admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 19:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-06-28 10:03:14 -04:00
parent 440f552aaa
commit 417fab1f72
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
14 changed files with 674 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2017/16xxx/CVE-2017-16859.json
View File

@ -1,72 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-06-28T00:00:00",
"ID": "CVE-2017-16859",
"STATE": "PUBLIC"
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-06-28T00:00:00",
"ID" : "CVE-2017-16859",
"STATE" : "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product": {
"product_data": [
"product" : {
"product_data" : [
{
"product_name": "Fisheye and Crucible",
"version": {
"version_data": [
"product_name" : "Fisheye and Crucible",
"version" : {
"version_data" : [
{
"version_value": "4.3.2",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "4.3.2"
},
{
"version_value": "4.4.0",
"version_affected": ">="
"version_affected" : ">=",
"version_value" : "4.4.0"
},
{
"version_value": "4.4.3",
"version_affected": "<"
"version_affected" : "<",
"version_value" : "4.4.3"
}
]
}
}
]
},
"vendor_name": "Atlassian"
"vendor_name" : "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang": "eng",
"value": "The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter."
"lang" : "eng",
"value" : "The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter."
}
]
},
"problemtype": {
"problemtype_data": [
"problemtype" : {
"problemtype_data" : [
{
"description": [
"description" : [
{
"lang": "eng",
"value": "Path Traversal"
"lang" : "eng",
"value" : "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
"references" : {
"reference_data" : [
{
"url": "https://jira.atlassian.com/browse/CRUC-8212"
"name" : "https://jira.atlassian.com/browse/CRUC-8212",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CRUC-8212"
},
{
"url": "https://jira.atlassian.com/browse/FE-7061"
"name" : "https://jira.atlassian.com/browse/FE-7061",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-7061"
}
]
}

5
2018/10xxx/CVE-2018-10466.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-10466",
"refsource" : "MISC",
"url" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-10466"
},
{
"name" : "https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html",
"refsource" : "CONFIRM",

5
2018/11xxx/CVE-2018-11027.json
View File

@ -56,6 +56,11 @@
"name" : "20180524 Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/archive/1/542040/100/0/threaded"
},
{
"name" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027",
"refsource" : "MISC",
"url" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027"
}
]
}

53
2018/11xxx/CVE-2018-11510.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-11510",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "ASUSTOR ADM 3.1.2.RHG1 and earlier uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mefulton/CVE-2018-11510",
"refsource" : "MISC",
"url" : "https://github.com/mefulton/CVE-2018-11510"
},
{
"name" : "https://github.com/mefulton/CVE-2018-11510/blob/master/admex.py",
"refsource" : "MISC",
"url" : "https://github.com/mefulton/CVE-2018-11510/blob/master/admex.py"
}
]
}

5
2018/11xxx/CVE-2018-11689.json
View File

@ -56,6 +56,11 @@
"name" : "20180613 Samsung Web Viewer for Samsung DVR Reflected Cross Site Scripting (XSS) CVE-2018-11689",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/archive/1/542083/100/0/threaded"
},
{
"name" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11689",
"refsource" : "MISC",
"url" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11689"
}
]
}

48
2018/12xxx/CVE-2018-12589.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12589",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/148312/Polaris-Office-2017-8.1-Remote-Code-Execution.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/148312/Polaris-Office-2017-8.1-Remote-Code-Execution.html"
}
]
}

67
2018/12xxx/CVE-2018-12928.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12928",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384"
},
{
"name" : "https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2",
"refsource" : "MISC",
"url" : "https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2"
}
]
}
}

67
2018/12xxx/CVE-2018-12929.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12929",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"
},
{
"name" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2",
"refsource" : "MISC",
"url" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"
}
]
}
}

67
2018/12xxx/CVE-2018-12930.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12930",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"
},
{
"name" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2",
"refsource" : "MISC",
"url" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"
}
]
}
}

67
2018/12xxx/CVE-2018-12931.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12931",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763403"
},
{
"name" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2",
"refsource" : "MISC",
"url" : "https://marc.info/?l=linux-ntfs-dev&m=152413769810234&w=2"
}
]
}
}

82
2018/12xxx/CVE-2018-12932.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719"
},
{
"name" : "https://bugs.winehq.org/attachment.cgi?id=61284",
"refsource" : "MISC",
"url" : "https://bugs.winehq.org/attachment.cgi?id=61284"
},
{
"name" : "https://bugs.winehq.org/show_bug.cgi?id=45105",
"refsource" : "MISC",
"url" : "https://bugs.winehq.org/show_bug.cgi?id=45105"
},
{
"name" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d",
"refsource" : "MISC",
"url" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d"
},
{
"name" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949",
"refsource" : "MISC",
"url" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949"
}
]
}
}

82
2018/12xxx/CVE-2018-12933.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12933",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/wine/+bug/1764719"
},
{
"name" : "https://bugs.winehq.org/attachment.cgi?id=61285",
"refsource" : "MISC",
"url" : "https://bugs.winehq.org/attachment.cgi?id=61285"
},
{
"name" : "https://bugs.winehq.org/show_bug.cgi?id=45106",
"refsource" : "MISC",
"url" : "https://bugs.winehq.org/show_bug.cgi?id=45106"
},
{
"name" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d",
"refsource" : "MISC",
"url" : "https://source.winehq.org/git/wine.git/commit/8d2676fd14f130f9e8f06744743423168bf8d18d"
},
{
"name" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949",
"refsource" : "MISC",
"url" : "https://source.winehq.org/git/wine.git/commit/b6da3547d8990c3c3affc3a5865aefd2a0946949"
}
]
}
}

72
2018/12xxx/CVE-2018-12934.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12934",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101",
"refsource" : "MISC",
"url" : "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101"
},
{
"name" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453",
"refsource" : "MISC",
"url" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453"
},
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23059",
"refsource" : "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23059"
}
]
}
}

18
2018/12xxx/CVE-2018-12935.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12935",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}