admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 19:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-08-15 13:04:25 -04:00
parent 4576367256
commit 17b559f6ff
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
79 changed files with 1254 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2018/0xxx/CVE-2018-0952.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-0952" "ID" : "CVE-2018-0952",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -99,7 +100,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka \"Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. " "value" : "An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka \"Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers."
} }
] ]
}, },
@ -118,6 +119,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0952"
} }
] ]

48
2018/10xxx/CVE-2018-10369.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10369", "ID" : "CVE-2018-10369",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://medium.com/@julianpedrobraga/router-hacking-destrinchando-o-elo-mais-fraco-de-uma-rede-4d0e7fcfbd9e",
"refsource" : "MISC",
"url" : "https://medium.com/@julianpedrobraga/router-hacking-destrinchando-o-elo-mais-fraco-de-uma-rede-4d0e7fcfbd9e"
} }
] ]
} }

137
2018/10xxx/CVE-2018-10917.json
View File

@ -1,71 +1,72 @@
{ {
"impact": { "CVE_data_meta" : {
"cvss": [ "ASSIGNER" : "lpardo@redhat.com",
[ "ID" : "CVE-2018-10917",
{ "STATE" : "PUBLIC"
"vectorString": "6.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", },
"version": "3.0" "affects" : {
} "vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "pulp",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "6.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-22"
}
] ]
] }
}, ]
"description": { },
"description_data": [ "references" : {
{ "reference_data" : [
"lang": "eng", {
"value": "pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the apache user. This may lead to overwrite of published content on other iso repositories." "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10917",
} "refsource" : "CONFIRM",
] "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10917"
}, }
"data_type": "CVE", ]
"affects": { }
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
},
"product_name": "pulp"
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10917",
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10917"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-10917",
"ASSIGNER": "lpardo@redhat.com"
}
} }

48
2018/11xxx/CVE-2018-11687.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11687", "ID" : "CVE-2018-11687",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red (BTCR), an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address[] array, as exploited in the wild in May 2018, aka the \"ownerUnderflow\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.anquanke.com/post/id/147913",
"refsource" : "MISC",
"url" : "https://www.anquanke.com/post/id/147913"
} }
] ]
} }

48
2018/12xxx/CVE-2018-12056.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12056", "ID" : "CVE-2018-12056",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "The maxRandom function of a smart contract implementation for All For One, an Ethereum gambling game, generates a random value with publicly readable variables because the _seed value can be retrieved with a getStorageAt call. Therefore, it allows attackers to always win and get rewards."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40",
"refsource" : "MISC",
"url" : "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40"
} }
] ]
} }

10
2018/12xxx/CVE-2018-12584.json
View File

@ -52,6 +52,11 @@
}, },
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{
"name" : "20180808 [CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2018/Aug/14"
},
{ {
"name" : "45174", "name" : "45174",
"refsource" : "EXPLOIT-DB", "refsource" : "EXPLOIT-DB",
@ -67,6 +72,11 @@
"refsource" : "MISC", "refsource" : "MISC",
"url" : "http://joachimdezutter.webredirect.org/advisory.html" "url" : "http://joachimdezutter.webredirect.org/advisory.html"
}, },
{
"name" : "https://packetstormsecurity.com/files/148856/reSIProcate-1.10.2-Heap-Overflow.html",
"refsource" : "MISC",
"url" : "https://packetstormsecurity.com/files/148856/reSIProcate-1.10.2-Heap-Overflow.html"
},
{ {
"name" : "https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608", "name" : "https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608",
"refsource" : "CONFIRM", "refsource" : "CONFIRM",

5
2018/15xxx/CVE-2018-15137.json
View File

@ -52,6 +52,11 @@
}, },
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{
"name" : "45021",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45021/"
},
{ {
"name" : "https://github.com/safakaslan/CelaLinkCLRM20/issues/1", "name" : "https://github.com/safakaslan/CelaLinkCLRM20/issues/1",
"refsource" : "MISC", "refsource" : "MISC",

48
2018/15xxx/CVE-2018-15138.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15138", "ID" : "CVE-2018-15138",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "45167",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45167/"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15146.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15146", "ID" : "CVE-2018-15146",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/de_identification_forms/find_immunization_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15147.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15147", "ID" : "CVE-2018-15147",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/forms_admin/forms_admin.php from library/registry.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'id' parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15148.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15148", "ID" : "CVE-2018-15148",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/patient_file/encounter/search_code.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'text' parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15149.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15149", "ID" : "CVE-2018-15149",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/forms/eye_mag/php/Anything_simple.php from library/forms.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'encounter' parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15150.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15150", "ID" : "CVE-2018-15150",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/de_identification_forms/de_identification_screen2.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'temporary_files_dir' variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15151.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15151", "ID" : "CVE-2018-15151",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15152.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15152", "ID" : "CVE-2018-15152",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1758/files",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1758/files"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

68
2018/15xxx/CVE-2018-15153.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15153", "ID" : "CVE-2018-15153",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,48 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the \"hylafax_server\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "45161",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45161/"
},
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15154.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15154", "ID" : "CVE-2018-15154",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/billing/sl_eob_search.php after modifying the \"print_command\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15155.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15155", "ID" : "CVE-2018-15155",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/fax_dispatch.php after modifying the \"hylafax_enscript\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

63
2018/15xxx/CVE-2018-15156.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15156", "ID" : "CVE-2018-15156",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the \"hylafax_server\" global variable in interface/super/edit_globals.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://insecurity.sh/reports/openemr.pdf",
"refsource" : "MISC",
"url" : "https://insecurity.sh/reports/openemr.pdf"
},
{
"name" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/",
"refsource" : "MISC",
"url" : "https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/"
},
{
"name" : "https://github.com/openemr/openemr/pull/1757",
"refsource" : "CONFIRM",
"url" : "https://github.com/openemr/openemr/pull/1757"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"refsource" : "CONFIRM",
"url" : "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
} }
] ]
} }

48
2018/15xxx/CVE-2018-15172.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15172", "ID" : "CVE-2018-15172",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://hackingvila.wordpress.com/2018/08/08/tp-link-buffer-overflow-via-a-long-authorization-http-header-cve-2018-15172/",
"refsource" : "MISC",
"url" : "https://hackingvila.wordpress.com/2018/08/08/tp-link-buffer-overflow-via-a-long-authorization-http-header-cve-2018-15172/"
} }
] ]
} }

5
2018/8xxx/CVE-2018-8200.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8200" "ID" : "CVE-2018-8200",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -102,6 +103,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8200"
} }
] ]

5
2018/8xxx/CVE-2018-8204.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8204" "ID" : "CVE-2018-8204",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -102,6 +103,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8204",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8204" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8204"
} }
] ]

7
2018/8xxx/CVE-2018-8253.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8253" "ID" : "CVE-2018-8253",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -46,7 +47,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka \"Microsoft Cortana Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10. " "value" : "An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka \"Microsoft Cortana Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10."
} }
] ]
}, },
@ -65,6 +66,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8253",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8253" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8253"
} }
] ]

5
2018/8xxx/CVE-2018-8266.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8266" "ID" : "CVE-2018-8266",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -92,6 +93,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8266"
} }
] ]

7
2018/8xxx/CVE-2018-8273.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8273" "ID" : "CVE-2018-8273",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -48,7 +49,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka \"Microsoft SQL Server Remote Code Execution Vulnerability.\" This affects Microsoft SQL Server. " "value" : "A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka \"Microsoft SQL Server Remote Code Execution Vulnerability.\" This affects Microsoft SQL Server."
} }
] ]
}, },
@ -67,6 +68,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8273"
} }
] ]

7
2018/8xxx/CVE-2018-8302.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8302" "ID" : "CVE-2018-8302",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -45,7 +46,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \"Microsoft Exchange Memory Corruption Vulnerability.\" This affects Microsoft Exchange Server. " "value" : "A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka \"Microsoft Exchange Memory Corruption Vulnerability.\" This affects Microsoft Exchange Server."
} }
] ]
}, },
@ -64,6 +65,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302"
} }
] ]

7
2018/8xxx/CVE-2018-8316.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8316" "ID" : "CVE-2018-8316",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -94,7 +95,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka \"Internet Explorer Remote Code Execution Vulnerability.\" This affects Internet Explorer 11, Internet Explorer 10. " "value" : "A remote code execution vulnerability exists when Internet Explorer improperly validates hyperlinks before loading executable libraries, aka \"Internet Explorer Remote Code Execution Vulnerability.\" This affects Internet Explorer 11, Internet Explorer 10."
} }
] ]
}, },
@ -113,6 +114,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8316",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8316" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8316"
} }
] ]

7
2018/8xxx/CVE-2018-8339.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8339" "ID" : "CVE-2018-8339",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -177,7 +178,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior, aka \"Windows Installer Elevation of Privilege Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. " "value" : "An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior, aka \"Windows Installer Elevation of Privilege Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers."
} }
] ]
}, },
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8339",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8339" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8339"
} }
] ]

7
2018/8xxx/CVE-2018-8340.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8340" "ID" : "CVE-2018-8340",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -56,7 +57,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka \"AD FS Security Feature Bypass Vulnerability.\" This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers. " "value" : "A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka \"AD FS Security Feature Bypass Vulnerability.\" This affects Windows Server 2016, Windows Server 2012 R2, Windows 10 Servers."
} }
] ]
}, },
@ -75,6 +76,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8340",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8340" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8340"
} }
] ]

5
2018/8xxx/CVE-2018-8341.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8341" "ID" : "CVE-2018-8341",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -174,6 +175,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8341",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8341" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8341"
} }
] ]

5
2018/8xxx/CVE-2018-8342.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8342" "ID" : "CVE-2018-8342",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -71,6 +72,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8342",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8342" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8342"
} }
] ]

5
2018/8xxx/CVE-2018-8343.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8343" "ID" : "CVE-2018-8343",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -174,6 +175,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8343",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8343" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8343"
} }
] ]

7
2018/8xxx/CVE-2018-8344.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8344" "ID" : "CVE-2018-8344",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -177,7 +178,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. " "value" : "A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka \"Microsoft Graphics Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers."
} }
] ]
}, },
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8344",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8344" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8344"
} }
] ]

5
2018/8xxx/CVE-2018-8345.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8345" "ID" : "CVE-2018-8345",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8345"
} }
] ]

5
2018/8xxx/CVE-2018-8346.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8346" "ID" : "CVE-2018-8346",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -93,6 +94,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8346",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8346" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8346"
} }
] ]

7
2018/8xxx/CVE-2018-8347.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8347" "ID" : "CVE-2018-8347",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -77,7 +78,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka \"Windows Kernel Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers. " "value" : "An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka \"Windows Kernel Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers."
} }
] ]
}, },
@ -96,6 +97,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8347",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8347" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8347"
} }
] ]

5
2018/8xxx/CVE-2018-8348.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8348" "ID" : "CVE-2018-8348",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8348",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8348" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8348"
} }
] ]

7
2018/8xxx/CVE-2018-8349.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8349" "ID" : "CVE-2018-8349",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -177,7 +178,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka \"Microsoft COM for Windows Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. " "value" : "A remote code execution vulnerability exists in \"Microsoft COM for Windows\" when it fails to properly handle serialized objects, aka \"Microsoft COM for Windows Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers."
} }
] ]
}, },
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8349"
} }
] ]

7
2018/8xxx/CVE-2018-8350.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8350" "ID" : "CVE-2018-8350",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -61,7 +62,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka \"Windows PDF Remote Code Execution Vulnerability.\" This affects Windows 10 Servers, Windows 10. " "value" : "A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka \"Windows PDF Remote Code Execution Vulnerability.\" This affects Windows 10 Servers, Windows 10."
} }
] ]
}, },
@ -80,6 +81,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8350",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8350" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8350"
} }
] ]

7
2018/8xxx/CVE-2018-8351.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8351" "ID" : "CVE-2018-8351",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -113,7 +114,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka \"Microsoft Browser Information Disclosure Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. " "value" : "An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka \"Microsoft Browser Information Disclosure Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10."
} }
] ]
}, },
@ -132,6 +133,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8351",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8351" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8351"
} }
] ]

5
2018/8xxx/CVE-2018-8353.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8353" "ID" : "CVE-2018-8353",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -126,6 +127,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8353",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8353" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8353"
} }
] ]

5
2018/8xxx/CVE-2018-8355.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8355" "ID" : "CVE-2018-8355",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -153,6 +154,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8355"
} }
] ]

7
2018/8xxx/CVE-2018-8357.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8357" "ID" : "CVE-2018-8357",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -103,7 +104,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka \"Microsoft Browser Elevation of Privilege Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge. " "value" : "An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka \"Microsoft Browser Elevation of Privilege Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge."
} }
] ]
}, },
@ -122,6 +123,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8357"
} }
] ]

