CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-19985 – kernel: oob memory read in hso_probe in drivers/net/usb/hso.c
https://notcve.org/view.php?id=CVE-2018-19985
31 Jan 2019 — The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space. La función hso_get_config_data en drivers/net/usb/hso.c en el kernel de Linux, hasta la versión 4.19.8, lee if_num desde el dispositivo USB (como un u8) y lo emplea para indexar un array pequeño, lo que resulta en una lectur... • http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 10%CPEs: 11EXPL: 2CVE-2019-3462 – Debian Security Advisory 4371-1
https://notcve.org/view.php?id=CVE-2019-3462
22 Jan 2019 — Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. El saneamiento incorrecto de un campo de redirección 302 en el método HTTP "transport" en apt, en versiones 1.4.8 y anteriores, puede conducir a la inyección de contenido por parte de un atacante MITM, lo que puede conducir a la ejecución remota de código en el equipo objetivo. Max Justi... • https://github.com/tonejito/check_CVE-2019-3462 •
CVSS: 6.8EPSS: 8%CPEs: 51EXPL: 0CVE-2019-6109 – openssh: Missing character encoding in progress display allows for spoofing of scp client output
https://notcve.org/view.php?id=CVE-2019-6109
16 Jan 2019 — An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c. Se ha descubierto un problema en OpenSSH 7.9. Debido a la falta de cifrado de caracteres en la pantalla de progreso, un servidor malicioso (o atacante Man-in-the... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html • CWE-116: Improper Encoding or Escaping of Output CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.8EPSS: 54%CPEs: 9EXPL: 3CVE-2019-6110 – OpenSSH SCP Client - Write Arbitrary Files
https://notcve.org/view.php?id=CVE-2019-6110
16 Jan 2019 — In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. En OpenSSH 7.9, debido a la aceptación y la nuestra de salidas stderr arbitrarias del servidor, un servidor malicioso (o atacante Man-in-the-Middle) puede manipular la salida del cliente, por ejemplo, para emplear códigos de control de ANSI para ocultar lo... • https://packetstorm.news/files/id/151227 • CWE-838: Inappropriate Encoding for Output Context •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2018-16888 – systemd: kills privileged process if unprivileged PIDFile was tampered
https://notcve.org/view.php?id=CVE-2018-16888
14 Jan 2019 — It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable. Se ha descubierto que systemd no comprueba correctamente el contenido de archivos PIDFile antes de ... • https://access.redhat.com/errata/RHSA-2019:2091 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 3%CPEs: 56EXPL: 0CVE-2018-20685 – openssh: scp client improper directory name validation
https://notcve.org/view.php?id=CVE-2018-20685
10 Jan 2019 — In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. En OpenSSH 7.9, scp.c en el cliente scp permite que los servidores SSH omitan las restricciones de acceso planeadas mediante un nombre de archivo "." o un nombre de archivo vacío. El impacto consiste en modificar los permisos del directorio objetivo en el lado del cliente. Many ... • http://www.securityfocus.com/bid/106531 • CWE-20: Improper Input Validation CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 27EXPL: 2CVE-2018-16866 – systemd: out-of-bounds read when parsing a crafted syslog message
https://notcve.org/view.php?id=CVE-2018-16866
09 Jan 2019 — An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. Se ha descubierto una lectura fuera de límites en systemd-journald en la forma en la que analiza mensajes de registro que terminan con dos puntos ":". Un atacante local puede emplear este error para divulgar datos de la memoria del proceso. • https://packetstorm.news/files/id/152841 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-5489 – Kernel: page cache side channel attacks
https://notcve.org/view.php?id=CVE-2019-5489
07 Jan 2019 — The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. La implementación mincore() en mm/mincore.c en el kernel de Linux hasta la versión... • https://github.com/mmxsrup/CVE-2019-5489 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.9EPSS: 6%CPEs: 47EXPL: 0CVE-2018-0735 – Timing attack against ECDSA signature generation
https://notcve.org/view.php?id=CVE-2018-0735
29 Oct 2018 — The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Se ha demostrado que el algoritmo de firmas ECDSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral. • http://www.securityfocus.com/bid/105750 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16597 – kernel: overlayfs file truncation without permissions
https://notcve.org/view.php?id=CVE-2018-16597
21 Sep 2018 — An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. Se ha descubierto un problema en el kernel de Linux en versiones anteriores a la 4.8. La comprobación de acceso incorrecta de montajes de overlayfs podría ser empleada por los atacantes locales para modificar o truncar archivos en el sistema de archivos subyacente An issue was discovered in the Linux kernel where an i... • http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html • CWE-862: Missing Authorization CWE-863: Incorrect Authorization •