CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12401
https://notcve.org/view.php?id=CVE-2018-12401
28 Feb 2019 — Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63. Algunas URI de recurso especiales provocarán un cierre inesperado no explotable si se cargan con parámetros opcionales y son seguidos por "?" • http://www.securityfocus.com/bid/105721 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12402
https://notcve.org/view.php?id=CVE-2018-12402
28 Feb 2019 — The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu item is se... • http://www.securityfocus.com/bid/105721 • CWE-346: Origin Validation Error •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2019-9209
https://notcve.org/view.php?id=CVE-2019-9209
28 Feb 2019 — In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values. En Wireshark, desde la versión 2.4.0 hasta la 2.4.12 y desde la 2.6.0 hasta la 2.6.6, el disector ASN.1 BER y relacionados podrían cerrarse inesperadamente. Esto se abordó en epan/dissectors/packet-ber.c, previniendo un desbordamiento de búfer asociado con dígitos excesivos en los... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html • CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2019-3824
https://notcve.org/view.php?id=CVE-2019-3824
27 Feb 2019 — A flaw was found in the way an LDAP search expression could crash the shared LDAP server process of a samba AD DC in samba before version 4.10. An authenticated user, having read permissions on the LDAP server, could use this flaw to cause denial of service. Se ha detectado un fallo en la manera en la que una expresión de búsqueda LDAP podría provocar el cierre inesperado del proceso del servidor LDAP de un AD DC de samba en samba en versiones anteriores a la 4.10. Un usuario autenticado con permisos de lec... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00035.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2019-9210 – advancecomp: integer overflow in png_compress in pngex.cc
https://notcve.org/view.php?id=CVE-2019-9210
27 Feb 2019 — In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.) En la versión 2.1 de AdvanceCOMP, png_compress en pngex.cc en advpng tiene un desbordamiento de enteros, al encontrarse con un tamaño de PNG inválido, lo que conduce a que un memcpy intente escribirse en un búfer que es demasiado pequeño. (Hay, también, una sobrelectu... • https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 2CVE-2019-9200 – poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc
https://notcve.org/view.php?id=CVE-2019-9200
26 Feb 2019 — A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. Existe un "infraescritura" de búfer basado en memoria dinámica (heap) en mageStream::getLine() en Stream.cc en la versión 0.74.0 de Poppler que puede, por ejemplo, desencadenarse mediante el envío de un ar... • http://www.securityfocus.com/bid/107172 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 1%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
26 Feb 2019 — If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order ... • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 2CVE-2019-9169 – glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
https://notcve.org/view.php?id=CVE-2019-9169
26 Feb 2019 — In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. En la biblioteca GNU C (también conocida como glibc o libc6), hasta la versión 2.29, proceed_next_node en posix/regexec.c tiene una sobrelectura de búfer basada en memoria dinámica (heap) mediante un intento de coincidencia de expresiones regulares que no distinguen entre mayúsculas y minúsculas. • http://www.securityfocus.com/bid/107160 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2019-9162 – Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
https://notcve.org/view.php?id=CVE-2019-9162
25 Feb 2019 — In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. This affects snmp_version and snmp_helper. En el kernel de Linux, en versiones anteriores a la 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c en el módulo SNMP NAT tiene comprobaciones de longitud ASN.1 insuficientes (conocido como... • https://www.exploit-db.com/exploits/46477 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 8%CPEs: 6EXPL: 2CVE-2019-8375 – WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
https://notcve.org/view.php?id=CVE-2019-8375
24 Feb 2019 — The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany). El su... • https://www.exploit-db.com/exploits/46465 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •