admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'IBM20190311-144529' of https://github.com/ScottMooreIBM/cvelist into ScottMooreIBM-IBM20190311-144529

Browse Source
This commit is contained in:
CVE Team 2019-03-11 17:15:12 -04:00
commit 2cd2aad57d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
14 changed files with 1265 additions and 240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
2018/1xxx/CVE-2018-1890.json
View File

@ -1,17 +1,142 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1890",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"C" : "L",
"AC" : "H",
"S" : "C",
"A" : "L",
"I" : "L",
"SCORE" : "5.600",
"PR" : "N",
"AV" : "L"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
"references" : {
"reference_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042",
"title" : "IBM Security Bulletin 873042 (WebSphere Application Server)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873042"
},
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10873332",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 873332 (Runtimes for Java Technology)"
},
{
"title" : "IBM Security Bulletin 874750 (WebSphere Application Server Patterns)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874750"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152081",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-sdk-cve20181890-code-exec (152081)"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.0.0.0"
},
{
"version_value" : "1.0.0.7"
},
{
"version_value" : "2.2.0.0"
},
{
"version_value" : "2.2.5.3"
}
]
},
"product_name" : "WebSphere Application Server Patterns"
},
{
"version" : {
"version_data" : [
{
"version_value" : "7.0"
},
{
"version_value" : "8.0"
},
{
"version_value" : "8.5"
},
{
"version_value" : "9.0"
},
{
"version_value" : "Liberty"
}
]
},
"product_name" : "WebSphere Application Server"
},
{
"version" : {
"version_data" : [
{
"version_value" : " "
}
]
},
"product_name" : "Runtimes for Java Technology"
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1890",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-01T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081."
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
}

97
2018/1xxx/CVE-2018-1902.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1902",
"STATE" : "RESERVED"
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 795115 (WebSphere Application Server)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10795115"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-websphere-cve20181902-spoofing (152531)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152531"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AV" : "N",
"PR" : "L",
"SCORE" : "3.100",
"I" : "L",
"A" : "N",
"S" : "U",
"AC" : "H",
"C" : "N",
"UI" : "N"
}
}
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "File Manipulation",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1902",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-07T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WebSphere Application Server",
"version" : {
"version_data" : [
{
"version_value" : "7.0"
},
{
"version_value" : "8.0"
},
{
"version_value" : "8.5"
},
{
"version_value" : "9.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
}

108
2018/1xxx/CVE-2018-1911.json
View File

@ -1,14 +1,30 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"ID" : "CVE-2018-1911",
"STATE" : "PUBLIC"
"description" : {
"description_data" : [
{
"value" : "IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152735.",
"lang" : "eng"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -49,67 +65,53 @@
}
}
]
},
"vendor_name" : "IBM"
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152735."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1911",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256",
"title" : "IBM Security Bulletin 873256 (Rational DOORS Next Generation)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873256"
"refsource" : "CONFIRM"
},
{
"name" : "ibm-dng-cve20181911-xss(152735)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152735",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152735"
"name" : "ibm-dng-cve20181911-xss (152735)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"S" : "C",
"UI" : "R",
"C" : "L",
"PR" : "L",
"AV" : "N",
"A" : "N",
"SCORE" : "5.400",
"I" : "L"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "H"
}
}
}
}

94
2018/1xxx/CVE-2018-1912.json
View File

@ -1,14 +1,47 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"ID" : "CVE-2018-1912",
"STATE" : "PUBLIC"
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "C",
"AC" : "L",
"C" : "L",
"UI" : "R",
"AV" : "N",
"PR" : "L",
"I" : "L",
"SCORE" : "5.400",
"A" : "N"
},
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
}
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 873254 (Rational DOORS Next Generation)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152736",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-dng-cve20181912-xss (152736)",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -34,15 +67,17 @@
}
}
]
},
"vendor_name" : "IBM"
}
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2018-1912",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
@ -51,50 +86,17 @@
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
"value" : "Cross-Site Scripting",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10873254"
},
{
"name" : "ibm-dng-cve20181912-xss(152736)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152736"
}
]
}
}

99
2018/1xxx/CVE-2018-1922.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1922",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152858.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1922",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
}
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
},
{
"refsource" : "XF",
"name" : "ibm-db2-cve20181922-bo (152858)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152858"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"S" : "U",
"UI" : "N",
"C" : "H",
"PR" : "N",
"AV" : "L",
"A" : "H",
"I" : "H",
"SCORE" : "8.400"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
}
}

97
2018/1xxx/CVE-2018-1923.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1923",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. IBM X-Force ID: 152859."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1923"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152859",
"name" : "ibm-db2-cve20181923-bo (152859)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"PR" : "N",
"AV" : "L",
"A" : "H",
"I" : "H",
"SCORE" : "8.400",
"AC" : "L",
"S" : "U",
"UI" : "N",
"C" : "H"
}
}
}
}

147
2018/1xxx/CVE-2018-1974.json
View File

@ -1,18 +1,147 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1974",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. IBM X-Force ID: 153915.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1974"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "MQ",
"version" : {
"version_data" : [
{
"version_value" : "9.0.0.1"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "9.0.0.2"
},
{
"version_value" : "8.0.0.8"
},
{
"version_value" : "8.0.0.9"
},
{
"version_value" : "9.0.0.3"
},
{
"version_value" : "8.0.0.0"
},
{
"version_value" : "8.0.0.10"
},
{
"version_value" : "9.0.0.0"
},
{
"version_value" : "9.0.0.4"
},
{
"version_value" : "9.0.0.5"
},
{
"version_value" : "9.1.0.0"
},
{
"version_value" : "9.1.0.1"
},
{
"version_value" : "9.1.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043",
"title" : "IBM Security Bulletin 792043 (MQ)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10792043"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-websphere-cve20181974-priv-escalation (153915)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/153915"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AC" : "H",
"S" : "U",
"UI" : "N",
"C" : "H",
"PR" : "L",
"AV" : "N",
"A" : "H",
"SCORE" : "7.500",
"I" : "H"
}
}
}
}

97
2018/1xxx/CVE-2018-1978.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1978",
"STATE" : "RESERVED"
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"ID" : "CVE-2018-1978",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
}
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154069",
"name" : "ibm-db2-cve20181978-bo (154069)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"AV" : "L",
"PR" : "N",
"I" : "H",
"SCORE" : "8.400",
"A" : "H",
"S" : "U",
"AC" : "L",
"C" : "H",
"UI" : "N"
}
}
},
"data_type" : "CVE"
}

99
2018/1xxx/CVE-2018-1980.json
View File

@ -1,17 +1,98 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1980",
"STATE" : "RESERVED"
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"I" : "H",
"SCORE" : "8.400",
"A" : "H",
"AV" : "L",
"PR" : "N",
"C" : "H",
"UI" : "N",
"S" : "U",
"AC" : "L"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"references" : {
"reference_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-db2-cve20181980-bo (154078)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154078"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1980",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078.",
"lang" : "eng"
}
]
}

141
2018/1xxx/CVE-2018-1998.json
View File

@ -1,17 +1,140 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1998",
"STATE" : "RESERVED"
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-08T00:00:00"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.0.0.1"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "9.0.0.2"
},
{
"version_value" : "8.0.0.8"
},
{
"version_value" : "8.0.0.9"
},
{
"version_value" : "9.0.0.3"
},
{
"version_value" : "8.0.0.0"
},
{
"version_value" : "8.0.0.10"
},
{
"version_value" : "9.0.0.0"
},
{
"version_value" : "9.0.0.4"
},
{
"version_value" : "9.0.0.5"
},
{
"version_value" : "9.1.1"
}
]
},
"product_name" : "MQ"
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 8.0.0.0 through 9.1.1 could allow a local user to inject code that could be executed with root privileges. This is due to an incomplete fix for CVE-2018-1792. IBM X-ForceID: 154887."
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"UI" : "N",
"C" : "H",
"AC" : "L",
"S" : "C",
"A" : "H",
"SCORE" : "8.800",
"I" : "H",
"PR" : "L",
"AV" : "L"
}
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 870488 (MQ)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870488"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154887",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-websphere-cve20181998-priv-escalation (154887)"
}
]
}

95
2018/2xxx/CVE-2018-2009.json
View File

@ -1,17 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2009",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"A" : "N",
"I" : "N",
"SCORE" : "6.500",
"PR" : "L",
"AV" : "N",
"UI" : "N",
"C" : "H",
"AC" : "L",
"S" : "U"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
"references" : {
"reference_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 794327 (API Connect)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794327"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-api-cve20182009-info-disc (155148)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155148"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2018.1"
},
{
"version_value" : "2018.4.1"
}
]
},
"product_name" : "API Connect"
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-2009",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-05T00:00:00",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"value" : "IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148.",
"lang" : "eng"
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
}

103
2019/4xxx/CVE-2019-4015.json
View File

@ -1,17 +1,98 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4015",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "L",
"C" : "H",
"UI" : "N",
"AV" : "L",
"PR" : "N",
"SCORE" : "8.400",
"I" : "H",
"A" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"references" : {
"reference_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155893",
"name" : "ibm-db2-cve20194015-bo (155893)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
},
"product_name" : "DB2 for Linux, UNIX and Windows"
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4015",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-08T00:00:00"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893.."
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
}

95
2019/4xxx/CVE-2019-4016.json
View File

@ -1,18 +1,99 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4016",
"STATE" : "RESERVED"
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740413",
"title" : "IBM Security Bulletin 740413 (DB2 for Linux, UNIX and Windows)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155894",
"name" : "ibm-db2-cve20194016-bo (155894)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AC" : "L",
"C" : "H",
"UI" : "N",
"AV" : "L",
"PR" : "N",
"I" : "H",
"SCORE" : "8.400",
"A" : "H"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894."
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4016",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-08T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "DB2 for Linux, UNIX and Windows",
"version" : {
"version_data" : [
{
"version_value" : "10.5"
},
{
"version_value" : "10.1"
},
{
"version_value" : "9.7"
},
{
"version_value" : "11.1"
}
]
}
}
]
}
}
]
}
}
}

104
2019/4xxx/CVE-2019-4030.json
View File

@ -1,67 +1,43 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"ID" : "CVE-2019-4030",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references" : {
"reference_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "WebSphere Application Server",
"version" : {
"version_data" : [
{
"version_value" : "8.5"
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 869406 (WebSphere Application Server)"
},
{
"version_value" : "9.0"
}
]
}
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-websphere-cve20194030-xss (155946)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155946"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946."
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"I" : "L",
"SCORE" : "5.400",
"A" : "N",
"S" : "C",
"AC" : "L",
"C" : "L",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C",
"RL" : "O"
"E" : "H"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
@ -74,18 +50,44 @@
}
]
},
"references" : {
"reference_data" : [
"description" : {
"description_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10869406"
"value" : "IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4030",
"DATE_PUBLIC" : "2019-03-04T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.5"
},
{
"name" : "ibm-websphere-cve20194030-xss(155946)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155946"
"version_value" : "9.0"
}
]
},
"product_name" : "WebSphere Application Server"
}
]
}
}
]
}
}
}