CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-5076 – chromium-browser: address spoofing in omnibox
https://notcve.org/view.php?id=CVE-2017-5076
06 Jun 2017 — Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. La falta de mecanismos suficientes para el cumplimiento de políticas en Omnibox en Google Chrome en versiones anteriores a la 59.0.3071.86 para Mac, Windows y Linux y a la 59.0.3071.92 para Android, permitía que un atacante remoto realizase una suplantación de dominio medi... • http://www.securityfocus.com/bid/98861 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2017-5083 – chromium-browser: ui spoofing in blink
https://notcve.org/view.php?id=CVE-2017-5083
06 Jun 2017 — Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. Una implementación incorrecta en Blink en Google Chrome, en versiones anteriores a la 59.0.3071.86 para Mac, Windows y Linux y a la 59.0.3071.92 para Android, permitía que un atacante remoto mostrase la interfaz de usuario en una pestaña no controlada por el atacante mediante u... • http://www.securityfocus.com/bid/98861 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0CVE-2017-5078 – chromium-browser: possible command injection in mailto handling
https://notcve.org/view.php?id=CVE-2017-5078
06 Jun 2017 — Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument. Validación insuficiente de entradas no fiables en la manipulación de mailto: de Blink en Google ... • http://www.securityfocus.com/bid/98861 •
CVSS: 8.8EPSS: 79%CPEs: 9EXPL: 1CVE-2017-5070 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2017-5070
06 Jun 2017 — Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome, en versiones anteriores a la 59.0.3071.86 para Linux, Windows y Mac y a la 59.0.3071.92 para Android, permitía que un atacante remoto ejecutase código arbitrario dentro de un espacio aislado o sandbox mediante una página HTML manipulada. Chromium is an... • http://www.securityfocus.com/bid/98861 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7000 – Apple Safari WebSQL snippet Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7000
30 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 10.3.2 y las versiones de macOS anteriores a la 10.12.5. • http://www.securityfocus.com/bid/98767 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 12EXPL: 0CVE-2017-9214 – openvswitch: Integer underflow in the ofputil_pull_queue_get_config_reply10 function
https://notcve.org/view.php?id=CVE-2017-9214
23 May 2017 — In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. En Open vSwitch (OvS) versión 2.7.0, mientras analiza un mensaje OFPT_QUEUE_GET_CONFIG_REPLY tipo OFP versión 1.0, se presenta una lectura excesiva búfer causada por un desbordamiento de enteros sin signo en la función “ofputil_pull_queue_get_config_reply10” en l... • https://access.redhat.com/errata/RHSA-2017:2418 • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-8379 – Qemu: input: host memory lekage via keyboard events
https://notcve.org/view.php?id=CVE-2017-8379
16 May 2017 — Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. La pérdida de memoria en el soporte de controladores de eventos de entrada de teclado en QEMU (también conocido como Quick Emulator) permite a los usuarios privilegiados locales de SO invitados causar una denegación de servicio (consumo de memoria del host) al generar rápidamente evento... • http://www.openwall.com/lists/oss-security/2017/05/03/2 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 2%CPEs: 8EXPL: 0CVE-2017-8309 – Qemu: audio: host memory leakage via capture buffer
https://notcve.org/view.php?id=CVE-2017-8309
16 May 2017 — Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. La pérdida de memoria en el audio/audio.c en QEMU (también conocido como Quick Emulator) permite a los atacantes remotos causar una denegación de servicio (consumo de memoria) al iniciar y detener repetidamente la captura de audio. Li Qiang discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged atta... • http://www.securityfocus.com/bid/98302 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-5068 – chromium-browser: race condition in webrtc
https://notcve.org/view.php?id=CVE-2017-5068
11 May 2017 — Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page. Una gestión incorrecta del ID de imagen en WebRTC en Google Chrome, en versiones anteriores a la 58.0.3029.96 para Mac, Windows y Linux, permitía que un atacante remoto desencadenase una condición de carrera mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrade... • http://www.securityfocus.com/bid/98288 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 1CVE-2016-9583 – jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder
https://notcve.org/view.php?id=CVE-2016-9583
10 May 2017 — An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. Se ha detectado una vulnerabilidad de lectura de memoria dinámica (heap) fuera de límites en la función jpc_pi_nextpcrl() de jasper en versiones anteriores a la 2.0.6 al procesar entradas manipuladas. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. ... • http://www.securityfocus.com/bid/94925 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •