Log

CVE-2018-20346 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
References
+ https://seclists.org/oss-sec/2018/q4/270
Notes
CVE-2018-20482 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ A denial of service issue has been found in GNU Tar versions up to and including 1.30. When creating archives with the --sparse option, tar would loop endlessly if a sparse file had been truncated while being archived.
References
+ https://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html
+ https://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42c
+ https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
Notes
CVE-2018-20592 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
References
+ https://github.com/michaelrsweet/mxml/commit/eadf40fa7049e43dd5757df5945e9ec1c491e8a4
+ https://github.com/michaelrsweet/mxml/issues/237
Notes
CVE-2018-20593 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
References
+ https://github.com/michaelrsweet/mxml/issues/237
+ https://github.com/michaelrsweet/mxml/commit/eadf40fa7049e43dd5757df5945e9ec1c491e8a4
Notes
CVE-2018-20685 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Insufficient validation
Description
+ In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename.
References
+ https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h
+ https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
+ https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
Notes
CVE-2018-20712 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
References
+ http://www.securityfocus.com/bid/106563
+ https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
+ https://sourceware.org/bugzilla/show_bug.cgi?id=24043
Notes
CVE-2018-20751 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference.
References
+ https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/
+ https://sourceforge.net/p/podofo/tickets/33/
+ https://sourceforge.net/p/podofo/code/1954
Notes
CVE-2018-20781 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Information disclosure
Description
+ In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext.
References
+ https://gitlab.gnome.org/GNOME/gnome-keyring/tags/3.27.2
+ https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
Notes
CVE-2018-3615 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
References
+ https://foreshadowattack.eu/
Notes
+ Intel specific
+
+ Versions with mitigation's:
+ 4.14.63
+ 4.17.15
+ 4.18.1
CVE-2018-3620 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ Systems with microprocessors utilising speculative execution and address translations may allow unauthorised disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
References
+ https://access.redhat.com/errata/RHSA-2018:2384
Notes