admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-10-29 14:05:15 -04:00
parent 5efab3124e
commit 06764e0436
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
20 changed files with 139 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
2017/18xxx/CVE-2017-18281.json
View File

@ -60,4 +60,3 @@
]
}
}

176
2018/0xxx/CVE-2018-0735.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2018-10-29",
"ID": "CVE-2018-0735",
"STATE": "PUBLIC",
"TITLE": "Timing attack against ECDSA signature generation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"version": {
"version_data": [
{
"version_value": "Fixed in OpenSSL 1.1.0j-dev (Affected 1.1.0-1.1.0i)"
},
{
"version_value": "Fixed in OpenSSL 1.1.1a-dev (Affected 1.1.1)"
}
]
}
}
]
},
"vendor_name": "OpenSSL"
}
"CVE_data_meta" : {
"ASSIGNER" : "openssl-security@openssl.org",
"DATE_PUBLIC" : "2018-10-29",
"ID" : "CVE-2018-0735",
"STATE" : "PUBLIC",
"TITLE" : "Timing attack against ECDSA signature generation"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "OpenSSL",
"version" : {
"version_data" : [
{
"version_value" : "Fixed in OpenSSL 1.1.0j-dev (Affected 1.1.0-1.1.0i)"
},
{
"version_value" : "Fixed in OpenSSL 1.1.1a-dev (Affected 1.1.1)"
}
]
}
}
]
},
"vendor_name" : "OpenSSL"
}
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Samuel Weiser"
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j-dev (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a-dev (Affected 1.1.1)."
}
]
},
"impact" : [
{
"lang" : "eng",
"url" : "https://www.openssl.org/policies/secpolicy.html#Low",
"value" : "Low"
}
],
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Constant time issue"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Samuel Weiser"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j-dev (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a-dev (Affected 1.1.1)."
}
]
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Constant time issue"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20181029.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20181029.txt"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=56fb454d281a023b3f950d969693553d3f3ceea1",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=56fb454d281a023b3f950d969693553d3f3ceea1"
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4"
}
]
}
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=56fb454d281a023b3f950d969693553d3f3ceea1",
"refsource" : "CONFIRM",
"url" : "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=56fb454d281a023b3f950d969693553d3f3ceea1"
},
{
"name" : "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4",
"refsource" : "CONFIRM",
"url" : "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4"
},
{
"name" : "https://www.openssl.org/news/secadv/20181029.txt",
"refsource" : "CONFIRM",
"url" : "https://www.openssl.org/news/secadv/20181029.txt"
}
]
}
}

1
2018/11xxx/CVE-2018-11856.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11857.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11861.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11862.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11865.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11867.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11870.json
View File

@ -60,4 +60,3 @@
]
}
}

3
2018/11xxx/CVE-2018-11871.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overwrite can happen in WLAN function while processing set pdev paramter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016."
"value" : "Buffer overwrite can happen in WLAN function while processing set pdev paramter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016."
}
]
},
@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11872.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11873.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11874.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11876.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11879.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11880.json
View File

@ -60,4 +60,3 @@
]
}
}

1
2018/11xxx/CVE-2018-11882.json
View File

@ -60,4 +60,3 @@
]
}
}

2
2018/17xxx/CVE-2018-17908.json
View File

@ -53,6 +53,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02"
}
]

2
2018/17xxx/CVE-2018-17910.json
View File

@ -53,6 +53,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-298-02"
}
]

48
2018/18xxx/CVE-2018-18387.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18387",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/TheeBlind/CVE-2018-18387",
"refsource" : "MISC",
"url" : "https://github.com/TheeBlind/CVE-2018-18387"
}
]
}