763
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. En Apache HTTP Server, de la versión 2.4.17 a la 2.4.34, mediante el envío continuo de tramas SETTINGS grandes, un cliente puede ocupar una conexión, hilo del servidor y tiempo de CPU sin que se active ningún agotamiento del tiempo de conexión. Esto solo afecta a las conexiones HTTP/2. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.securityfocus.com/bid/105414 http://www.securitytracker.com/id/1041713 https://access.redhat.com/errata/RHSA-2018:3558 https://access.redhat.com/errata/RHSA-2019:0366 https://access.redhat.com/errata/RHSA-2019:0367 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7f • CWE-20: Improper Input Validation •