admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-04-09 09:04:27 -04:00
parent 552e25ed87
commit 3504c33a5e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 333 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
2018/0xxx/CVE-2018-0545.json
View File

@ -1,62 +1,67 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0545",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0545", },
"ASSIGNER": "vultures@jpcert.or.jp" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "LXR Project", {
"product": { "product_name" : "LXR",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "LXR", {
"version": { "version_value" : "version 1.0.0 to 2.3.0"
"version_data": [ }
{ ]
"version_value": "version 1.0.0 to 2.3.0" }
} }
] ]
} },
} "vendor_name" : "LXR Project"
] }
} ]
} }
] },
} "data_format" : "MITRE",
}, "data_type" : "CVE",
"problemtype":{ "data_version" : "4.0",
"problemtype_data":[ "description" : {
{ "description_data" : [
"description":[ {
{ "lang" : "eng",
"lang": "eng", "value" : "LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
"value":"OS Command Injection" }
} ]
] },
} "problemtype" : {
] "problemtype_data" : [
}, {
"references":{ "description" : [
"reference_data":[ {
{ "lang" : "eng",
"url":"http://lxr.sourceforge.net/en/bugsandlimits.php" "value" : "OS Command Injection"
}, }
{ ]
"url":"http://jvn.jp/en/jp/JVN72589538/index.html" }
} ]
] },
}, "references" : {
"description":{ "reference_data" : [
"description_data":[ {
{ "name" : "http://lxr.sourceforge.net/en/bugsandlimits.php",
"lang": "eng", "refsource" : "CONFIRM",
"value":"LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors." "url" : "http://lxr.sourceforge.net/en/bugsandlimits.php"
} },
] {
} "name" : "JVN#72589538",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN72589538/index.html"
}
]
}
} }

125
2018/0xxx/CVE-2018-0553.json
View File

@ -1,62 +1,67 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0553",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0553", },
"ASSIGNER": "vultures@jpcert.or.jp" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "Glamo Inc.", {
"product": { "product_name" : "iRemoconWiFi App for Android",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "iRemoconWiFi App for Android", {
"version": { "version_value" : "version 4.1.7 and earlier"
"version_data": [ }
{ ]
"version_value": "version 4.1.7 and earlier" }
} }
] ]
} },
} "vendor_name" : "Glamo Inc."
] }
} ]
} }
] },
} "data_format" : "MITRE",
}, "data_type" : "CVE",
"problemtype":{ "data_version" : "4.0",
"problemtype_data":[ "description" : {
{ "description_data" : [
"description":[ {
{ "lang" : "eng",
"lang": "eng", "value" : "The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"value":"Fails to verify SSL certificates" }
} ]
] },
} "problemtype" : {
] "problemtype_data" : [
}, {
"references":{ "description" : [
"reference_data":[ {
{ "lang" : "eng",
"url":"https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi" "value" : "Fails to verify SSL certificates"
}, }
{ ]
"url":"http://jvn.jp/en/jp/JVN43382653/index.html" }
} ]
] },
}, "references" : {
"description":{ "reference_data" : [
"description_data":[ {
{ "name" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi",
"lang": "eng", "refsource" : "MISC",
"value":"The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "url" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi"
} },
] {
} "name" : "JVN#43382653",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN43382653/index.html"
}
]
}
} }

125
2018/0xxx/CVE-2018-0554.json
View File

@ -1,62 +1,67 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0554",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0554", },
"ASSIGNER": "vultures@jpcert.or.jp" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "BUFFALO INC.", {
"product": { "product_name" : "WZR-1750DHP2",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "WZR-1750DHP2", {
"version": { "version_value" : "Ver.2.30 and earlier"
"version_data": [ }
{ ]
"version_value": "Ver.2.30 and earlier" }
} }
] ]
} },
} "vendor_name" : "BUFFALO INC."
] }
} ]
} }
] },
} "data_format" : "MITRE",
}, "data_type" : "CVE",
"problemtype":{ "data_version" : "4.0",
"problemtype_data":[ "description" : {
{ "description_data" : [
"description":[ {
{ "lang" : "eng",
"lang": "eng", "value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors."
"value":"Authentication bypass" }
} ]
] },
} "problemtype" : {
] "problemtype_data" : [
}, {
"references":{ "description" : [
"reference_data":[ {
{ "lang" : "eng",
"url":"http://buffalo.jp/support_s/s20180328.html" "value" : "Authentication bypass"
}, }
{ ]
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" }
} ]
] },
}, "references" : {
"description":{ "reference_data" : [
"description_data":[ {
{ "name" : "http://buffalo.jp/support_s/s20180328.html",
"lang": "eng", "refsource" : "CONFIRM",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication execute arbitrary commands on the device via unspecified vectors." "url" : "http://buffalo.jp/support_s/s20180328.html"
} },
] {
} "name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}
} }

125
2018/0xxx/CVE-2018-0555.json
View File

@ -1,62 +1,67 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0555",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0555", },
"ASSIGNER": "vultures@jpcert.or.jp" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "BUFFALO INC.", {
"product": { "product_name" : "WZR-1750DHP2",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "WZR-1750DHP2", {
"version": { "version_value" : "Ver.2.30 and earlier"
"version_data": [ }
{ ]
"version_value": "Ver.2.30 and earlier" }
} }
] ]
} },
} "vendor_name" : "BUFFALO INC."
] }
} ]
} }
] },
} "data_format" : "MITRE",
}, "data_type" : "CVE",
"problemtype":{ "data_version" : "4.0",
"problemtype_data":[ "description" : {
{ "description_data" : [
"description":[ {
{ "lang" : "eng",
"lang": "eng", "value" : "Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file."
"value":"Buffer Overflow" }
} ]
] },
} "problemtype" : {
] "problemtype_data" : [
}, {
"references":{ "description" : [
"reference_data":[ {
{ "lang" : "eng",
"url":"http://buffalo.jp/support_s/s20180328.html" "value" : "Buffer Overflow"
}, }
{ ]
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" }
} ]
] },
}, "references" : {
"description":{ "reference_data" : [
"description_data":[ {
{ "name" : "http://buffalo.jp/support_s/s20180328.html",
"lang": "eng", "refsource" : "CONFIRM",
"value":"Buffer overflow in WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via specially crafted file." "url" : "http://buffalo.jp/support_s/s20180328.html"
} },
] {
} "name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}
} }

125
2018/0xxx/CVE-2018-0556.json
View File

@ -1,62 +1,67 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "vultures@jpcert.or.jp",
"data_version": "4.0", "ID" : "CVE-2018-0556",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2018-0556", },
"ASSIGNER": "vultures@jpcert.or.jp" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "BUFFALO INC.", {
"product": { "product_name" : "WZR-1750DHP2",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "WZR-1750DHP2", {
"version": { "version_value" : "Ver.2.30 and earlier"
"version_data": [ }
{ ]
"version_value": "Ver.2.30 and earlier" }
} }
] ]
} },
} "vendor_name" : "BUFFALO INC."
] }
} ]
} }
] },
} "data_format" : "MITRE",
}, "data_type" : "CVE",
"problemtype":{ "data_version" : "4.0",
"problemtype_data":[ "description" : {
{ "description_data" : [
"description":[ {
{ "lang" : "eng",
"lang": "eng", "value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors."
"value":"OS Command Injection" }
} ]
] },
} "problemtype" : {
] "problemtype_data" : [
}, {
"references":{ "description" : [
"reference_data":[ {
{ "lang" : "eng",
"url":"http://buffalo.jp/support_s/s20180328.html" "value" : "OS Command Injection"
}, }
{ ]
"url":"http://jvn.jp/en/jp/JVN93397125/index.html" }
} ]
] },
}, "references" : {
"description":{ "reference_data" : [
"description_data":[ {
{ "name" : "http://buffalo.jp/support_s/s20180328.html",
"lang": "eng", "refsource" : "CONFIRM",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors." "url" : "http://buffalo.jp/support_s/s20180328.html"
} },
] {
} "name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}
} }

4
2018/1xxx/CVE-2018-1308.json
View File

@ -57,9 +57,13 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "[www-announce] 20180408 [SECURITY] CVE-2018-1308: XXE attack through Apache Solr's DIH's dataConfig request parameter",
"refsource" : "MLIST",
"url" : "https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E" "url" : "https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/SOLR-11971",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/SOLR-11971" "url" : "https://issues.apache.org/jira/browse/SOLR-11971"
} }
] ]