The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MWG

OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
systemd: buffer overflow via D-Bus Message
An attacker can trigger a buffer overflow via D-Bus Message of systemd, in order to trigger a denial of service, and possibly to run code...
CVE-2019-6454, DLA-1684-1, DSA-4393-1, openSUSE-SU-2019:0255-1, openSUSE-SU-2019:0268-1, openSUSE-SU-2019:1450-1, RHSA-2019:0368-01, RHSA-2019:1322-01, RHSA-2019:1502-01, RHSA-2019:2805-01, SB10278, SUSE-SU-2019:0424-1, SUSE-SU-2019:0425-1, SUSE-SU-2019:0426-1, SUSE-SU-2019:0428-1, SUSE-SU-2019:1265-1, SUSE-SU-2019:1364-1, SUSE-SU-2019:1364-2, USN-3891-1, VIGILANCE-VUL-28537
RHEL 7: assertion error via Bind Debug Log Level
An attacker can force an assertion error via Bind Debug Log Level of RHEL 7, in order to trigger a denial of service...
CVE-2018-5742, RHBUG-1655844, RHSA-2019:0194-01, SB10278, VIGILANCE-VUL-28403
Python: NULL pointer dereference via _get_crl_dp
An attacker can force a NULL pointer to be dereferenced via _get_crl_dp() of Python, in order to trigger a denial of service...
35746, bulletinjul2019, CVE-2019-5010, DLA-1663-1, DLA-1834-1, DLA-2280-1, FEDORA-2019-00870e8bfc, openSUSE-SU-2019:0155-1, openSUSE-SU-2019:0184-1, openSUSE-SU-2019:0292-1, openSUSE-SU-2020:0086-1, RHSA-2019:2030-01, RHSA-2019:3520-01, RHSA-2019:3725-01, SSA:2019-062-01, SUSE-SU-2019:0215-1, SUSE-SU-2019:0223-1, SUSE-SU-2019:0243-1, SUSE-SU-2019:0271-1, SUSE-SU-2019:0482-1, SUSE-SU-2019:0482-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, SUSE-SU-2020:0302-1, TALOS-2019-0758, USN-4127-1, USN-4127-2, VIGILANCE-VUL-28358
McAfee Web Gateway: denial of service via Proxy Component
An attacker can trigger a fatal error via Proxy Component of McAfee Web Gateway, in order to trigger a denial of service...
CVE-2019-3581, SB10264, VIGILANCE-VUL-28194
tcpdump: out-of-bounds memory reading via print_prefix
An attacker can force a read at an invalid address via print_prefix() of tcpdump, in order to trigger a denial of service, or to obtain sensitive information...
763, bulletinjul2019, CVE-2018-19519, CVE-2019-1010220, FEDORA-2019-6db0d5b9d9, FEDORA-2019-85d92df70f, FEDORA-2019-d06bc63433, openSUSE-SU-2018:4144-1, openSUSE-SU-2018:4252-1, openSUSE-SU-2019:1964-1, openSUSE-SU-2019:2344-1, openSUSE-SU-2019:2348-1, RHSA-2019:3976-01, RHSA-2020:1604-01, SUSE-SU-2018:4131-1, SUSE-SU-2018:4149-1, SUSE-SU-2019:2087-1, SUSE-SU-2019:2088-1, SUSE-SU-2019:2674-1, USN-4252-1, USN-4252-2, VIGILANCE-VUL-28029
PolicyKit: privilege escalation via INT_MAX uid
An attacker can bypass restrictions via INT_MAX uid of PolicyKit, in order to escalate his privileges...
bulletinjan2019, CVE-2018-19788, DLA-1644-1, DSA-4350-1, FEDORA-2018-2f8696869e, openSUSE-SU-2018:4282-1, openSUSE-SU-2019:0010-1, RHSA-2019:2046-01, RHSA-2019:3232-01, SUSE-SU-2019:0015-1, SUSE-SU-2019:0019-1, SUSE-SU-2019:0019-2, USN-3861-1, USN-3861-2, VIGILANCE-VUL-27980
Perl Core: integer overflow via Perl_my_setenv
An attacker can generate an integer overflow via Perl_my_setenv() of Perl Core, in order to trigger a denial of service, and possibly to run code...
133204, bulletinjan2019, cpujul2019, cpujul2020, CVE-2018-18311, DLA-1601-1, DSA-4347-1, FEDORA-2018-9dbe983805, FEDORA-2018-ca03363d57, HT209600, NTAP-20190221-0003, openSUSE-SU-2018:4258-1, RHSA-2019:0001-01, RHSA-2019:0010-01, RHSA-2019:0109-01, RHSA-2019:1790-01, RHSA-2019:1942-01, RHSA-2019:2400-01, SB10276, SB10278, SUSE-SU-2018:4187-1, SUSE-SU-2019:2264-1, USN-3834-1, USN-3834-2, VIGILANCE-VUL-27916
systemd: code execution via unit_deserialize
An attacker can use a vulnerability via unit_deserialize() of systemd, in order to run code...
CVE-2018-15686, DLA-1580-1, openSUSE-SU-2018:3695-1, openSUSE-SU-2018:3803-1, RHSA-2019:2091-01, RHSA-2019:3222-01, RHSA-2020:0593-01, RHSA-2020:1264-01, SUSE-SU-2018:3644-1, SUSE-SU-2018:3767-1, SUSE-SU-2018:3767-2, SUSE-SU-2019:0053-1, SUSE-SU-2019:0054-1, SUSE-SU-2019:0054-2, USN-3816-1, USN-3816-2, USN-3816-3, VIGILANCE-VUL-27716
Ruby: code execution via Unpropagaded Tainted Flags
An attacker can use a vulnerability via Unpropagaded Tainted Flags of Ruby, in order to run code...
bulletinjan2019, CVE-2018-16396, DLA-1558-1, DSA-4332-1, FEDORA-2018-319b9d0f68, openSUSE-SU-2019:1771-1, RHSA-2018:3729-01, RHSA-2018:3730-01, RHSA-2018:3731-01, RHSA-2019:2028-01, RHSA-2020:2769-01, RHSA-2020:2839-01, SUSE-SU-2019:1804-1, SUSE-SU-2020:1570-1, USN-3808-1, VIGILANCE-VUL-27629
Our database contains other pages. You can request a free trial to read them.

Display information about MWG: