admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-12-21 17:15:27 -05:00
parent b05852c8f0
commit 43ab3d2816
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 209 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/16xxx/CVE-2018-16778.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-16778",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://metamorfosec.com/Files/Advisories/METS-2018-004-A_XSS_Vulnerability_in_Jenzabar_8.2.1_to_9.2.0.txt",
"refsource" : "MISC",
"url" : "https://metamorfosec.com/Files/Advisories/METS-2018-004-A_XSS_Vulnerability_in_Jenzabar_8.2.1_to_9.2.0.txt"
}
]
}

5
2018/18xxx/CVE-2018-18629.json
View File

@ -57,6 +57,11 @@
"refsource" : "MISC",
"url" : "https://hackerone.com/reports/426944"
},
{
"name" : "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/",
"refsource" : "MISC",
"url" : "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"name" : "https://keybase.io/docs/secadv/kb002",
"refsource" : "CONFIRM",

58
2018/20xxx/CVE-2018-20226.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20226",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An organization administrator can add a super administrator in THEHIVE PROJECT Cortex before 2.1.3 due to the lack of overriding the Role.toString method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/TheHive-Project/Cortex/blob/2.1.3/CHANGELOG.md",
"refsource" : "CONFIRM",
"url" : "https://github.com/TheHive-Project/Cortex/blob/2.1.3/CHANGELOG.md"
},
{
"name" : "https://github.com/TheHive-Project/Cortex/commit/1aaf2182a6b722ad539e2717bc11967d1bde723a",
"refsource" : "CONFIRM",
"url" : "https://github.com/TheHive-Project/Cortex/commit/1aaf2182a6b722ad539e2717bc11967d1bde723a"
},
{
"name" : "https://github.com/TheHive-Project/Cortex/issues/158",
"refsource" : "CONFIRM",
"url" : "https://github.com/TheHive-Project/Cortex/issues/158"
}
]
}

53
2018/20xxx/CVE-2018-20322.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20322",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "LimeSurvey contains an XSS vulnerability while uploading a ZIP file, resulting in JavaScript code execution against LimeSurvey admins."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.limesurvey.org/view.php?id=14376",
"refsource" : "MISC",
"url" : "https://bugs.limesurvey.org/view.php?id=14376"
},
{
"name" : "https://github.com/LimeSurvey/LimeSurvey/commit/bfee69edaa0b90f97dc2d8fab09a87958cb32405",
"refsource" : "CONFIRM",
"url" : "https://github.com/LimeSurvey/LimeSurvey/commit/bfee69edaa0b90f97dc2d8fab09a87958cb32405"
}
]
}

48
2018/20xxx/CVE-2018-20325.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20325",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/danijar/definitions/issues/14",
"refsource" : "MISC",
"url" : "https://github.com/danijar/definitions/issues/14"
}
]
}

5
2018/7xxx/CVE-2018-7812.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-7812",
"refsource" : "MISC",
"url" : "https://github.com/SadFud/Exploits/tree/master/Real%20World/SCADA%20-%20IOT%20Systems/CVE-2018-7812"
},
{
"name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/",
"refsource" : "CONFIRM",