7
2018/8xxx/CVE-2018-8358.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8358" "ID" : "CVE-2018-8358",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -39,7 +40,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka \"Microsoft Edge Security Feature Bypass Vulnerability.\" This affects Microsoft Edge. " "value" : "A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka \"Microsoft Edge Security Feature Bypass Vulnerability.\" This affects Microsoft Edge."
} }
] ]
}, },
@ -58,6 +59,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8358",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8358" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8358"
} }
] ]

5
2018/8xxx/CVE-2018-8359.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8359" "ID" : "CVE-2018-8359",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -52,6 +53,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8359"
} }
] ]

7
2018/8xxx/CVE-2018-8360.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8360" "ID" : "CVE-2018-8360",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -237,7 +238,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka \".NET Framework Information Disclosure Vulnerability.\" This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2. " "value" : "An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an attacker to access information in multi-tenant environments, aka \".NET Framework Information Disclosure Vulnerability.\" This affects Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2."
} }
] ]
}, },
@ -256,6 +257,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8360"
} }
] ]

7
2018/8xxx/CVE-2018-8370.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8370" "ID" : "CVE-2018-8370",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -63,7 +64,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge. " "value" : "A information disclosure vulnerability exists when WebAudio Library improperly handles audio requests, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge."
} }
] ]
}, },
@ -82,6 +83,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8370",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8370" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8370"
} }
] ]

5
2018/8xxx/CVE-2018-8371.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8371" "ID" : "CVE-2018-8371",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -126,6 +127,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8371"
} }
] ]

5
2018/8xxx/CVE-2018-8372.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8372" "ID" : "CVE-2018-8372",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -153,6 +154,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8372"
} }
] ]

5
2018/8xxx/CVE-2018-8373.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8373" "ID" : "CVE-2018-8373",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -126,6 +127,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373"
} }
] ]

7
2018/8xxx/CVE-2018-8374.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8374" "ID" : "CVE-2018-8374",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -36,7 +37,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka \"Microsoft Exchange Server Tampering Vulnerability.\" This affects Microsoft Exchange Server. " "value" : "A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka \"Microsoft Exchange Server Tampering Vulnerability.\" This affects Microsoft Exchange Server."
} }
] ]
}, },
@ -55,6 +56,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8374",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8374" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8374"
} }
] ]

5
2018/8xxx/CVE-2018-8375.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8375" "ID" : "CVE-2018-8375",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -99,6 +100,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8375"
} }
] ]

7
2018/8xxx/CVE-2018-8376.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8376" "ID" : "CVE-2018-8376",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -36,7 +37,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft PowerPoint. " "value" : "A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka \"Microsoft PowerPoint Remote Code Execution Vulnerability.\" This affects Microsoft PowerPoint."
} }
] ]
}, },
@ -55,6 +56,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376"
} }
] ]

5
2018/8xxx/CVE-2018-8377.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8377" "ID" : "CVE-2018-8377",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -61,6 +62,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8377",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8377" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8377"
} }
] ]

7
2018/8xxx/CVE-2018-8378.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8378" "ID" : "CVE-2018-8378",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -116,7 +117,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office. " "value" : "An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka \"Microsoft Office Information Disclosure Vulnerability.\" This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office."
} }
] ]
}, },
@ -135,6 +136,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8378"
} }
] ]

5
2018/8xxx/CVE-2018-8379.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8379" "ID" : "CVE-2018-8379",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -76,6 +77,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8379"
} }
] ]

5
2018/8xxx/CVE-2018-8380.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8380" "ID" : "CVE-2018-8380",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -65,6 +66,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8380"
} }
] ]

5
2018/8xxx/CVE-2018-8381.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8381" "ID" : "CVE-2018-8381",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -92,6 +93,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8381"
} }
] ]

7
2018/8xxx/CVE-2018-8382.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8382" "ID" : "CVE-2018-8382",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -80,7 +81,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. " "value" : "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \"Microsoft Excel Information Disclosure Vulnerability.\" This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel."
} }
] ]
}, },
@ -99,6 +100,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8382"
} }
] ]

