Log

CVE-2018-6149 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An out of bounds write has been found in the V8 component of the chromium browser before 67.0.3396.87.
References
+ https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop_12.html
+ https://crbug.com/848672
Notes
CVE-2018-6187 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf file.
References
+ https://bugs.ghostscript.com/show_bug.cgi?id=698908
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=3e30fbb7bf5efd88df431e366492356e7eb969ec
Notes
CVE-2018-6188 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A regression in Django 1.11.8 and 1.11.9 before 1.11.10 and 2.0 before 2.0.2 made AuthenticationForm run its confirm_login_allowed() method even if an incorrect password is entered. This can leak information about a user, depending on what messages confirm_login_allowed() raises. If confirm_login_allowed() isn’t overridden, an attacker enter an arbitrary username and see if that user has been set to is_active=False. If confirm_login_allowed() is overridden, more sensitive details could be leaked.
References
+ https://docs.djangoproject.com/en/1.11/releases/1.11.10/
+ https://docs.djangoproject.com/en/2.0/releases/2.0.2/
Notes
CVE-2018-6192 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file.
References
+ https://bugs.ghostscript.com/show_bug.cgi?id=698916
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=5e411a99604ff6be5db9e273ee84737204113299
+ https://git.ghostscript.com/?p=mupdf.git;a=commitdiff;h=fa9cd085533f68367c299e058ab3fbb7ad8a2dc6
Notes
CVE-2018-6360 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ mpv allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lavfi:ladspa=file= URL signifies that the product should call dlopen on a shared object file located at an arbitrary local pathname. The issue exists because the product does not consider that youtube-dl can provide a potentially unsafe URL.
References
+ https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43
+ https://github.com/mpv-player/mpv/issues/5456
Notes
CVE-2018-6381 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.
References
+ https://github.com/gdraheim/zziplib/issues/12
+ https://github.com/gdraheim/zziplib/commit/1c6a7451a09b0b3d0d14087fcc38d1de82d77f0e
Notes
CVE-2018-6459 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c before strongSwan 5.6.2 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.
References
+ https://www.strongswan.org/blog/2018/02/19/strongswan-vulnerability-(cve-2018-6459).html
+ https://download.strongswan.org/security/CVE-2018-6459/strongswan-5.6.1_pss_mgf1_alg.patch
+ https://github.com/strongswan/strongswan/commit/40da179f28b768ffcf6ff7e2f68675eb44806668
Notes
CVE-2018-6484 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Local
Type
+ Denial of service
Description
+ An unaligned memory access bug was found in the way ZZIPlib handled ZIP files. This flaw could potentially be used to crash the application using ZZIPlib by tricking the application into processing specially crafted ZIP files.
References
+ https://github.com/gdraheim/zziplib/issues/14
Notes
CVE-2018-6540 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
References
+ https://github.com/gdraheim/zziplib/issues/15
+ https://github.com/gdraheim/zziplib/pull/19/commits/15b8c969df962a444dfa07b3d5bd4b27dc0dbba7
Notes
CVE-2018-6541 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer (zzip/zip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.
References
+ https://github.com/gdraheim/zziplib/issues/16
Notes