admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #119 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2019-04-03 09:37:34 -04:00 committed by GitHub
commit 4dbddb7a5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
207 changed files with 4244 additions and 349 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2014/9xxx/CVE-2014-9323.json
View File

@ -81,6 +81,11 @@
"name": "http://advisories.mageia.org/MGASA-2014-0523.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0523.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3929-1",
"url": "https://usn.ubuntu.com/3929-1/"
}
]
}

5
2017/0xxx/CVE-2017-0330.json
View File

@ -66,6 +66,11 @@
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/1000xxx/CVE-2017-1000410.json
View File

@ -108,6 +108,11 @@
"name": "102101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102101"
},
{
"refsource": "UBUNTU",
"name": "USN-3933-2",
"url": "https://usn.ubuntu.com/3933-2/"
}
]
}

2
2017/14xxx/CVE-2017-14953.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication."
"value": "** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product."
}
]
},

10
2017/18xxx/CVE-2017-18249.json
View File

@ -71,6 +71,16 @@
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a61ddf8117c26ac5b295e1233eaa9629a94ca3"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

5
2017/18xxx/CVE-2017-18360.json
View File

@ -76,6 +76,11 @@
"name": "https://github.com/torvalds/linux/commit/6aeb75e6adfaed16e58780309613a578fe1ee90b",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/6aeb75e6adfaed16e58780309613a578fe1ee90b"
},
{
"refsource": "UBUNTU",
"name": "USN-3933-2",
"url": "https://usn.ubuntu.com/3933-2/"
}
]
}

34
2017/2xxx/CVE-2017-2676.json Normal file → Executable file
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2676",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
{
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "REJECT",
"ID": "CVE-2017-2676",
"ASSIGNER": "cve@mitre.org"
},
"data_format": "MITRE",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}
}

34
2017/2xxx/CVE-2017-2677.json Normal file → Executable file
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2677",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
{
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "REJECT",
"ID": "CVE-2017-2677",
"ASSIGNER": "cve@mitre.org"
},
"data_format": "MITRE",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}
}

34
2017/2xxx/CVE-2017-2678.json Normal file → Executable file
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2678",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
{
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "REJECT",
"ID": "CVE-2017-2678",
"ASSIGNER": "cve@mitre.org"
},
"data_format": "MITRE",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}
}

34
2017/2xxx/CVE-2017-2679.json Normal file → Executable file
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2679",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
{
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "REJECT",
"ID": "CVE-2017-2679",
"ASSIGNER": "cve@mitre.org"
},
"data_format": "MITRE",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}
}

5
2017/3xxx/CVE-2017-3248.json
View File

@ -85,6 +85,11 @@
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152357/Oracle-Weblogic-Server-Deserialization-RMI-UnicastRef-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152357/Oracle-Weblogic-Server-Deserialization-RMI-UnicastRef-Remote-Code-Execution.html"
}
]
}

58
2017/6xxx/CVE-2017-6047.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6047",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-6047",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Detcon",
"product": {
"product_data": [
{
"product_name": "Sitewatch Gateway",
"version": {
"version_data": [
{
"version_value": "All versions affected except cellular versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-136-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-136-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication."
}
]
}

58
2017/6xxx/CVE-2017-6049.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6049",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-6049",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Detcon",
"product": {
"product_data": [
{
"product_name": "Sitewatch Gateway",
"version": {
"version_data": [
{
"version_value": "All versions affected except cellular versions."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PLAINTEXT STORAGE OF A PASSWORD CWE-256"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-136-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-136-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL."
}
]
}

5
2017/6xxx/CVE-2017-6274.json
View File

@ -57,6 +57,11 @@
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6278.json
View File

@ -57,6 +57,11 @@
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6284.json
View File

@ -57,6 +57,11 @@
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6369.json
View File

@ -66,6 +66,11 @@
"name": "97070",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97070"
},
{
"refsource": "UBUNTU",
"name": "USN-3929-1",
"url": "https://usn.ubuntu.com/3929-1/"
}
]
}

5
2017/7xxx/CVE-2017-7649.json
View File

@ -12,11 +12,12 @@
"product": {
"product_data": [
{
"product_name": "Kura",
"product_name": "Eclipse Kura Installer",
"version": {
"version_data": [
{
"version_value": "Versions prior to 2.1.0"
"version_affected": "<",
"version_value": "2.1.0"
}
]
}

5
2018/1000xxx/CVE-2018-1000807.json
View File

@ -69,6 +69,11 @@
"name": "USN-3813-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3813-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1104",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html"
}
]
}

5
2018/1000xxx/CVE-2018-1000808.json
View File

@ -69,6 +69,11 @@
"name": "USN-3813-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3813-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1104",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html"
}
]
}

61
2018/1000xxx/CVE-2018-1000999.json
View File

@ -1,64 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2019-01-22T21:21:10.010936",
"DATE_REQUESTED": "2018-12-20T18:12:12",
"ID": "CVE-2018-1000999",
"REQUESTER": "cve@rapid7.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-1000999",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fastnet SA MailCleaner version 2018092601 contains a Command Injection (CWE-78) vulnerability in /admin/managetracing/search/search that can result in an authenticated web application user running commands on the underlying web server as root. This attack appears to be exploitable via Post-authentication access to the web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rapid7/metasploit-framework/pull/11148",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/11148"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: [CVE-2018-20323]. Reason: This candidate is a duplicate of [CVE-2018-20323]. Notes: All CVE users should reference [CVE-2018-20323] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

5
2018/10xxx/CVE-2018-10733.json
View File

@ -66,6 +66,11 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1120",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00005.html"
}
]
}

5
2018/10xxx/CVE-2018-10875.json
View File

@ -116,6 +116,11 @@
"name": "DSA-4396",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4396"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1125",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"
}
]
}

5
2018/10xxx/CVE-2018-10916.json
View File

@ -86,6 +86,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1059",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1110",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html"
}
]
}

5
2018/11xxx/CVE-2018-11291.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11784.json
View File

@ -133,6 +133,11 @@
"refsource": "MLIST",
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2018-b18f9dd65b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZ4PX4B3QTKRM35VJAVIEOPZAF76RPBP/"
}
]
}

5
2018/11xxx/CVE-2018-11813.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf",
"refsource": "MISC",
"url": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

5
2018/11xxx/CVE-2018-11821.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11822.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11828.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11849.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11850.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11853.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11854.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11856.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11859.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11861.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11862.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11867.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11870.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11871.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11872.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11873.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11874.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11875.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11876.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11877.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11879.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11880.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11882.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/11xxx/CVE-2018-11884.json
View File

@ -56,6 +56,11 @@
"name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource": "CONFIRM",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"refsource": "BID",
"name": "107681",
"url": "http://www.securityfocus.com/bid/107681"
}
]
}

5
2018/12xxx/CVE-2018-12178.json
View File

@ -53,6 +53,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1083",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-bff1cbaba3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"
}
]
},

5
2018/12xxx/CVE-2018-12180.json
View File

@ -53,6 +53,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1083",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00046.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-bff1cbaba3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"
}
]
},

5
2018/12xxx/CVE-2018-12181.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM",
"name": "https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html",
"url": "https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-bff1cbaba3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"
}
]
},

10
2018/12xxx/CVE-2018-12545.json
View File

@ -61,6 +61,16 @@
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=538096"
},
{
"refsource": "MLIST",
"name": "[infra-devnull] 20190402 [GitHub] [accumulo] milleruntime opened pull request #1072: Upgrade jetty to fix CVE",
"url": "https://lists.apache.org/thread.html/70744fe4faba8e2fa7e50a7fc794dd03cb28dad8b21e08ee59bb1606@%3Cdevnull.infra.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[accumulo-notifications] 20190402 [GitHub] [accumulo] milleruntime opened a new pull request #1072: Upgrade jetty to fix CVE",
"url": "https://lists.apache.org/thread.html/febc94ffec9275dcda64633e0276a1400cd318e571009e4cda9b7a79@%3Cnotifications.accumulo.apache.org%3E"
}
]
}

5
2018/12xxx/CVE-2018-12558.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1114",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00012.html"
}
]
}

48
2018/12xxx/CVE-2018-12679.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12679",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Tanganelli/CoAPthon3/issues/16",
"refsource": "MISC",
"name": "https://github.com/Tanganelli/CoAPthon3/issues/16"
}
]
}

48
2018/12xxx/CVE-2018-12680.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12680",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Serialize.deserialize() method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client) when they receive crafted CoAP messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Tanganelli/CoAPthon/issues/135",
"refsource": "MISC",
"name": "https://github.com/Tanganelli/CoAPthon/issues/135"
}
]
}

10
2018/13xxx/CVE-2018-13097.json
View File

@ -66,6 +66,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/13xxx/CVE-2018-13099.json
View File

@ -81,6 +81,16 @@
"name": "https://bugzilla.kernel.org/show_bug.cgi?id=200179",
"refsource": "MISC",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=200179"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/13xxx/CVE-2018-13100.json
View File

@ -71,6 +71,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

5
2018/14xxx/CVE-2018-14498.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-87e2fa8e0f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

10
2018/14xxx/CVE-2018-14610.json
View File

@ -71,6 +71,16 @@
"name": "https://patchwork.kernel.org/patch/10503415/",
"refsource": "MISC",
"url": "https://patchwork.kernel.org/patch/10503415/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14611.json
View File

@ -71,6 +71,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14612.json
View File

@ -76,6 +76,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14613.json
View File

@ -71,6 +71,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14614.json
View File

@ -66,6 +66,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14616.json
View File

@ -66,6 +66,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

10
2018/14xxx/CVE-2018-14678.json
View File

@ -76,6 +76,16 @@
"name": "DSA-4308",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-1",
"url": "https://usn.ubuntu.com/3931-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-2",
"url": "https://usn.ubuntu.com/3931-2/"
}
]
}

48
2018/15xxx/CVE-2018-15180.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15180",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "qTest Portal in QASymphony qTest Manager 9.0.0 has an Open Redirect via the /portal/loginform redirect parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/0B60g8JcPElCCNHd1R2pPNzVGdy1ITjIza1VubWlUekoyNGhR/view",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/0B60g8JcPElCCNHd1R2pPNzVGdy1ITjIza1VubWlUekoyNGhR/view"
}
]
}

5
2018/16xxx/CVE-2018-16837.json
View File

@ -106,6 +106,11 @@
"name": "DSA-4396",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4396"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1125",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"
}
]
}

5
2018/16xxx/CVE-2018-16859.json
View File

@ -96,6 +96,11 @@
"name": "RHSA-2018:3772",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3772"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1125",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"
}
]
}

5
2018/16xxx/CVE-2018-16876.json
View File

@ -117,6 +117,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0590",
"url": "https://access.redhat.com/errata/RHSA-2019:0590"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1125",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00021.html"
}
]
}

10
2018/16xxx/CVE-2018-16884.json
View File

@ -91,6 +91,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-1",
"url": "https://usn.ubuntu.com/3932-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3932-2",
"url": "https://usn.ubuntu.com/3932-2/"
}
]
}

5
2018/17xxx/CVE-2018-17057.json
View File

@ -76,6 +76,11 @@
"refsource": "EXPLOIT-DB",
"name": "46634",
"url": "https://www.exploit-db.com/exploits/46634/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152360/LimeSurvey-Deserialization-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152360/LimeSurvey-Deserialization-Remote-Code-Execution.html"
}
]
}

5
2018/17xxx/CVE-2018-17189.json
View File

@ -82,6 +82,11 @@
"refsource": "GENTOO",
"name": "GLSA-201903-21",
"url": "https://security.gentoo.org/glsa/201903-21"
},
{
"refsource": "BUGTRAQ",
"name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update",
"url": "https://seclists.org/bugtraq/2019/Apr/5"
}
]
}

5
2018/17xxx/CVE-2018-17199.json
View File

@ -77,6 +77,11 @@
"refsource": "GENTOO",
"name": "GLSA-201903-21",
"url": "https://security.gentoo.org/glsa/201903-21"
},
{
"refsource": "BUGTRAQ",
"name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update",
"url": "https://seclists.org/bugtraq/2019/Apr/5"
}
]
}

10
2018/18xxx/CVE-2018-18021.json
View File

@ -106,6 +106,16 @@
"name": "DSA-4313",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4313"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-1",
"url": "https://usn.ubuntu.com/3931-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-2",
"url": "https://usn.ubuntu.com/3931-2/"
}
]
}

48
2018/18xxx/CVE-2018-18035.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18035",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in flashcanvas.swf in OpenEMR before 5.0.1 Patch 6 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches",
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches"
}
]
}

5
2018/18xxx/CVE-2018-18384.json
View File

@ -61,6 +61,11 @@
"name": "https://sourceforge.net/p/infozip/bugs/53/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/infozip/bugs/53/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1117",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html"
}
]
}

5
2018/18xxx/CVE-2018-18506.json
View File

@ -137,6 +137,11 @@
"refsource": "GENTOO",
"name": "GLSA-201904-07",
"url": "https://security.gentoo.org/glsa/201904-07"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1126",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html"
}
]
}

5
2018/18xxx/CVE-2018-18815.json
View File

@ -156,6 +156,11 @@
"name": "107346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107346"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-305/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-305/"
}
]
},

53
2018/19xxx/CVE-2018-19275.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19275",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002",
"url": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002"
},
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf",
"url": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf"
}
]
}

25
2018/19xxx/CVE-2018-19824.json
View File

@ -96,6 +96,31 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3930-1",
"url": "https://usn.ubuntu.com/3930-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-1",
"url": "https://usn.ubuntu.com/3931-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-3933-2",
"url": "https://usn.ubuntu.com/3933-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-3931-2",
"url": "https://usn.ubuntu.com/3931-2/"
},
{
"refsource": "UBUNTU",
"name": "USN-3930-2",
"url": "https://usn.ubuntu.com/3930-2/"
}
]
}

5
2018/19xxx/CVE-2018-19869.json
View File

@ -61,6 +61,11 @@
"name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/",
"refsource": "CONFIRM",
"url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1116",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html"
}
]
}

5
2018/19xxx/CVE-2018-19871.json
View File

@ -61,6 +61,11 @@
"name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/",
"refsource": "CONFIRM",
"url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1115",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html"
}
]
}

5
2018/1xxx/CVE-2018-1152.json
View File

@ -82,6 +82,11 @@
"name": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
"refsource": "CONFIRM",
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

88
2018/1xxx/CVE-2018-1618.json
View File

@ -1,17 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1618",
"STATE": "RESERVED"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"I": "N",
"SCORE": "7.700",
"PR": "L",
"AC": "L",
"S": "C",
"C": "H",
"UI": "N",
"AV": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144343.",
"lang": "eng"
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
},
"product_name": "Security Privileged Identity Manager"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-1618",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144343",
"name": "ibm-pim-cve20181618-info-disc (144343)",
"refsource": "XF"
}
]
}

90
2018/1xxx/CVE-2018-1622.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1622",
"STATE": "RESERVED"
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Privileged Identity Manager",
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144348",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-pim-cve20181622-csrf (144348)"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00",
"ID": "CVE-2018-1622",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144348.",
"lang": "eng"
}
]
}
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"I": "L",
"SCORE": "4.300",
"A": "N",
"AV": "N",
"S": "U",
"AC": "L",
"PR": "N",
"UI": "R",
"C": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_format": "MITRE"
}

88
2018/1xxx/CVE-2018-1623.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1623",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"AV": "L",
"PR": "N",
"S": "U",
"AC": "L",
"C": "L",
"UI": "N",
"I": "N",
"SCORE": "4.000",
"A": "N"
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 144408.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-1623",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00"
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144408",
"name": "ibm-pim-cve20181623-info-disc (144408)",
"refsource": "XF"
}
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Privileged Identity Manager",
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
}
}

86
2018/1xxx/CVE-2018-1625.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1625",
"STATE": "RESERVED"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"SCORE": "4.300",
"I": "N",
"UI": "N",
"C": "L",
"AC": "L",
"S": "U",
"PR": "L",
"AV": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
},
"product_name": "Security Privileged Identity Manager"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)"
},
{
"refsource": "XF",
"name": "ibm-pim-cve20181625-info-disc (144410)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144410",
"title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00",
"ID": "CVE-2018-1625",
"ASSIGNER": "psirt@us.ibm.com"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 144410."
}
]
}
},
"data_type": "CVE"
}

88
2018/1xxx/CVE-2018-1626.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1626",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 144411."
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"refsource": "XF",
"name": "ibm-pim-cve20181626-info-disc (144411)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144411",
"title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00",
"ID": "CVE-2018-1626",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
},
"product_name": "Security Privileged Identity Manager"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"I": "N",
"SCORE": "3.100",
"AC": "H",
"S": "U",
"PR": "L",
"UI": "N",
"C": "L",
"AV": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
}
}

88
2018/1xxx/CVE-2018-1640.json
View File

@ -1,18 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1640",
"STATE": "RESERVED"
"impact": {
"cvssv3": {
"BM": {
"UI": "N",
"C": "H",
"S": "U",
"AC": "L",
"PR": "L",
"AV": "N",
"A": "H",
"SCORE": "8.800",
"I": "H"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
},
"product_name": "Security Privileged Identity Manager"
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144580",
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-pim-cve20181640-command-exec (144580)"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-1640",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 144580.",
"lang": "eng"
}
]
}
},
"data_type": "CVE"
}

88
2018/1xxx/CVE-2018-1680.json
View File

@ -1,17 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1680",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"C": "H",
"UI": "N",
"PR": "N",
"S": "U",
"AC": "H",
"AV": "N",
"A": "N",
"SCORE": "5.900",
"I": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00",
"ID": "CVE-2018-1680",
"ASSIGNER": "psirt@us.ibm.com"
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 879093 (Security Privileged Identity Manager)",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10879093",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/145236",
"name": "ibm-sim-cve20181680-info-disc (145236)",
"refsource": "XF"
}
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Privileged Identity Manager",
"version": {
"version_data": [
{
"version_value": "2.1.1"
}
]
}
}
]
}
}
]
}
},
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 145236.",
"lang": "eng"
}
]
}

95
2018/1xxx/CVE-2018-1874.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1874",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "5.0.0.0"
},
{
"version_value": "5.0.8.5"
}
]
},
"product_name": "API Connect"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2019-03-27T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2018-1874"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10876994",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10876994",
"title": "IBM Security Bulletin 876994 (API Connect)"
},
{
"name": "ibm-api-cve20181874-info-disc (151636)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/151636"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM API Connect 5.0.0.0 through 5.0.8.5 could display highly sensitive information to an attacker with physical access to the system. IBM X-Force ID: 151636.",
"lang": "eng"
}
]
}
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"UI": "N",
"C": "H",
"AC": "L",
"S": "U",
"PR": "N",
"AV": "P",
"A": "N",
"SCORE": "4.600",
"I": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_format": "MITRE"
}

96
2018/1xxx/CVE-2018-1906.json
View File

@ -1,18 +1,96 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1906",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2018-1906",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00"
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10872320",
"title": "IBM Security Bulletin 872320 (InfoSphere Information Server)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10872320"
},
{
"refsource": "XF",
"name": "ibm-infosphere-cve20181906-info-disc (152663)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152663",
"title": "X-Force Vulnerability Report"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "11.3"
},
{
"version_value": "11.5"
},
{
"version_value": "11.7"
}
]
},
"product_name": "InfoSphere Information Server"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"AV": "N",
"UI": "N",
"C": "L",
"AC": "L",
"S": "U",
"PR": "L",
"SCORE": "4.300",
"I": "N",
"A": "N"
}
}
}
}

105
2018/1xxx/CVE-2018-1917.json
View File

@ -1,18 +1,101 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1917",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.",
"lang": "eng"
}
]
}
},
"data_type": "CVE",
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "11.3"
},
{
"version_value": "11.5"
},
{
"version_value": "11.7"
}
]
},
"product_name": "InfoSphere Information Server"
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-29T00:00:00",
"ID": "CVE-2018-1917",
"ASSIGNER": "psirt@us.ibm.com"
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10872274",
"title": "IBM Security Bulletin 872274 (InfoSphere Information Server)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10872274"
},
{
"refsource": "XF",
"name": "ibm-infosphere-cve20181917-info-disc (152784)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152784",
"title": "X-Force Vulnerability Report"
},
{
"refsource": "BID",
"name": "107688",
"url": "http://www.securityfocus.com/bid/107688"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"AV": "A",
"PR": "L",
"AC": "L",
"S": "U",
"C": "L",
"UI": "N",
"I": "N",
"SCORE": "3.500",
"A": "N"
}
}
},
"data_format": "MITRE"
}

5
2018/20xxx/CVE-2018-20025.json
View File

@ -62,6 +62,11 @@
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/"
},
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04"
}
]
}

5
2018/20xxx/CVE-2018-20026.json
View File

@ -62,6 +62,11 @@
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/"
},
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04"
}
]
}

5
2018/3xxx/CVE-2018-3613.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM",
"name": "https://edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.html",
"url": "https://edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-bff1cbaba3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ABTDKZK2G5XP6JCO3HXMPOA2NRTIYDZ/"
}
]
},

Some files were not shown because too many files have changed in this diff Show More