CVSS: 9.1EPSS: 1%CPEs: 11EXPL: 0CVE-2018-8780 – ruby: Unintentional directory traversal by poisoned NULL byte in Dir
https://notcve.org/view.php?id=CVE-2018-8780
30 Mar 2018 — In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. En Ruby, en versiones anteriores a la 2.2.10, versiones 2.3.x anteriores a la 2.3.7, versiones 2.4.x anteriores a la 2.4.4, versiones 2.5.x anteriores a la 2.5.1 y la versión 2.6.0-preview1, los métodos Dir.open, Dir.new, Dir.entrie... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00036.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2018-7566 – kernel: race condition in snd_seq_write() may lead to UAF or OOB-access
https://notcve.org/view.php?id=CVE-2018-7566
28 Mar 2018 — The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. El kernel de Linux 4.15 tiene un desbordamiento de búfer mediante una operación de escritura ioctl SNDRV_SEQ_IOCTL_SET_CLIENT_POOL en /dev/snd/seq por un usuario local. ALSA sequencer core initializes the event pool on demand by invoking snd_seq_pool_init() when the first write happens and the pool is empty. A user can reset the pool size manually via ioctl concurrently, ... • http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-1083 – zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c
https://notcve.org/view.php?id=CVE-2018-1083
28 Mar 2018 — Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation. Zsh en versiones anteriores a la 5.4.2-test-1 es vulnerable a un desbordamiento de búfer en la funcionalidad de autocompletar del shel... • http://www.securityfocus.com/bid/103572 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2018-5148 – firefox: Use-after-free in compositor potentially allows code execution
https://notcve.org/view.php?id=CVE-2018-5148
28 Mar 2018 — A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2. Puede ocurrir una vulnerabilidad de uso de memoria previamente liberada en el compositor durante determinadas operaciones de gráficos cuando un puntero raw se utiliza en vez de una de conteo de referencias. Esto resulta en un cierre ine... • http://www.securityfocus.com/bid/103506 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18251 – ImageMagick: memory leak in ReadPCDImage function in coders/pcd.c
https://notcve.org/view.php?id=CVE-2017-18251
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de filtrado de memoria en la función ReadPCDImage en coders/pcd.c que permite a atacantes remotos provocar una denegación de servicio (DoS) mediante un archivo manipulado. A memory leak vulnerability ha... • https://github.com/ImageMagick/ImageMagick/issues/809 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18252 – ImageMagick: assertion failure in MogrifyImageList function in MagickWand/mogrify.c
https://notcve.org/view.php?id=CVE-2017-18252
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. La función MogrigyImageList en MagickWand/mogrify.c permite a los atacantes provocar una denegación de servicio (fallo de aserción y salida de la aplicación en ReplaceImageInList) mediante un archivo manipulado. It wa... • https://github.com/ImageMagick/ImageMagick/issues/802 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18254 – ImageMagick: memory leak in WriteGIFImage function in coders/gif.c
https://notcve.org/view.php?id=CVE-2017-18254
27 Mar 2018 — An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. Se ha descubierto un problema en la versión 7.0.7 de ImageMagick. Se ha encontrado una vulnerabilidad de filtrado de memoria en la función WriteGIFImage en coders/gif.c que permite a atacantes remotos provocar una denegación de servicio (DoS) mediante un archivo manipulado. A memory leak vulnerability ... • https://github.com/ImageMagick/ImageMagick/issues/808 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.5EPSS: 13%CPEs: 8EXPL: 0CVE-2018-0739 – Constructed ASN.1 types with a recursive definition could exceed the stack
https://notcve.org/view.php?id=CVE-2018-0739
27 Mar 2018 — Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 5.9EPSS: 5%CPEs: 18EXPL: 0CVE-2018-1301 – httpd: Out of bounds access after failure in reading the HTTP request
https://notcve.org/view.php?id=CVE-2018-1301
26 Mar 2018 — A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage. Una petición especialmente manipulada podría haber provocado el cierre inesperado del servidor Apache HTTP en versiones anteriores a la 2.4.30, debido a u... • http://www.openwall.com/lists/oss-security/2018/03/24/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 18%CPEs: 11EXPL: 0CVE-2018-1303 – httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS
https://notcve.org/view.php?id=CVE-2018-1303
26 Mar 2018 — A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability. Una cabecera HTTP especialmente manipulada podría haber provocado el cierre inesperado del servidor ... • http://www.openwall.com/lists/oss-security/2018/03/24/3 • CWE-125: Out-of-bounds Read •