admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-06-25 14:02:58 -04:00
parent 3d0208a7e7
commit 1d2abb3bcd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 212 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2018/11xxx/CVE-2018-11587.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11587",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html",
"refsource" : "CONFIRM",
"url" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html"
},
{
"name" : "https://github.com/centreon/centreon/pull/6263",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6263"
},
{
"name" : "https://github.com/centreon/centreon/releases",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/releases"
}
]
}

63
2018/11xxx/CVE-2018-11588.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11588",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html",
"refsource" : "CONFIRM",
"url" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html"
},
{
"name" : "https://github.com/centreon/centreon/pull/6259",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6259"
},
{
"name" : "https://github.com/centreon/centreon/pull/6260",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6260"
},
{
"name" : "https://github.com/centreon/centreon/releases",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/releases"
}
]
}

78
2018/11xxx/CVE-2018-11589.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11589",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,58 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html",
"refsource" : "CONFIRM",
"url" : "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.24.html"
},
{
"name" : "https://github.com/centreon/centreon/pull/6250",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6250"
},
{
"name" : "https://github.com/centreon/centreon/pull/6251",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6251"
},
{
"name" : "https://github.com/centreon/centreon/pull/6255",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6255"
},
{
"name" : "https://github.com/centreon/centreon/pull/6256",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6256"
},
{
"name" : "https://github.com/centreon/centreon/pull/6257",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/pull/6257"
},
{
"name" : "https://github.com/centreon/centreon/releases",
"refsource" : "CONFIRM",
"url" : "https://github.com/centreon/centreon/releases"
}
]
}

18
2018/12xxx/CVE-2018-12739.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12739",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2018/9xxx/CVE-2018-9163.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Recovery Manager Plus 5.3 (Build 5330) and earlier allows remote authenticated users (with Add New Technician permissions) to inject arbitrary web script or HTML via the loginName field to technicianAction.do."
"value" : "A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Recovery Manager Plus before 5.3 (Build 5350) allows remote authenticated users (with Add New Technician permissions) to inject arbitrary web script or HTML via the loginName field to technicianAction.do."
}
]
},