Log

CVE-2018-17481 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A use-after-free has been found in the PDFium component of chromium before 71.0.3578.80.
References
+ https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html
+ https://bugs.chromium.org/p/chromium/issues/detail?id=901654
Notes
CVE-2018-17961 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Sandbox escape
Description
+ Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup.
References
+ https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb
+ https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63aa4ac6874234fe8cd63e72077291
+ https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94b708be24758287b606154daaaed9
+ https://www.openwall.com/lists/oss-security/2018/10/09/4
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1682&desc=2
+ https://bugs.ghostscript.com/show_bug.cgi?id=699816
+ https://lists.debian.org/debian-lts-announce/2018/10/msg00013.html
+ https://www.exploit-db.com/exploits/45573/
Notes
+ NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
CVE-2018-18065 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A denial of service vulnerability has been discovered in net-snmp before 5.8. The _set_key function in agent/helpers/table_container.c has a NULL pointer exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service.
References
+ https://sourceforge.net/p/net-snmp/bugs/2743/
+ https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d
+ https://seclists.org/oss-sec/2018/q4/24
+ https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Notes
CVE-2018-18066 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ A denial of service vulnerability has been discovered in net-snmp before 5.8. The snmp_oid_compare function in snmplib/snmp_api.c has a NULL pointer exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service.
+ This is a duplicate of CVE-2015-5621.
References
+ https://sourceforge.net/p/net-snmp/bugs/2615/
+ https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791
+ https://seclists.org/oss-sec/2018/q4/24
+ https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Notes
+ This is a duplicate of CVE-2015-5621.
CVE-2018-18073 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Sandbox escape
Description
+ Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
References
+ https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=34cc326eb2c5695833361887fe0b32e8d987741c
+ http://packetstormsecurity.com/files/149758/Ghostscript-Exposed-System-Operators.html
+ http://www.openwall.com/lists/oss-security/2018/10/10/12
Notes
CVE-2018-18225 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the CoAP dissector where an invalid frame could lead to NULL-pointer dereference. This could be used by an attacker to crash wireshark by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2018-49
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172
+ https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=b2bbd9fdf209911d94b23cc33f4daccbceb7fa8a
Notes
CVE-2018-18226 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the Steam IHS Discovery dissector where dynamically allocated memory was not properly freed on exception. This could be used by an attacker to crash wireshark by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2018-48
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15171
+ https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=6e920ddc3cad2886ef07ca1a8e50e2a5c50986f7
Notes
CVE-2018-18227 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Denial of service
Description
+ A flaw has been discovered in wireshark >= 2.6.0 and < 2.6.4 in the MS-WSP dissector where an invalid type could lead to an assertion failure. This could be used by an attacker to crash wireshark by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
References
+ https://www.wireshark.org/security/wnpa-sec-2018-47
+ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15119
+ https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=536fb9403a5f6bcc060aaa2a1f35d8d0225bb1fd
Notes
CVE-2018-18284 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Sandbox escape
Description
+ Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
References
+ https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8d19fdf63f91f50466b08f23e2d93d37a4c5ea0b
+ https://www.openwall.com/lists/oss-security/2018/10/16/2
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1696
+ https://bugs.ghostscript.com/show_bug.cgi?id=699963
Notes
CVE-2018-18310 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
References
+ https://sourceware.org/bugzilla/show_bug.cgi?id=23752
+ https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html
Notes