admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'DWF-2018-04-06-01' of https://github.com/distributedweaknessfiling/cvelist into distributedweaknessfiling-DWF-2018-04-06-01

Browse Source
This commit is contained in:
CVE Team 2018-04-18 13:33:34 -04:00
commit 1ca20bfe5d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
10 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
2018/1000xxx/CVE-2018-1000158.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.581628", "DATE_REQUESTED": "2018-03-25T05:34:09", "ID": "CVE-2018-1000158", "REQUESTER": "me@spoock.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "cmsmadesimple", "version": { "version_data": [ { "version_value": "2.2.7" } ] } } ] }, "vendor_name": "cmsmadesimple" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line \"$url = $config['admin_url'] . '/login.php?recoverme=' . $code;\" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker controlled server can be created by using a host header attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Incorrect Access Control" } ] } ] }, "references": { "reference_data": [ { "url": "http://dev.cmsmadesimple.org/bug/view/11762" } ] } }

1
2018/1000xxx/CVE-2018-1000159.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.582381", "DATE_REQUESTED": "2018-03-27T07:54:48", "ID": "CVE-2018-1000159", "REQUESTER": "hkario@redhat.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "tlslite-ng", "version": { "version_data": [ { "version_value": "0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233" } ] } } ] }, "vendor_name": "tlslite-ng" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line \"end_pos = data_len - 1 - mac.digest_size\" that can result in Attacker can manipulate the TLS ciphertext and it won't be detected by receiving tlslite-ng. This attack appear to be exploitable via man in the middle on a network connection. This vulnerability appears to have been fixed in after commit 3674815d1b0f7484454995e2737a352e0a6a93d8." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354: Improper Validation of Integrity Check Value" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/tomato42/tlslite-ng/pull/234" } ] } }

1
2018/1000xxx/CVE-2018-1000160.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.582922", "DATE_REQUESTED": "2018-03-27T11:32:41", "ID": "CVE-2018-1000160", "REQUESTER": "cianmce@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "protect", "version": { "version_data": [ { "version_value": "1.2.0 and earlier" } ] } } ] }, "vendor_name": "RisingStack" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in isXss() function in lib/rules/xss.js that can result in dangerous XSS strings will be validated as safe. This attack appear to be exploitable via A number of XSS strings(26) detailed in the GitHub issue #16." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/RisingStack/protect/issues/16" }, { "url": "http://embed.plnkr.co/xHbhB29JWWyMUMeHsLrm" }, { "url": "https://github.com/RisingStack/protect/blob/60b0c91e86686d34e5202419ce9ae7e8dc08edcd/lib/rules/xss.js#L4-L13" } ] } }

1
2018/1000xxx/CVE-2018-1000161.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.583532", "DATE_REQUESTED": "2018-03-27T14:18:58", "ID": "CVE-2018-1000161", "REQUESTER": "ocve@wolke7.net" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "nmap", "version": { "version_data": [ { "version_value": "6.49BETA6 through 7.60, up to and including SVN revision 37147" } ] } } ] }, "vendor_name": "nmap" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user running it. This attack appear to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Directory Traversal" } ] } ] }, "references": { "reference_data": [ { "url": "https://nmap.org/changelog.html" } ] } }

1
2018/1000xxx/CVE-2018-1000162.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.584701", "DATE_REQUESTED": "2018-03-29T08:35:18", "ID": "CVE-2018-1000162", "REQUESTER": "aidantwoods+dwf@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Parsedown", "version": { "version_data": [ { "version_value": "prior to version 1.7.0" } ] } } ] }, "vendor_name": "parsedown" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) vulnerability in `setMarkupEscaped` for escaping HTML that can result in JavaScript code execution. This attack appear to be exploitable via specially crafted markdown that allows it to side step HTML escaping by breaking AST boundaries. This vulnerability appears to have been fixed in 1.7.0 and later." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/Roave/SecurityAdvisories/issues/44#issuecomment-368594409" }, { "url": "https://github.com/erusev/parsedown/pull/495" } ] } }

1
2018/1000xxx/CVE-2018-1000163.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.585891", "DATE_REQUESTED": "2018-03-30T10:21:08", "ID": "CVE-2018-1000163", "REQUESTER": "f3i@t00ls.net" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Floodlight", "version": { "version_data": [ { "version_value": "1.2 and earlier" } ] } } ] }, "vendor_name": "Floodlight" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appear to be exploitable via the victim browses the web console ." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross Site Scripting (XSS)" } ] } ] }, "references": { "reference_data": [ { "url": "https://xiaofen9.github.io/blog/floodlight-rce/" } ] } }

1
2018/1000xxx/CVE-2018-1000164.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.586462", "DATE_REQUESTED": "2018-04-02T14:16:16", "ID": "CVE-2018-1000164", "REQUESTER": "everardo.padilla.saca@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "gunicorn", "version": { "version_data": [ { "version_value": "19.4.5" } ] } } ] }, "vendor_name": "gunicorn" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in \"process_headers\" function in \"gunicorn/http/wsgi.py\" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers" } ] } ] }, "references": { "reference_data": [ { "url": "https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5" }, { "url": "https://github.com/benoitc/gunicorn/issues/1227" } ] } }

1
2018/1000xxx/CVE-2018-1000165.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.587150", "DATE_REQUESTED": "2018-04-04T02:32:08", "ID": "CVE-2018-1000165", "REQUESTER": "tmilos@gmail.com" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "LightSAML", "version": { "version_data": [ { "version_value": "prior to 1.3.5" } ] } } ] }, "vendor_name": "lightsaml" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from Identity Provider. This vulnerability appears to have been fixed in 1.3.5 and later." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Incorrect Access Control" } ] } ] }, "references": { "reference_data": [ { "url": "https://github.com/lightSAML/lightSAML/commit/47cef07bb09779df15620799f3763d1b8d32307a" }, { "url": "https://github.com/lightSAML/lightSAML/releases/tag/1.3.5" } ] } }

21
2018/1000xxx/CVE-2018-1000166.json Normal file
View File

@ -0,0 +1,21 @@
{
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2018-04-06T14:09:26.587732",
"DATE_REQUESTED": "2018-04-04T22:05:38",
"ID": "CVE-2018-1000166",
"REQUESTER": "sfowler@redhat.com",
"STATE": "REJECT"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-3848 and CVE-2018-3849. Reason: This candidate is a reservation duplicate of CVE-2018-3848and CVE-2018-3849. Notes: All CVE users should reference CVE-2018-3848 and CVE-2018-3849 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

1
2018/1000xxx/CVE-2018-1000167.json Normal file
View File

@ -0,0 +1 @@
{ "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org", "DATE_ASSIGNED": "2018-04-06T14:09:26.588266", "DATE_REQUESTED": "2018-04-06T05:44:27", "ID": "CVE-2018-1000167", "REQUESTER": "sec@feedyourhead.at" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "suricata-update", "version": { "version_data": [ { "version_value": "1.0.0a1" } ] } } ] }, "vendor_name": "OISF" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OISF suricata-update version 1.0.0a1 contains a Insecure Deserialization vulnerability in the insecure yaml.load-Function was used at the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The \"list-sources\"-command is affected by this bug. that can result in Remote Code Execution(even as root if suricata-update is called by root). This attack appear to be exploitable via A special crafted yaml-file at https://www.openinfosecfoundation.org/rules/index.yaml. This vulnerability appears to have been fixed in 1.0.0b1." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Insecure Deserialization" } ] } ] }, "references": { "reference_data": [ { "url": "https://tech.feedyourhead.at/content/remote-code-execution-in-suricata-update" }, { "url": "https://redmine.openinfosecfoundation.org/issues/2359" } ] } }