CVSS: 8.8EPSS: 35%CPEs: 22EXPL: 1CVE-2018-5146 – Mozilla Firefox libvorbis OGG Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5146
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. Una escritura de memoria fuera de límites mientras se procesaban los datos de audio de Vorbis fue reportada a través de la competición Pwn2Own. Esta vulnerabilidad afecta a las versiones anteriores a la 59.0.1 de Firefox, las versiones anteriores a la 52.7.2 de Firefox ESR y las versiones anteriores a la 52.7 de Thunderbird. An out of bounds write flaw was found in the processing of vorbis audio data. • https://github.com/f01965/CVE-2018-5146 http://www.securityfocus.com/bid/103432 http://www.securitytracker.com/id/1040544 https://access.redhat.com/errata/RHSA-2018:0549 https://access.redhat.com/errata/RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0648 https://access.redhat.com/errata/RHSA-2018:0649 https://access.redhat.com/errata/RHSA-2018:1058 https://bugzilla.mozilla.org/show_bug.cgi?id=1446062 https://lists.debian.org/debian-lts-announce/2018/03/msg • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 0CVE-2018-1068 – kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c
https://notcve.org/view.php?id=CVE-2018-1068
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. Se ha encontrado un error en la implementación de la interfaz syscall de 32 bits para puentes de red (bridging) en el kernel de las versiones 4.x de Linux. Esto permitía que un usuario privilegiado escribiese de forma arbitraria en un rango limitado de memoria del kernel. A flaw was found in the Linux kernel's implementation of 32-bit syscall interface for bridging. • http://www.securityfocus.com/bid/103459 https://access.redhat.com/errata/RHSA-2018:1318 https://access.redhat.com/errata/RHSA-2018:1355 https://access.redhat.com/errata/RHSA-2018:2948 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://access.redhat.com/errata/RHSA-2019:4159 https://bugzilla.redhat.com/show_bug.cgi?id=1552048 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b71812168571fa55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 21EXPL: 0CVE-2018-5145 – Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07)
https://notcve.org/view.php?id=CVE-2018-5145
Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. Se han informado de errores de seguridad de memoria en Firefox ESR 52.6. Estos errores mostraron evidencias de corrupción de memoria y se cree que, con el esfuerzo necesario, se podrían explotar para ejecutar código arbitrario. • http://www.securityfocus.com/bid/103384 http://www.securitytracker.com/id/1040514 https://access.redhat.com/errata/RHSA-2018:0526 https://access.redhat.com/errata/RHSA-2018:0527 https://access.redhat.com/errata/RHSA-2018:0647 https://access.redhat.com/errata/RHSA-2018:0648 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1261175%2C1348955 https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html https:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 4%CPEs: 23EXPL: 2CVE-2018-7750 – Paramiko 2.4.1 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-7750
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. transport.py en la implementación del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x anteriores a la 1.18.5; versiones 2.0.x anteriores a la 2.0.8; versiones 2.1.x anteriores a la 2.1.5; versiones 2.2.x anteriores a la 2.2.3; versiones 2.3.x anteriores a la 2.3.2 y versiones 2.4.x anteriores a la 2.4.1, no comprueba adecuadamente si la autenticación se ha completado antes de procesar otras peticiones, tal y como demuestra channel-open. Un cliente SSH personalizado puede simplemente omitir el paso de autenticación. It was found that when acting as an SSH server, paramiko did not properly check whether authentication is completed before processing other requests. A customized SSH client could use this to bypass authentication when accessing any resources controlled by paramiko. • https://www.exploit-db.com/exploits/45712 https://github.com/jm33-m0/CVE-2018-7750 http://www.securityfocus.com/bid/103713 https://access.redhat.com/errata/RHSA-2018:0591 https://access.redhat.com/errata/RHSA-2018:0646 https://access.redhat.com/errata/RHSA-2018:1124 https://access.redhat.com/errata/RHSA-2018:1125 https://access.redhat.com/errata/RHSA-2018:1213 https://access.redhat.com/errata/RHSA-2018:1274 https://access.redhat.com/errata/RHSA-2018:1328 https:&#x • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2018-7858 – QEMU: cirrus: OOB access when updating VGA display
https://notcve.org/view.php?id=CVE-2018-7858
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. Quick Emulator (también conocido como QEMU), cuando se integra con soporte para Cirrus CLGD 54xx VGA Emulator, permite que usuarios privilegiados locales, invitados del sistema operativo, provoquen una denegación de servicio (acceso fuera de límites y cierre inesperado del proceso QEMU) aprovechando los cálculos de región incorrectos al actualizar la pantalla VGA. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html http://www.openwall.com/lists/oss-security/2018/03/09/1 http://www.securityfocus.com/bid/103350 https://access.redhat.com/errata/RHSA-2018:1369 https://access.redhat.com/errata/RHSA-2018:1416 https://access.redhat.com/errata/RHSA-2018:2162 https://bugzilla.redhat.com/show_bug.cgi?id=1553402 https://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg02174.html https://usn.ubuntu.com/3649-1 ht • CWE-125: Out-of-bounds Read •