Log

CVE-2019-8684 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
References
+ https://webkitgtk.org/security/WSA-2019-0004.html#CVE-2019-8684
Notes
CVE-2019-8688 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
References
+ https://webkitgtk.org/security/WSA-2019-0004.html#CVE-2019-8688
Notes
CVE-2019-8904 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
References
+ https://bugs.astron.com/view.php?id=62
Notes
CVE-2019-8905 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
References
+ https://bugs.astron.com/view.php?id=63
Notes
CVE-2019-8906 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
References
+ https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f
+ https://bugs.astron.com/view.php?id=64
Notes
CVE-2019-8907 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.
References
+ https://bugs.astron.com/view.php?id=65
Notes
CVE-2019-8912 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ In the Linux kernel through 4.20.10, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.
References
+ http://patchwork.ozlabs.org/patch/1042902/
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9060cb719e61b685ec0102574e10337fa5f445ea
Notes
CVE-2019-8942 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943.
References
+ https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
Notes
CVE-2019-8943 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Directory traversal
Description
+ WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring.
References
+ https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
Notes
CVE-2019-9169 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
References
+ https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=583dd860d5b833037175247230a328f0050dbfe9
+ https://sourceware.org/bugzilla/show_bug.cgi?id=24114
+ https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
+ https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140
Notes