- Synchronized data.

2025-07-30 18:04:30 +00:00 · 2018-04-11 13:05:35 -04:00 · 2018-04-11 13:05:35 -04:00 · 4315caf5cf
commit 4315caf5cf
parent c86a3dd572
12 changed files with 242 additions and 3 deletions
--- a/2017/15xxx/CVE-2017-15327.json
+++ b/2017/15xxx/CVE-2017-15327.json
@ -53,6 +53,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180328-01-authentication-en",
+            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180328-01-authentication-en"
         }
      ]
--- a/2017/17xxx/CVE-2017-17308.json
+++ b/2017/17xxx/CVE-2017-17308.json
@ -34,7 +34,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "SCCPX module in DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
+            "value" : "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
         }
      ]
   },
@ -53,6 +53,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
+            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
         }
      ]
--- a/2017/8xxx/CVE-2017-8154.json
+++ b/2017/8xxx/CVE-2017-8154.json
@ -53,6 +53,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170908-01-smartphone-en",
+            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170908-01-smartphone-en"
         }
      ]
--- a/2018/10xxx/CVE-2018-10021.json
+++ b/2018/10xxx/CVE-2018-10021.json
@ -2,7 +2,30 @@
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2018-10021",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +34,33 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39",
+            "refsource" : "MISC",
+            "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=318aaf34f1179b39fa9c30fa0f3288b645beee39"
+         },
+         {
+            "name" : "https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39",
+            "refsource" : "MISC",
+            "url" : "https://github.com/torvalds/linux/commit/318aaf34f1179b39fa9c30fa0f3288b645beee39"
         }
      ]
   }
--- a/2018/10xxx/CVE-2018-10022.json
+++ b/2018/10xxx/CVE-2018-10022.json
@ -0,0 +1,18 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-10022",
+      "STATE" : "RESERVED"
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+         }
+      ]
+   }
+}
--- a/2018/10xxx/CVE-2018-10023.json
+++ b/2018/10xxx/CVE-2018-10023.json
@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-10023",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment)."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/xwlrbh/Catfish/issues/1",
+            "refsource" : "MISC",
+            "url" : "https://github.com/xwlrbh/Catfish/issues/1"
+         }
+      ]
+   }
+}
--- a/2018/10xxx/CVE-2018-10024.json
+++ b/2018/10xxx/CVE-2018-10024.json
@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-10024",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH (or TELNET if it is enabled)."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://www.tarlogic.com/advisories/Tarlogic-2018-002.txt",
+            "refsource" : "MISC",
+            "url" : "https://www.tarlogic.com/advisories/Tarlogic-2018-002.txt"
+         }
+      ]
+   }
+}
--- a/2018/10xxx/CVE-2018-10025.json
+++ b/2018/10xxx/CVE-2018-10025.json
@ -0,0 +1,18 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-10025",
+      "STATE" : "RESERVED"
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+         }
+      ]
+   }
+}
--- a/2018/10xxx/CVE-2018-10026.json
+++ b/2018/10xxx/CVE-2018-10026.json
@ -0,0 +1,18 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-10026",
+      "STATE" : "RESERVED"
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+         }
+      ]
+   }
+}
--- a/2018/7xxx/CVE-2018-7930.json
+++ b/2018/7xxx/CVE-2018-7930.json
@ -53,6 +53,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-smartphone-en",
+            "refsource" : "CONFIRM",
            "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-smartphone-en"
         }
      ]
--- a/2018/8xxx/CVE-2018-8953.json
+++ b/2018/8xxx/CVE-2018-8953.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
+            "refsource" : "CONFIRM",
            "url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
         }
      ]
--- a/2018/8xxx/CVE-2018-8954.json
+++ b/2018/8xxx/CVE-2018-8954.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
+            "refsource" : "CONFIRM",
            "url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
         }
      ]