5
2018/8xxx/CVE-2018-8383.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8383" "ID" : "CVE-2018-8383",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -55,6 +56,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8383",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8383" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8383"
} }
] ]

5
2018/8xxx/CVE-2018-8384.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8384" "ID" : "CVE-2018-8384",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -52,6 +53,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8384"
} }
] ]

5
2018/8xxx/CVE-2018-8385.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8385" "ID" : "CVE-2018-8385",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -176,6 +177,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8385"
} }
] ]

5
2018/8xxx/CVE-2018-8387.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8387" "ID" : "CVE-2018-8387",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -55,6 +56,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8387",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8387" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8387"
} }
] ]

5
2018/8xxx/CVE-2018-8388.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8388" "ID" : "CVE-2018-8388",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -76,6 +77,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8388",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8388" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8388"
} }
] ]

5
2018/8xxx/CVE-2018-8389.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8389" "ID" : "CVE-2018-8389",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -126,6 +127,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8389",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8389" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8389"
} }
] ]

5
2018/8xxx/CVE-2018-8390.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8390" "ID" : "CVE-2018-8390",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -77,6 +78,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8390"
} }
] ]

5
2018/8xxx/CVE-2018-8394.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8394" "ID" : "CVE-2018-8394",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8394",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8394" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8394"
} }
] ]

5
2018/8xxx/CVE-2018-8396.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8396" "ID" : "CVE-2018-8396",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -93,6 +94,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8396",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8396" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8396"
} }
] ]

7
2018/8xxx/CVE-2018-8397.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8397" "ID" : "CVE-2018-8397",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -74,7 +75,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka \"GDI+ Remote Code Execution Vulnerability.\" This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. " "value" : "A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka \"GDI+ Remote Code Execution Vulnerability.\" This affects Windows Server 2008, Windows 7, Windows Server 2008 R2."
} }
] ]
}, },
@ -93,6 +94,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8397",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8397" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8397"
} }
] ]

5
2018/8xxx/CVE-2018-8398.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8398" "ID" : "CVE-2018-8398",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -196,6 +197,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8398",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8398" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8398"
} }
] ]

5
2018/8xxx/CVE-2018-8399.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8399" "ID" : "CVE-2018-8399",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -80,6 +81,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8399",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8399" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8399"
} }
] ]

5
2018/8xxx/CVE-2018-8400.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8400" "ID" : "CVE-2018-8400",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -74,6 +75,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8400",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8400" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8400"
} }
] ]

5
2018/8xxx/CVE-2018-8401.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8401" "ID" : "CVE-2018-8401",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -102,6 +103,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8401"
} }
] ]

7
2018/8xxx/CVE-2018-8403.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8403" "ID" : "CVE-2018-8403",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -122,7 +123,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. " "value" : "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \"Microsoft Browser Memory Corruption Vulnerability.\" This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10."
} }
] ]
}, },
@ -141,6 +142,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8403",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8403" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8403"
} }
] ]

5
2018/8xxx/CVE-2018-8404.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8404" "ID" : "CVE-2018-8404",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -164,6 +165,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8404",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8404" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8404"
} }
] ]

5
2018/8xxx/CVE-2018-8405.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8405" "ID" : "CVE-2018-8405",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -135,6 +136,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8405"
} }
] ]

5
2018/8xxx/CVE-2018-8406.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8406" "ID" : "CVE-2018-8406",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -102,6 +103,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8406"
} }
] ]

7
2018/8xxx/CVE-2018-8412.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8412" "ID" : "CVE-2018-8412",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -33,7 +34,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka \"Microsoft (MAU) Office Elevation of Privilege Vulnerability.\" This affects Microsoft Office. " "value" : "An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka \"Microsoft (MAU) Office Elevation of Privilege Vulnerability.\" This affects Microsoft Office."
} }
] ]
}, },
@ -52,6 +53,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8412",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8412" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8412"
} }
] ]

7
2018/8xxx/CVE-2018-8414.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2018-8414" "ID" : "CVE-2018-8414",
"STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
@ -61,7 +62,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka \"Windows Shell Remote Code Execution Vulnerability.\" This affects Windows 10 Servers, Windows 10. " "value" : "A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka \"Windows Shell Remote Code Execution Vulnerability.\" This affects Windows 10 Servers, Windows 10."
} }
] ]
}, },
@ -80,6 +81,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414" "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8414"
} }
] ]