admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-04-09 09:04:27 -04:00
parent 552e25ed87
commit 3504c33a5e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 333 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2018/0xxx/CVE-2018-0545.json
View File

@ -1,61 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-0545",
"ASSIGNER": "vultures@jpcert.or.jp"
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0545",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name": "LXR Project",
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "LXR",
"version": {
"version_data": [
"product_name" : "LXR",
"version" : {
"version_data" : [
{
"version_value": "version 1.0.0 to 2.3.0"
"version_value" : "version 1.0.0 to 2.3.0"
}
]
}
}
]
}
},
"vendor_name" : "LXR Project"
}
]
}
},
"problemtype":{
"problemtype_data":[
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"description":[
"lang" : "eng",
"value" : "LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"lang": "eng",
"value":"OS Command Injection"
"description" : [
{
"lang" : "eng",
"value" : "OS Command Injection"
}
]
}
]
},
"references":{
"reference_data":[
"references" : {
"reference_data" : [
{
"url":"http://lxr.sourceforge.net/en/bugsandlimits.php"
"name" : "http://lxr.sourceforge.net/en/bugsandlimits.php",
"refsource" : "CONFIRM",
"url" : "http://lxr.sourceforge.net/en/bugsandlimits.php"
},
{
"url":"http://jvn.jp/en/jp/JVN72589538/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
"name" : "JVN#72589538",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN72589538/index.html"
}
]
}

73
2018/0xxx/CVE-2018-0553.json
View File

@ -1,61 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-0553",
"ASSIGNER": "vultures@jpcert.or.jp"
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0553",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name": "Glamo Inc.",
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "iRemoconWiFi App for Android",
"version": {
"version_data": [
"product_name" : "iRemoconWiFi App for Android",
"version" : {
"version_data" : [
{
"version_value": "version 4.1.7 and earlier"
"version_value" : "version 4.1.7 and earlier"
}
]
}
}
]
}
},
"vendor_name" : "Glamo Inc."
}
]
}
},
"problemtype":{
"problemtype_data":[
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"description":[
"lang" : "eng",
"value" : "The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"lang": "eng",
"value":"Fails to verify SSL certificates"
"description" : [
{
"lang" : "eng",
"value" : "Fails to verify SSL certificates"
}
]
}
]
},
"references":{
"reference_data":[
"references" : {
"reference_data" : [
{
"url":"https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi"
"name" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi",
"refsource" : "MISC",
"url" : "https://play.google.com/store/apps/details?id=jp.co.glamo.iremoconwifi"
},
{
"url":"http://jvn.jp/en/jp/JVN43382653/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"name" : "JVN#43382653",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN43382653/index.html"
}
]
}

73
2018/0xxx/CVE-2018-0554.json
View File

@ -1,61 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-0554",
"ASSIGNER": "vultures@jpcert.or.jp"
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0554",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name": "BUFFALO INC.",
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "WZR-1750DHP2",
"version": {
"version_data": [
"product_name" : "WZR-1750DHP2",
"version" : {
"version_data" : [
{
"version_value": "Ver.2.30 and earlier"
"version_value" : "Ver.2.30 and earlier"
}
]
}
}
]
}
},
"vendor_name" : "BUFFALO INC."
}
]
}
},
"problemtype":{
"problemtype_data":[
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"description":[
"lang" : "eng",
"value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"lang": "eng",
"value":"Authentication bypass"
"description" : [
{
"lang" : "eng",
"value" : "Authentication bypass"
}
]
}
]
},
"references":{
"reference_data":[
"references" : {
"reference_data" : [
{
"url":"http://buffalo.jp/support_s/s20180328.html"
"name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
},
{
"url":"http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication execute arbitrary commands on the device via unspecified vectors."
"name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}

73
2018/0xxx/CVE-2018-0555.json
View File

@ -1,61 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-0555",
"ASSIGNER": "vultures@jpcert.or.jp"
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0555",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name": "BUFFALO INC.",
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "WZR-1750DHP2",
"version": {
"version_data": [
"product_name" : "WZR-1750DHP2",
"version" : {
"version_data" : [
{
"version_value": "Ver.2.30 and earlier"
"version_value" : "Ver.2.30 and earlier"
}
]
}
}
]
}
},
"vendor_name" : "BUFFALO INC."
}
]
}
},
"problemtype":{
"problemtype_data":[
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"description":[
"lang" : "eng",
"value" : "Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"lang": "eng",
"value":"Buffer Overflow"
"description" : [
{
"lang" : "eng",
"value" : "Buffer Overflow"
}
]
}
]
},
"references":{
"reference_data":[
"references" : {
"reference_data" : [
{
"url":"http://buffalo.jp/support_s/s20180328.html"
"name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
},
{
"url":"http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"Buffer overflow in WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via specially crafted file."
"name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}

73
2018/0xxx/CVE-2018-0556.json
View File

@ -1,61 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-0556",
"ASSIGNER": "vultures@jpcert.or.jp"
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2018-0556",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name": "BUFFALO INC.",
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "WZR-1750DHP2",
"version": {
"version_data": [
"product_name" : "WZR-1750DHP2",
"version" : {
"version_data" : [
{
"version_value": "Ver.2.30 and earlier"
"version_value" : "Ver.2.30 and earlier"
}
]
}
}
]
}
},
"vendor_name" : "BUFFALO INC."
}
]
}
},
"problemtype":{
"problemtype_data":[
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"description":[
"lang" : "eng",
"value" : "Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"lang": "eng",
"value":"OS Command Injection"
"description" : [
{
"lang" : "eng",
"value" : "OS Command Injection"
}
]
}
]
},
"references":{
"reference_data":[
"references" : {
"reference_data" : [
{
"url":"http://buffalo.jp/support_s/s20180328.html"
"name" : "http://buffalo.jp/support_s/s20180328.html",
"refsource" : "CONFIRM",
"url" : "http://buffalo.jp/support_s/s20180328.html"
},
{
"url":"http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
},
"description":{
"description_data":[
{
"lang": "eng",
"value":"WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors."
"name" : "JVN#93397125",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN93397125/index.html"
}
]
}

4
2018/1xxx/CVE-2018-1308.json
View File

@ -57,9 +57,13 @@
"references" : {
"reference_data" : [
{
"name" : "[www-announce] 20180408 [SECURITY] CVE-2018-1308: XXE attack through Apache Solr's DIH's dataConfig request parameter",
"refsource" : "MLIST",
"url" : "https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E"
},
{
"name" : "https://issues.apache.org/jira/browse/SOLR-11971",
"refsource" : "CONFIRM",
"url" : "https://issues.apache.org/jira/browse/SOLR-11971"
}
]