From 1e50f01d36f5184554767386d7dcdc8ce079ea51 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Mar 2018 15:03:36 -0500 Subject: [PATCH] - Synchronized data. --- 2014/7xxx/CVE-2014-7271.json | 67 +++++++++++++++++++++++++++++- 2014/7xxx/CVE-2014-7272.json | 58 +++++++++++++++++++++++++- 2018/1000xxx/CVE-2018-1000119.json | 2 +- 2018/5xxx/CVE-2018-5313.json | 49 +++++++++++++++++++++- 2018/7xxx/CVE-2018-7183.json | 52 ++++++++++++++++++++++- 2018/7xxx/CVE-2018-7888.json | 18 ++++++++ 6 files changed, 237 insertions(+), 9 deletions(-) create mode 100644 2018/7xxx/CVE-2018-7888.json diff --git a/2014/7xxx/CVE-2014-7271.json b/2014/7xxx/CVE-2014-7271.json index 16bd4596463..0f0433b6379 100644 --- a/2014/7xxx/CVE-2014-7271.json +++ b/2014/7xxx/CVE-2014-7271.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-7271", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,47 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user \"sddm\" without authentication." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.openwall.com/lists/oss-security/2014/10/06/4" + }, + { + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1149608" + }, + { + "url" : "https://github.com/sddm/sddm/pull/279/files" + }, + { + "url" : "https://github.com/sddm/sddm/wiki/0.10.0-Release-Announcement" + }, + { + "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141494.html" + }, + { + "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141550.html" + }, + { + "url" : "http://www.securityfocus.com/bid/70767" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98421" } ] } diff --git a/2014/7xxx/CVE-2014-7272.json b/2014/7xxx/CVE-2014-7272.json index d40c12b074c..b5fa76afa51 100644 --- a/2014/7xxx/CVE-2014-7272.json +++ b/2014/7xxx/CVE-2014-7272.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-7272", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,38 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases)." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.openwall.com/lists/oss-security/2014/10/06/4" + }, + { + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1149610" + }, + { + "url" : "https://github.com/sddm/sddm/pull/280" + }, + { + "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141494.html" + }, + { + "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141550.html" } ] } diff --git a/2018/1000xxx/CVE-2018-1000119.json b/2018/1000xxx/CVE-2018-1000119.json index c1aff72331f..8e342e330d1 100644 --- a/2018/1000xxx/CVE-2018-1000119.json +++ b/2018/1000xxx/CVE-2018-1000119.json @@ -19,7 +19,7 @@ { "version_value" : "2.0.0.rc3 and earlier" }, -{ + { "version_value" : "1.5.4 and earlier" } ] diff --git a/2018/5xxx/CVE-2018-5313.json b/2018/5xxx/CVE-2018-5313.json index de039afdd38..2d24a42f12b 100644 --- a/2018/5xxx/CVE-2018-5313.json +++ b/2018/5xxx/CVE-2018-5313.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-5313", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,29 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://seclists.org/fulldisclosure/2018/Mar/11" + }, + { + "url" : "http://packetstormsecurity.com/files/146668/Rapid-Scada-5.5.0-Insecure-Permissions.html" } ] } diff --git a/2018/7xxx/CVE-2018-7183.json b/2018/7xxx/CVE-2018-7183.json index 95795ea7dcb..0229874ca16 100644 --- a/2018/7xxx/CVE-2018-7183.json +++ b/2018/7xxx/CVE-2018-7183.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-7183", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,32 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://support.ntp.org/bin/view/Main/NtpBug3414" + }, + { + "url" : "http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S" + }, + { + "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc" } ] } diff --git a/2018/7xxx/CVE-2018-7888.json b/2018/7xxx/CVE-2018-7888.json new file mode 100644 index 00000000000..afa8911b6d7 --- /dev/null +++ b/2018/7xxx/CVE-2018-7888.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7888", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}