Log

CVE-2018-6117 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Content spoofing
Description
+ A confusing autofill settings issue has been found in the Chromium browser before 66.0.3359.117.
References
+ https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html
+ https://crbug.com/822465
Notes
CVE-2018-6118 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free vulnerability has been found in the Media Cache component of the chromium browser before 66.0.3359.139.
References
+ https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop_26.html
+ https://crbug.com/831963
Notes
CVE-2018-6126 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A heap-based buffer overflow has been found in the Skia component of the Firefox browser before 60.0.2, when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/#CVE-2018-6126
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1462682
Notes
CVE-2018-6148 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ An incorrect handling of CSP header has been found in chromium before 67.0.3396.79.
References
+ https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html
+ https://crbug.com/845961
Notes
CVE-2018-6149 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An out of bounds write has been found in the V8 component of the chromium browser before 67.0.3396.87.
References
+ https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop_12.html
+ https://crbug.com/848672
Notes
CVE-2018-6187 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
References
+ https://bugs.ghostscript.com/show_bug.cgi?id=698908
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=3e30fbb7bf5efd88df431e366492356e7eb969ec
Notes
CVE-2018-6188 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A regression in Django 1.11.8 and 1.11.9 before 1.11.10 and 2.0 before 2.0.2 made AuthenticationForm run its confirm_login_allowed() method even if an incorrect password is entered. This can leak information about a user, depending on what messages confirm_login_allowed() raises. If confirm_login_allowed() isn’t overridden, an attacker enter an arbitrary username and see if that user has been set to is_active=False. If confirm_login_allowed() is overridden, more sensitive details could be leaked.
References
+ https://docs.djangoproject.com/en/1.11/releases/1.11.10/
+ https://docs.djangoproject.com/en/2.0/releases/2.0.2/
Notes
CVE-2018-6192 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
References
+ https://bugs.ghostscript.com/show_bug.cgi?id=698916
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=5e411a99604ff6be5db9e273ee84737204113299
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=fa9cd085533f68367c299e058ab3fbb7ad8a2dc6
Notes
CVE-2018-6360 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ mpv allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lavfi:ladspa=file= URL signifies that the product should call dlopen on a shared object file located at an arbitrary local pathname. The issue exists because the product does not consider that youtube-dl can provide a potentially unsafe URL.
References
+ https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
+ https://github.com/mpv-player/mpv/issues/5456
Notes
CVE-2018-6381 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.
References
+ https://github.com/gdraheim/zziplib/issues/12
+ https://github.com/gdraheim/zziplib/commit/1c6a7451a09b0b3d0d14087fcc38d1de82d77f0e
Notes