CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2018-10194 – ghostscript: Stack-based out-of-bounds write in pdf_set_text_matrix function in gdevpdts.c
https://notcve.org/view.php?id=CVE-2018-10194
18 Apr 2018 — The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. La función set_text_distance en devices/vector/gdevpdts.c en el componente pdfwrite en Artifex Ghostscript, hasta la versión 9.22, no evita los desbordamientos en el cálculo de posi... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=39b1e54b2968620723bf32e96764c88797714879 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-10177 – ImageMagick: Infinite loop in coders/png.c:ReadOneMNGImage() allows attackers to cause a denial of service via crafted MNG file
https://notcve.org/view.php?id=CVE-2018-10177
16 Apr 2018 — In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. En ImageMagick 7.0.7-28, hay un bucle infinito en la función ReadOneMNGImage del archivo coders/png.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo mng manipulado. An infinite loop has been found in the way ImageMagi... • https://github.com/ImageMagick/ImageMagick/issues/1095 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-10124 – Ubuntu Security Notice USN-3696-2
https://notcve.org/view.php?id=CVE-2018-10124
16 Apr 2018 — The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. La función kill_something_info en kernel/signal.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) mediante un argumento INT_MIN. It was d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea77014af0d6205b05503d1c7aac6eace11d473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2018-6798 – perl: heap read overflow in regexec.c
https://notcve.org/view.php?id=CVE-2018-6798
16 Apr 2018 — An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. Se ha descubierto un problema en Perl, de la versión 5.22 a la 5.26. Si se hace que coincida una expresión regular dependiente de una locale manipulada, se puede provocar una sobrelectura de búfer basada en memoria dinámica (heap) y una potencial divulgación de información. A heap buffer over read flaw was found in the way P... • http://www.securitytracker.com/id/1040681 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 8EXPL: 0CVE-2018-6913 – Apple Security Advisory 2018-10-30-14
https://notcve.org/view.php?id=CVE-2018-6913
16 Apr 2018 — Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. Desbordamiento de búfer basado en memoria dinámica (heap) en la función pack de Perl, en versiones anteriores a la 5.26.2, permite que atacantes dependientes del contexto ejecuten código arbitrario mediante un conteo de items largo. It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to ca... • http://www.securityfocus.com/bid/103953 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 28%CPEs: 5EXPL: 0CVE-2018-0737 – Cache timing vulnerability in RSA Key Generation
https://notcve.org/view.php?id=CVE-2018-0737
16 Apr 2018 — The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o). Se ha demostrado que el algoritmo de generación de claves RSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral de caché. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-10119 – libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document
https://notcve.org/view.php?id=CVE-2018-10119
15 Apr 2018 — sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. sot/source/sdstor/stgstrms.cxx en LibreOffice, en versiones anteriores a la 5.4.5.1 y versiones 6.x anteriores a la 6.0.1.1, emplea un tipo de dato... • https://access.redhat.com/errata/RHSA-2018:3054 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-10120 – libreoffice: Out of bounds write in filter/ww8/ww8toolbar.cxx:SwCTBWrapper class allows for denial of service with crafted document
https://notcve.org/view.php?id=CVE-2018-10120
15 Apr 2018 — The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. La función SwCTBWrapper::Read en sw/source/filter/ww8/ww8toolbar.cxx en LibreOffice, en versiones anteriores a la 5.4.6.1 y vers... • https://access.redhat.com/errata/RHSA-2018:3054 • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10087 – Ubuntu Security Notice USN-3696-2
https://notcve.org/view.php?id=CVE-2018-10087
13 Apr 2018 — The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value. La función kernel_wait4 en kernel/exit.c en el kernel de Linux, en versiones anteriores a la 4.13, cuando se emplea una arquitectura y un compilador sin especificar, podría permitir que usuarios locales provoquen una denegación de servicio (DoS) desencadenando un intento de... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd83c161fbcc5d8be637ab159c0de015cbff5ba4 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-1100 – zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution
https://notcve.org/view.php?id=CVE-2018-1100
11 Apr 2018 — zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user. zsh hasta la versión 5.4.2 es vulnerable a un desbordamiento de búfer basado en pila en la función utils.c:checkmailpath. Un atacante local podría explotarlo para ejecutar código arbitrario en el contexto de otro usuario. A buffer overflow flaw was found in the zsh shell check path functionality. A local,... • https://access.redhat.com/errata/RHSA-2018:1932 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •