CVSS: 9.8EPSS: 2%CPEs: 26EXPL: 2CVE-2019-11540
https://notcve.org/view.php?id=CVE-2019-11540
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and 8.3RX before 8.3R7.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2 and 5.4RX before 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack. En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4 y versiones 8.3RX anteriores a 8.3R7.1 y Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2 y versiones 5.4RX anteriores a 5.4R7.1, un atacante remoto no autenticado puede llevar a cabo un ataque de secuestro de sesión. • http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019/09/02/attacking-ssl-vpn-part-3-the-golden-Pulse-Secure-ssl-vpn-rce-chain-with-Twitter-as-case-study https://i.blackhat.com/USA-19/Wednesday/us-19-Tsai-Infiltrating-Corporate-Intranet-Like-NSA.pdf https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010 https://www.kb.cert.org/vuls/id/927237 •
CVSS: 8.0EPSS: 96%CPEs: 97EXPL: 6CVE-2019-11539 – Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-11539
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands. En Pulse Secure Pulse Connect Secure versiones 9.0RX anteriores a 9.0R3.4, versiones 8.3RX anteriores a 8.3R7.1, versiones 8.2RX anteriores a 8.2R12.1, y versiones 8.1RX anteriores a 8.1R15.1; Pulse Policy Secure versiones 9.0RX anteriores a 9.0R3.2, versiones 5.4RX anteriores a 5.4R7.1, versiones 5.3RX anteriores a 5.3R12.1, versiones 5.2RX anteriores a 5.2R12.1, y versiones 5.1RX anteriores a 5.1R15.1, la interfaz web de administración permite a un atacante autenticado inyectar y ejecutar comandos. Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands. • https://www.exploit-db.com/exploits/47354 https://www.exploit-db.com/exploits/47700 https://github.com/0xDezzy/CVE-2019-11539 http://packetstormsecurity.com/files/154376/Pulse-Secure-8.1R15.1-8.2-8.3-9.0-SSL-VPN-Remote-Code-Execution.html http://packetstormsecurity.com/files/155277/Pulse-Secure-VPN-Arbitrary-Command-Execution.html http://packetstormsecurity.com/files/162092/Pulse-Secure-VPN-Arbitrary-Command-Execution.html http://www.securityfocus.com/bid/108073 https://devco.re/blog/2019 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 1CVE-2018-18284 – ghostscript: 1Policy operator allows a sandbox protection bypass
https://notcve.org/view.php?id=CVE-2018-18284
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Artifex Ghostscript 9.25 y anteriores permite que los atacantes omitan un mecanismo de protección de sandbox mediante vectores relacionados con el operador 1Policy. • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b http://www.openwall.com/lists/oss-security/2018/10/16/2 http://www.securityfocus.com/bid/107451 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.chromium.org/p/project-zero/issues/detail?id=1696 https://bugs.ghostscript.com/show_bug.cgi?id=699963 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html https:&#x •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-16513
https://notcve.org/view.php?id=CVE-2018-16513
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. En Artifex Ghostscript en versiones anteriores a la 9.24, los atacantes que puedan proporcionar archivos PostScript manipulados podrían emplear una confusión de tipos en la función setcolor para provocar el cierre inesperado del intérprete u otro tipo de impacto sin especificar. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=b326a71659b7837d3acde954b18bda1a6f5e9498 https://bugs.ghostscript.com/show_bug.cgi?id=699655 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://support.f5.com/csp/article/K22141757?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/3768-1 https://www.artifex.com/news/ghostscript-security-resol • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2018-15911 – ghostscript: Uninitialized memory access in the aesdecode operator (699665)
https://notcve.org/view.php?id=CVE-2018-15911
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. En Artifex Ghostscript 9.23 antes del 24/08/2018, los atacantes que puedan proporcionar archivos PostScript manipulados podrían emplear un acceso a la memoria no inicializada en el operador aesdecode para provocar el cierre inesperado del intérprete o ejecutar código. It was discovered that ghostscript did not properly verify the key used in aesdecode. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=8e9ce5016db968b40e4ec255a3005f2786cce45f http://www.securityfocus.com/bid/105122 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=699665 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://security.gentoo.org/glsa/201811-12 https://support.f5.com/csp/article/K22141757?utm_source=f5support&%3Butm_medium= • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •