CVSS: 6.8EPSS: 2%CPEs: 20EXPL: 0CVE-2015-2713 – Mozilla: Use-after-free during text processing with vertical text enabled (MFSA 2015-51)
https://notcve.org/view.php?id=CVE-2015-2713
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text. Vulnerabilidad de uso después de liberación en la función SetBreaks en Mozilla Firefox anterior a 38.0, Firefox ESR 31.x anterior a 31.7, y Thunderbird anterior a 31.7 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria dinámica) a través de un documento que contiene un texto manipulado en conjunto con una secuencia de tokens Cascading Style Sheets (CSS) que contiene propiedades relacionadas con el texto vertical. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html http://rhn.redhat.com/errata/RHSA-2015-0988.html http://rhn.redhat.com/errata/RHSA-2015-1012.html http://www.debian.org/security&#x • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3629
https://notcve.org/view.php?id=CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. Libcontainer 1.6.0, utilizado en Docker Engine, permite a usuarios locales escapar de la contenadorización ('montar la liberación del espacio de nombre') y escribir en ficheros arbitrarios en el sistema de anfitrión a través de un ataque de enlace simbólico en una imagen cuando se hace renacer un contenador. • http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.html http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html http://seclists.org/fulldisclosure/2015/May/28 http://www.securityfocus.com/bid/74558 https://groups.google.com/forum/#%21searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.9EPSS: 91%CPEs: 3EXPL: 2CVE-2015-3622 – libtasn1: heap overflow flaw in _asn1_extract_der_octet()
https://notcve.org/view.php?id=CVE-2015-3622
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate. La función _asn1_extract_der_octet en lib/decoding.c en GNU Libtasn1 anterior a 4.5 permite a atacantes remotos causar una denegación de servicio (lectura de memoria dinámica fuera de rango) a través de un certificado manipulado. A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER-encoded input could cause an application using libtasn1 to perform an invalid read, causing the application to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158225.html http://lists.opensuse.org/opensuse-updates/2015-08/msg00014.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00047.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00097.html http://packetstormsecurity.com/files/131711/libtasn1-Heap-Overflow.html http://seclists.org/fulldisclosure/2015/Apr/109 http://www.debian.org/security/2015/dsa-3256 http://www.mandriva.com/security/advisories?name=MDVSA-2015: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2015-3451
https://notcve.org/view.php?id=CVE-2015-3451
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function. La función _clone en XML::LibXML en versiones anteriores a 2.0119 no establece correctamente la opción expand_entities, lo que permite a atacantes remotos llevar a cabo ataques de entidad externa XML (XXE) a través de datos XML manipulados a la función (1) new o (2) load_xml. • http://advisories.mageia.org/MGASA-2015-0199.html http://cpansearch.perl.org/src/SHLOMIF/XML-LibXML-2.0119/Changes http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157448.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157740.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00006.html http://www.debian.org/security/2015/dsa-3243 http://www.mandriva.com/security/advisories?name=MDVSA-2015:231 http://www.openwall.com/lists/oss-security/20 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3598
https://notcve.org/view.php?id=CVE-2014-3598
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image. El plugin Jpeg2KImagePlugin en Pillow anterior a 2.5.3 permite a atacantes remotos causar una denegación de servicio a través de una imagen manipulada. • http://lists.opensuse.org/opensuse-updates/2015-04/msg00056.html https://pypi.python.org/pypi/Pillow/2.5.3 • CWE-399: Resource Management Errors •