admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-04-09 09:04:27 -04:00
parent 552e25ed87
commit 3504c33a5e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 333 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2018/0xxx/CVE-2018-0545.json
View File

@ -1,61 +1,66 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0545",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0545",
"ASSIGNER": "vultures@jpcert.or.jp"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"vendor_name": "LXR Project", "product" : {
"product": { "product_data" : [
"product_data": [
{ {
"product_name": "LXR", "product_name" : "LXR",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"version_value": "version 1.0.0 to 2.3.0" "version_value" : "version 1.0.0 to 2.3.0"
} }
] ]
} }
} }
] ]
} },
"vendor_name" : "LXR Project"
} }
] ]
} }
}, },
"problemtype":{ "data_format" : "MITRE",
"problemtype_data":[ "data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"description":[ "lang" : "eng",
"value" : "LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{ {
"lang": "eng", "description" : [
"value":"OS Command Injection" {
"lang" : "eng",
"value" : "OS Command Injection"
} }
] ]
} }
] ]
}, },
"references":{ "references" : {
"reference_data":[ "reference_data" : [
{ {
"url":"http://lxr.sourceforge.net/en/bugsandlimits.php" "name" : "http://lxr.sourceforge.net/en/bugsandlimits.php",
"refsource" : "CONFIRM",
"url" : "http://lxr.sourceforge.net/en/bugsandlimits.php"
}, },
{ {
"url":"http://jvn.jp/en/jp/JVN72589538/index.html" "name" : "JVN#72589538",
} "refsource" : "JVN",
] "url" : "http://jvn.jp/en/jp/JVN72589538/index.html"
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
} }
] ]
} }

73
2018/0xxx/CVE-2018-0553.json
View File

@ -1,61 +1,66 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0553",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0553",
"ASSIGNER": "vultures@jpcert.or.jp"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"vendor_name": "Glamo Inc.", "product" : {
"product": { "product_data" : [
"product_data": [
{ {
"product_name": "iRemoconWiFi App for Android", "product_name" : "iRemoconWiFi App for Android",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"version_value": "version 4.1.7 and earlier" "version_value" : "version 4.1.7 and earlier"
} }
] ]
} }
} }
] ]
} },
"vendor_name" : "Glamo Inc."
} }
] ]
} }
}, },
"problemtype":{ "data_format" : "MITRE",
"problemtype_data":[ "data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"description":[ "lang" : "eng",
"value" : "The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{ {
"lang": "eng", "description" : [
"value":"Fails to verify SSL certificates" {
"lang" : "eng",
"value" : "Fails to verify SSL certificates"
} }
] ]
} }
] ]
}, },
"references":{ "references" : {
"reference_data":[ "reference_data" : [
{ {
"url":"https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi" "name" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi",
"refsource" : "MISC",
"url" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi"
}, },
{ {
"url":"http://jvn.jp/en/jp/JVN43382653/index.html" "name" : "JVN#43382653",
} "refsource" : "JVN",
] "url" : "http://jvn.jp/en/jp/JVN43382653/index.html"
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
} }

73
2018/0xxx/CVE-2018-0554.json
View File

@ -1,61 +1,66 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0554",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0554",
"ASSIGNER": "vultures@jpcert.or.jp"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"vendor_name": "BUFFALO INC.", "product" : {
"product": { "product_data" : [
"product_data": [
{ {
"product_name": "WZR-1750DHP2", "product_name" : "WZR-1750DHP2",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"version_value": "Ver.2.30 and earlier" "version_value" : "Ver.2.30 and earlier"
} }
] ]
} }
} }
] ]
} },
"vendor_name" : "BUFFALO INC."
} }
] ]
} }
}, },
"problemtype":{ "data_format" : "MITRE",
"problemtype_data":[ "data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"description":[ "lang" : "eng",
"value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{ {
"lang": "eng", "description" : [
"value":"Authentication bypass" {
"lang" : "eng",
"value" : "Authentication bypass"
} }
] ]
} }
] ]
}, },
"references":{ "references" : {
"reference_data":[ "reference_data" : [
{ {
"url":"http://buffalo.jp/support_s/s20180328.html" "name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
}, },
{ {
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" "name" : "JVN#93397125",
} "refsource" : "JVN",
] "url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication execute arbitrary commands on the device via unspecified vectors."
} }
] ]
} }

73
2018/0xxx/CVE-2018-0555.json
View File

@ -1,61 +1,66 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0555",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0555",
"ASSIGNER": "vultures@jpcert.or.jp"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"vendor_name": "BUFFALO INC.", "product" : {
"product": { "product_data" : [
"product_data": [
{ {
"product_name": "WZR-1750DHP2", "product_name" : "WZR-1750DHP2",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"version_value": "Ver.2.30 and earlier" "version_value" : "Ver.2.30 and earlier"
} }
] ]
} }
} }
] ]
} },
"vendor_name" : "BUFFALO INC."
} }
] ]
} }
}, },
"problemtype":{ "data_format" : "MITRE",
"problemtype_data":[ "data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"description":[ "lang" : "eng",
"value" : "Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{ {
"lang": "eng", "description" : [
"value":"Buffer Overflow" {
"lang" : "eng",
"value" : "Buffer Overflow"
} }
] ]
} }
] ]
}, },
"references":{ "references" : {
"reference_data":[ "reference_data" : [
{ {
"url":"http://buffalo.jp/support_s/s20180328.html" "name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
}, },
{ {
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" "name" : "JVN#93397125",
} "refsource" : "JVN",
] "url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Buffer overflow in WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via specially crafted file."
} }
] ]
} }

73
2018/0xxx/CVE-2018-0556.json
View File

@ -1,61 +1,66 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0556",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0556",
"ASSIGNER": "vultures@jpcert.or.jp"
}, },
"affects": { "affects" : {
"vendor": { "vendor" : {
"vendor_data": [ "vendor_data" : [
{ {
"vendor_name": "BUFFALO INC.", "product" : {
"product": { "product_data" : [
"product_data": [
{ {
"product_name": "WZR-1750DHP2", "product_name" : "WZR-1750DHP2",
"version": { "version" : {
"version_data": [ "version_data" : [
{ {
"version_value": "Ver.2.30 and earlier" "version_value" : "Ver.2.30 and earlier"
} }
] ]
} }
} }
] ]
} },
"vendor_name" : "BUFFALO INC."
} }
] ]
} }
}, },
"problemtype":{ "data_format" : "MITRE",
"problemtype_data":[ "data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"description":[ "lang" : "eng",
"value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{ {
"lang": "eng", "description" : [
"value":"OS Command Injection" {
"lang" : "eng",
"value" : "OS Command Injection"
} }
] ]
} }
] ]
}, },
"references":{ "references" : {
"reference_data":[ "reference_data" : [
{ {
"url":"http://buffalo.jp/support_s/s20180328.html" "name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
}, },
{ {
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" "name" : "JVN#93397125",
} "refsource" : "JVN",
] "url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors."
} }
] ]
} }

4
2018/1xxx/CVE-2018-1308.json
View File

@ -57,9 +57,13 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "[www-announce] 20180408 [SECURITY] CVE-2018-1308: XXE attack through Apache Solr's DIH's dataConfig request parameter",
"refsource" : "MLIST",
"url" : "https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E" "url" : "https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/SOLR-11971",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/SOLR-11971" "url" : "https://issues.apache.org/jira/browse/SOLR-11971"
} }
] ]