CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-10071 – zsh: buffer overflow for very long fds in >& fd syntax
https://notcve.org/view.php?id=CVE-2014-10071
27 Feb 2018 — In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax. En exec.c en zsh, en versiones anteriores a la 5.0.7, hay un desbordamiento de búfer para un fds muy largo en la sintaxis "> fd". A buffer overflow flaw was found in the zsh shell file descriptor redirection functionality. An attacker could use this flaw to cause a denial of service by crashing the user shell. It was discovered that Zsh incorrectly handled certain environment variables. • https://access.redhat.com/errata/RHSA-2018:3073 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7549 – zsh: crash on copying empty hash table
https://notcve.org/view.php?id=CVE-2018-7549
27 Feb 2018 — In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p. En params.c en zsh, hasta la versión 5.4.2, hay un cierre inesperado durante la copia de una tabla de hashes vacía, tal y como demuestra typeset -p. A NULL pointer dereference flaw was found in the code responsible for saving hashtables of the zsh package. An attacker could use this flaw to cause a denial of service by crashing the user shell. It was discovered that Zsh incorrectly handled... • https://access.redhat.com/errata/RHSA-2018:3073 • CWE-20: Improper Input Validation CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-18206 – zsh: buffer overrun in symlinks
https://notcve.org/view.php?id=CVE-2017-18206
27 Feb 2018 — In utils.c in zsh before 5.4, symlink expansion had a buffer overflow. En utils.c en zsh, en versiones anteriores a la 5.4, la expansión symlink tiene un desbordamiento de búfer. A buffer overflow flaw was found in the zsh shell symbolic link resolver. A local, unprivileged user can create a specially crafted directory path which leads to a buffer overflow in the context of the user trying to do a symbolic link resolution in the aforementioned path. If the user affected is privileged, this leads to privileg... • https://access.redhat.com/errata/RHSA-2018:1932 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-7492 – Ubuntu Security Notice USN-3674-1
https://notcve.org/view.php?id=CVE-2018-7492
26 Feb 2018 — A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST. Se ha encontrado una desreferencia de puntero NULL en la función net/rds/rdma.c __rds_rdma_map() en el kernel de Linux, en versiones anteriores a la 4.14.7, que permite que atacantes locales provoquen un error en el sistema y una denegación de servicio (DoS). Esto se rela... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3069c6d33f6ae63a1668737bc78aaaa51bff7ca • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7480 – Debian Security Advisory 4188-1
https://notcve.org/view.php?id=CVE-2018-7480
25 Feb 2018 — The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. La función blkcg_init_queue en block/blk-cgroup.c en el kernel de Linux, en versiones anteriores a la 4.11, permite que los usuarios locales provoquen una denegación de servicio (doble liberación) o, posiblemente, causen otros impactos no especificados desencadenando un fallo de creación. ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b54d816e00425c3a517514e0d677bb3cec49258 • CWE-415: Double Free •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 2CVE-2018-7456 – libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
https://notcve.org/view.php?id=CVE-2018-7456
24 Feb 2018 — A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.) Una desreferencia d... • http://bugzilla.maptools.org/show_bug.cgi?id=2778 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 17%CPEs: 50EXPL: 1CVE-2018-1305 – tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
https://notcve.org/view.php?id=CVE-2018-1305
23 Feb 2018 — Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. Las restricc... • https://github.com/Pa55w0rd/CVE-2018-1305 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 1CVE-2018-7443 – Ubuntu Security Notice USN-3681-1
https://notcve.org/view.php?id=CVE-2018-7443
23 Feb 2018 — The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). La función ReadTIFFImage en coders/tiff.c en ImageMagick 7.0.7-23 Q16 no valida correctamente la cantidad de datos de imagen en un archivo, lo que permite que atacantes remotos provoquen una denegación de servicio (error de asigna... • https://github.com/ImageMagick/ImageMagick/issues/999 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 1%CPEs: 6EXPL: 0CVE-2017-15119 – qemu: DoS via large option request
https://notcve.org/view.php?id=CVE-2017-15119
20 Feb 2018 — The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS. El servidor Network Block Device (NBD) en Quick Emulator (QEMU) en versiones anteriores a la 2.11 es vulnerable a un problema de denegación de servicio (DoS). Esto puede oc... • http://www.openwall.com/lists/oss-security/2017/11/28/9 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-6764 – libvirt: guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init
https://notcve.org/view.php?id=CVE-2018-6764
20 Feb 2018 — util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. util/virlog.c en libvirt no determina correctamente el nombre de host en el arranque del contenedor LXC, lo que permite que usuarios locales invitados del sistema operativo omitan un mecanismo de protección de contenedor planeado y ejecuten comandos arbitrarios mediante un mó... • http://www.ubuntu.com/usn/USN-3576-1 • CWE-179: Incorrect Behavior Order: Early Validation CWE-346: Origin Validation Error •