CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2017-15399 – chromium-browser: use after free in v8
https://notcve.org/view.php?id=CVE-2017-15399
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en V8 en Google Chrome en versiones anteriores a la 62.0.3202.89 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/101692 https://access.redhat.com/errata/RHSA-2017:3151 https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html https://crbug.com/776677 https://security.gentoo.org/glsa/201711-02 https://www.debian.org/security/2017/dsa-4024 https://access.redhat.com/security/cve/CVE-2017-15399 https://bugzilla.redhat.com/show_bug.cgi?id=1510431 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 2CVE-2017-16541 – Mozilla: Proxy bypass using automount and autofs
https://notcve.org/view.php?id=CVE-2017-16541
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. El navegador Tor en versiones anteriores a la 7.0.9 en macOS y Linux permite que atacantes remotos sin omitan las características de anonimato previstas y descubran una dirección IP de cliente mediante vectores que impliquen un sitio web manipulado que aproveche la mala gestión de file:// en Firefox. Esto también se conoce como TorMoil. NOTA: Tails no se ha visto afectado. • https://github.com/Ethan-Chen-uwo/A-breif-introduction-of-CVE-2017-16541 http://www.securityfocus.com/bid/101665 http://www.securitytracker.com/id/1041610 https://access.redhat.com/errata/RHSA-2018:2692 https://access.redhat.com/errata/RHSA-2018:2693 https://access.redhat.com/errata/RHSA-2018:3403 https://access.redhat.com/errata/RHSA-2018:3458 https://blog.torproject.org/tor-browser-709-released https://bugzilla.mozilla.org/show_bug.cgi?id=1412081 https://lists.debian.or • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 0CVE-2017-15396 – chromium-browser: stack overflow in v8
https://notcve.org/view.php?id=CVE-2017-15396
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer basado en pila en NumberingSystem en International Components for Unicode (ICU) for C/C++ en versiones anteriores a la 60.2, tal y como se emplea en V8 en Google Chrome en versiones anteriores a la 62.0.3202.75 y otros productos, permitía que un atacante remoto explote una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. • http://bugs.icu-project.org/trac/changeset/40494 http://www.securityfocus.com/bid/101597 https://access.redhat.com/errata/RHSA-2017:3082 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html https://crbug.com/770452 https://security.gentoo.org/glsa/201711-02 https://www.debian.org/security/2017/dsa-4020 https://access.redhat.com/security/cve/CVE-2017-15396 https://bugzilla.redhat.com/show_bug.cgi?id=1506942 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-15906 – openssh: Improper write operations in readonly mode allow for zero-length file creation
https://notcve.org/view.php?id=CVE-2017-15906
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. La función process_open en sftp-server.c en OpenSSH, en versiones anteriores a la 7.6, no evita correctamente las operaciones de escritura en el modo readonly, lo que permite que los atacantes creen archivos de longitud cero. • http://www.securityfocus.com/bid/101552 https://access.redhat.com/errata/RHSA-2018:0980 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19 https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html https://security.gentoo.org/glsa/201801-05 https://security.netapp.com/advisory/ntap-20180423-0004 https://www.openssh.com/txt/release-7.6 https://www.oracle.com/security-alerts/cpujan2020.html http • CWE-20: Improper Input Validation CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.6EPSS: 0%CPEs: 54EXPL: 0CVE-2017-10346 – OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711)
https://notcve.org/view.php?id=CVE-2017-10346
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/101315 http://www.securitytracker.com/id/1039596 https://access.redhat.com/errata/RHSA-2017:2998 https://access.redhat.com/errata/RHSA-2017:2999 https://access.redhat.com/errata/RHSA-2017:3046 https://access.redhat.com/errata/RHSA-2017:3047 https://access.redhat.com/errata/RHSA-2017:3264 https://access.redhat.com/errata/RHSA-2017:3267 https://access.redhat.com/errata/ •