Page 81 of 2048 results (0.008 seconds)

CVSS: 7.0EPSS: 0%CPEs: 18EXPL: 0

CVE-2018-12385 – Mozilla: Crash in TransportSecurityInfo due to cached data

https://notcve.org/view.php?id=CVE-2018-12385

A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally installed malware. This issue also triggers a non-exploitable startup crash for users switching between the Nightly and Release versions of Firefox if the same profile is used. This vulnerability affects Thunderbird < 60.2.1, Firefox ESR < 60.2.1, and Firefox < 62.0.2. Un cierre inesperado potencialmente explotable en TransportSecurityInfo empleado para SSL puede desencadenarse por los datos almacenados en la caché local en el directorio de perfil del usuario. • http://www.securityfocus.com/bid/105380 http://www.securitytracker.com/id/1041700 http://www.securitytracker.com/id/1041701 https://access.redhat.com/errata/RHSA-2018:2834 https://access.redhat.com/errata/RHSA-2018:2835 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://bugzilla.mozilla.org/show_bug.cgi?id=1490585 https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html https://security.gentoo.org/glsa/201810- • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.3EPSS: 0%CPEs: 20EXPL: 0

CVE-2018-14633 – kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target

https://notcve.org/view.php?id=CVE-2018-14633

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. • http://www.securityfocus.com/bid/105388 https://access.redhat.com/errata/RHSA-2018:3651 https://access.redhat.com/errata/RHSA-2018:3666 https://access.redhat.com/errata/RHSA-2019:1946 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14633 https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=8c39e2699 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

CVE-2018-14647 – python: Missing salt initialization in _elementtree.c module

https://notcve.org/view.php?id=CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. El acelerador de C elementtree en Python no inicializa la sal del hash Expat durante la inicialización. Esto podría facilitar llevar a cabo ataques de denegación de servicio (DoS) contra Expat construyendo un documento XML que provocaría colisiones de hashes en las estructuras internas de datos de Expat, consumiendo grandes cantidades de CPU y RAM. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://www.securityfocus.com/bid/105396 http://www.securitytracker.com/id/1041740 https://access.redhat.com/errata/RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:2030 https://access.redhat.com/errata/RHSA-2019:3725 https://bugs.python.org/issue34623 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647 https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.boo • CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) CWE-665: Improper Initialization CWE-909: Missing Initialization of Resource •

CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0

CVE-2018-17183 – ghostscript: User-writable error exception table

https://notcve.org/view.php?id=CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. Artifex Ghostscript en versiones anteriores a la 9.25 permitía una tabla de excepción de error que puede escribir el usuario. Esta tabla podía ser usada por los atacantes remotos capaces de proporcionar PostScript manipulados para poder sobrescribir o reemplazar manipuladores de errores para inyectar código. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=fb713b3818b52d8a6cf62c951eba2e1795ff9624 https://access.redhat.com/errata/RHSA-2018:3834 https://bugs.ghostscript.com/show_bug.cgi?id=699708 https://lists.debian.org/debian-lts-announce/2018/09/msg00038.html https://usn.ubuntu.com/3773-1 https://access.redhat.com/security/cve/CVE-2018-17183 https://bugzilla.redhat.com/show_bug.cgi?id=1632471 • CWE-460: Improper Cleanup on Thrown Exception •

CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-11781 – spamassassin: Local user code injection in the meta rule syntax

https://notcve.org/view.php?id=CVE-2018-11781

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. Apache SpamAssassin 3.4.2 soluciona una inyección de código de usuario local en la sintaxis de reglas meta. A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html https://access.redhat.com/errata/RHSA-2018:2916 https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c%40%3Cannounce.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html https://security.gentoo.org/glsa/201812-07 https://usn.ubuntu.com/3811-1 https://usn.ubuntu.com/3811-3 https://access.redhat.com/security/cve/CVE-2018-11781 https://bugzilla.redhat.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •