The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of SES

computer weakness alert CVE-2018-1000300

curl: buffer overflow via FTP Shutdown Response

Synthesis of the vulnerability

An attacker can generate a buffer overflow via FTP Shutdown Response of curl, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 16/05/2018.
Identifiers: cpujan2019, cpuoct2018, CVE-2018-1000300, FEDORA-2018-9dc7338487, FEDORA-2018-fa01002d7e, openSUSE-SU-2018:1624-1, SSA:2018-136-01, STORM-2019-002, USN-3648-1, VIGILANCE-VUL-26142.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via FTP Shutdown Response of curl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2018-1000122

curl: out-of-bounds memory reading via RTSP RTP

Synthesis of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000122, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25547.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via RTSP RTP of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-1000121

curl: NULL pointer dereference via LDAP URL

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000121, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25546.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via LDAP URL of curl, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2018-1000120

curl: memory corruption via FTP URL

Synthesis of the vulnerability

An attacker can generate a memory corruption via FTP URL of curl, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 14/03/2018.
Identifiers: bulletinapr2018, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1000120, DLA-1309-1, DSA-2019-114, DSA-4136-1, FEDORA-2018-66c96e0024, FEDORA-2018-8877b4ccac, JSA10874, openSUSE-SU-2018:0794-1, RHSA-2018:3157-01, RHSA-2018:3558-01, SSA:2018-074-01, STORM-2019-002, SUSE-SU-2018:1323-1, USN-3598-1, USN-3598-2, VIGILANCE-VUL-25545.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via FTP URL of curl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2017-8816 CVE-2017-8817 CVE-2017-8818

curl: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of curl.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/11/2017.
Identifiers: bulletinapr2018, bulletinoct2018, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, DLA-1195-1, DSA-4051-1, FEDORA-2017-0c062324cd, FEDORA-2017-45bdf4dace, HT208465, HT208692, JSA10874, openSUSE-SU-2018:0161-1, RHSA-2018:3558-01, STORM-2019-002, USN-3498-1, USN-3498-2, VIGILANCE-VUL-24564.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of curl.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-1000254

curl: out-of-bounds memory reading via FTP PWD

Synthesis of the vulnerability

An attacker can force a read at an invalid address via FTP PWD of curl, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 04/10/2017.
Identifiers: 2011879, bulletinapr2018, CVE-2017-1000254, DLA-1121-1, DSA-2019-114, DSA-3992-1, FEDORA-2017-601b4c20a4, HT208331, HT208394, JSA10874, K-511316, openSUSE-SU-2017:2880-1, RHSA-2018:3558-01, SSA:2017-279-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-24018.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via FTP PWD of curl, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101

curl: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of curl.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/08/2017.
Identifiers: 2011879, bulletinapr2018, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, DLA-1062-1, DSA-2019-114, DSA-3992-1, FEDORA-2017-f1ffd18079, FEDORA-2017-f2df9d7772, HT208221, JSA10874, K-511316, openSUSE-SU-2017:2205-1, RHSA-2018:3558-01, SSA:2017-221-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-23481.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in curl.

An attacker can force a read at an invalid address via Globbing, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000101]

An attacker can generate a buffer overflow via TFTP, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2017-1000100]

An attacker can force a read at an invalid address via FILE, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000099]
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2017-7679

Apache httpd: out-of-bounds memory reading via mod_mime

Synthesis of the vulnerability

An attacker can force a read at an invalid address via mod_mime of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, cpuoct2017, CVE-2017-7679, DLA-1009-1, DSA-2019-131, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K75429050, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23004.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via mod_mime of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer threat CVE-2017-7668

Apache httpd: out-of-bounds memory reading via ap_find_token

Synthesis of the vulnerability

An attacker can force a read at an invalid address via ap_find_token() of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Severity: 2/4.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-7668, DLA-1009-1, DSA-2019-131, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23003.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a read at an invalid address via ap_find_token() of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2017-3169

Apache httpd: NULL pointer dereference via mod_ssl

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_ssl of Apache httpd, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 20/06/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-3169, DLA-1009-1, DSA-2019-131, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K83043359, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23001.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via mod_ssl of Apache httpd, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about SES: