admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-08-23 15:07:18 -04:00
parent adda57ca05
commit 08c287d7a3
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 309 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2003/1xxx/CVE-2003-1605.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1605",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://curl.haxx.se/docs/CVE-2003-1605.html",
"refsource" : "MISC",
"url" : "https://curl.haxx.se/docs/CVE-2003-1605.html"
},
{
"name" : "8432",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/8432"
}
]
}

9
2018/14xxx/CVE-2018-14786.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "The following versions of Alaris Plus, medical syringe pumps, Models Alaris GS, Alaris GH, Alaris CC, and Alaris TIVA Versions 2.3.6 and prior, are affected by an improper authentication vulnerability where The software does not perform authentication for functionality that requires a provable user identity, where it may allow a remote attacker to gain unauthorized access to various Alaris Syringe pumps and impact the intended operation of the pump when it is connected to a terminal server via the serial port."
"value" : "Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps (models Alaris GS, Alaris GH, Alaris CC, and Alaris TIVA) versions 2.3.6 and prior are affected by an improper authentication vulnerability where the software does not perform authentication for functionality that requires a provable user identity, where it may allow a remote attacker to gain unauthorized access to various Alaris Syringe pumps and impact the intended operation of the pump when it is connected to a terminal server via the serial port."
}
]
},
@ -54,7 +54,14 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-235-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-235-01"
},
{
"name" : "http://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletin-for-various-alaris-plus-syringe-pumps-sold-and-in-use-outside-the-united-states",
"refsource" : "CONFIRM",
"url" : "http://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletin-for-various-alaris-plus-syringe-pumps-sold-and-in-use-outside-the-united-states"
}
]
}

2
2018/14xxx/CVE-2018-14791.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01"
}
]

2
2018/14xxx/CVE-2018-14797.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-228-01"
}
]

18
2018/15xxx/CVE-2018-15806.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15806",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

60
2018/1xxx/CVE-2018-1156.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "vulnreport@tenable.com",
"DATE_PUBLIC" : "2018-08-22T00:00:00",
"ID" : "CVE-2018-1156",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.tenable.com/security/research/tra-2018-21",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2018-21"
},
{
"name" : "https://mikrotik.com/download/changelogs",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs"
},
{
"name" : "https://mikrotik.com/download/changelogs/bugfix-release-tree",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs/bugfix-release-tree"
}
]
}

60
2018/1xxx/CVE-2018-1157.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "vulnreport@tenable.com",
"DATE_PUBLIC" : "2018-08-22T00:00:00",
"ID" : "CVE-2018-1157",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.tenable.com/security/research/tra-2018-21",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2018-21"
},
{
"name" : "https://mikrotik.com/download/changelogs",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs"
},
{
"name" : "https://mikrotik.com/download/changelogs/bugfix-release-tree",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs/bugfix-release-tree"
}
]
}

60
2018/1xxx/CVE-2018-1158.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "vulnreport@tenable.com",
"DATE_PUBLIC" : "2018-08-22T00:00:00",
"ID" : "CVE-2018-1158",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.tenable.com/security/research/tra-2018-21",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2018-21"
},
{
"name" : "https://mikrotik.com/download/changelogs",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs"
},
{
"name" : "https://mikrotik.com/download/changelogs/bugfix-release-tree",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs/bugfix-release-tree"
}
]
}

60
2018/1xxx/CVE-2018-1159.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "vulnreport@tenable.com",
"DATE_PUBLIC" : "2018-08-22T00:00:00",
"ID" : "CVE-2018-1159",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory corruption vulnerability. An authenticated remote attacker can crash the HTTP server by rapidly authenticating and disconnecting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.tenable.com/security/research/tra-2018-21",
"refsource" : "MISC",
"url" : "https://www.tenable.com/security/research/tra-2018-21"
},
{
"name" : "https://mikrotik.com/download/changelogs",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs"
},
{
"name" : "https://mikrotik.com/download/changelogs/bugfix-release-tree",
"refsource" : "CONFIRM",
"url" : "https://mikrotik.com/download/changelogs/bugfix-release-tree"
}
]
}