diff --git a/2018/1000xxx/CVE-2018-1000867.json b/2018/1000xxx/CVE-2018-1000867.json index cf6c238d5c5..234473ddcd0 100644 --- a/2018/1000xxx/CVE-2018-1000867.json +++ b/2018/1000xxx/CVE-2018-1000867.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=647"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250853","DATE_REQUESTED": "2018-12-03T08:55:27","ID": "CVE-2018-1000867","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.250853", + "DATE_REQUESTED" : "2018-12-03T08:55:27", + "ID" : "CVE-2018-1000867", + "REQUESTER" : "nils.stuenkel@t-systems.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "WeBid", + "version" : { + "version_data" : [ + { + "version_value" : "up to current version 1.2.2" + } + ] + } + } + ] + }, + "vendor_name" : "WeBid" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "SQL Injection" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://bugs.webidsupport.com/view.php?id=647", + "refsource" : "MISC", + "url" : "http://bugs.webidsupport.com/view.php?id=647" + }, + { + "name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f", + "refsource" : "MISC", + "url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f" + }, + { + "name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt", + "refsource" : "MISC", + "url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000868.json b/2018/1000xxx/CVE-2018-1000868.json index c1f631c96c4..d0ee7d9b626 100644 --- a/2018/1000xxx/CVE-2018-1000868.json +++ b/2018/1000xxx/CVE-2018-1000868.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=648"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must click a malicous link. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.251656","DATE_REQUESTED": "2018-12-03T08:58:33","ID": "CVE-2018-1000868","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.251656", + "DATE_REQUESTED" : "2018-12-03T08:58:33", + "ID" : "CVE-2018-1000868", + "REQUESTER" : "nils.stuenkel@t-systems.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "WeBid", + "version" : { + "version_data" : [ + { + "version_value" : "up to current version 1.2.2" + } + ] + } + } + ] + }, + "vendor_name" : "WeBid" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must click a malicous link. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://bugs.webidsupport.com/view.php?id=648", + "refsource" : "MISC", + "url" : "http://bugs.webidsupport.com/view.php?id=648" + }, + { + "name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f", + "refsource" : "MISC", + "url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f" + }, + { + "name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt", + "refsource" : "MISC", + "url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000869.json b/2018/1000xxx/CVE-2018-1000869.json index 0d51f03bb75..211ee333c1b 100644 --- a/2018/1000xxx/CVE-2018-1000869.json +++ b/2018/1000xxx/CVE-2018-1000869.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2344"},{"url": "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d"}]},"description": {"description_data": [{"lang": "eng","value": "phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. This attack appear to be exploitable via Rough user, exploiting the vulnerability to access information he/she does not have access to.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2"}]},"product_name": "phpIPAM"}]},"vendor_name": "phpIPAM"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.252735","DATE_REQUESTED": "2018-12-05T07:39:06","ID": "CVE-2018-1000869","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@arnflo.se"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-89"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.252735", + "DATE_REQUESTED" : "2018-12-05T07:39:06", + "ID" : "CVE-2018-1000869", + "REQUESTER" : "oscar@arnflo.se", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "phpIPAM", + "version" : { + "version_data" : [ + { + "version_value" : "1.3.2" + } + ] + } + } + ] + }, + "vendor_name" : "phpIPAM" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. This attack appear to be exploitable via Rough user, exploiting the vulnerability to access information he/she does not have access to.. This vulnerability appears to have been fixed in 1.4." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-89" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d", + "refsource" : "MISC", + "url" : "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d" + }, + { + "name" : "https://github.com/phpipam/phpipam/issues/2344", + "refsource" : "MISC", + "url" : "https://github.com/phpipam/phpipam/issues/2344" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000870.json b/2018/1000xxx/CVE-2018-1000870.json index 7447ebb2e1f..0ef24adae47 100644 --- a/2018/1000xxx/CVE-2018-1000870.json +++ b/2018/1000xxx/CVE-2018-1000870.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2326"},{"url": "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040"}]},"description": {"description_data": [{"lang": "eng","value": "PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2 and earlier"}]},"product_name": "PHPipam"}]},"vendor_name": "PHPipam"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.253944","DATE_REQUESTED": "2018-12-06T06:56:23","ID": "CVE-2018-1000870","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@sakerhetskontoret.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-79"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.253944", + "DATE_REQUESTED" : "2018-12-06T06:56:23", + "ID" : "CVE-2018-1000870", + "REQUESTER" : "oscar@sakerhetskontoret.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "PHPipam", + "version" : { + "version_data" : [ + { + "version_value" : "1.3.2 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "PHPipam" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-79" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040", + "refsource" : "MISC", + "url" : "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040" + }, + { + "name" : "https://github.com/phpipam/phpipam/issues/2326", + "refsource" : "MISC", + "url" : "https://github.com/phpipam/phpipam/issues/2326" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000871.json b/2018/1000xxx/CVE-2018-1000871.json index 092cd585d90..0d3ad0e0b35 100644 --- a/2018/1000xxx/CVE-2018-1000871.json +++ b/2018/1000xxx/CVE-2018-1000871.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/45976"}]},"description": {"description_data": [{"lang": "eng","value": "HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.3.0 and earlier"}]},"product_name": "HotelDruid 2.3.0"}]},"vendor_name": "HotelDruid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.256066","DATE_REQUESTED": "2018-12-13T10:45:12","ID": "CVE-2018-1000871","ASSIGNER": "kurt@seifried.org","REQUESTER": "sainadhjamalpur@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.256066", + "DATE_REQUESTED" : "2018-12-13T10:45:12", + "ID" : "CVE-2018-1000871", + "REQUESTER" : "sainadhjamalpur@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "HotelDruid 2.3.0", + "version" : { + "version_data" : [ + { + "version_value" : "2.3.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "HotelDruid" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "SQL Injection" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "45976", + "refsource" : "EXPLOIT-DB", + "url" : "https://www.exploit-db.com/exploits/45976" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000872.json b/2018/1000xxx/CVE-2018-1000872.json index 17a369c0f9a..087ba1ab7b1 100644 --- a/2018/1000xxx/CVE-2018-1000872.json +++ b/2018/1000xxx/CVE-2018-1000872.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/OpenKMIP/PyKMIP/issues/430"}]},"description": {"description_data": [{"lang": "eng","value": "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "All versions before 0.8.0"}]},"product_name": "PyKMIP"}]},"vendor_name": "OpenKMIP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.258149","DATE_REQUESTED": "2018-11-12T15:52:55","ID": "CVE-2018-1000872","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE 399: Resource Management Errors (similar issue to CVE-2015-5262)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.258149", + "DATE_REQUESTED" : "2018-11-12T15:52:55", + "ID" : "CVE-2018-1000872", + "REQUESTER" : "secure@veritas.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "PyKMIP", + "version" : { + "version_data" : [ + { + "version_value" : "All versions before 0.8.0" + } + ] + } + } + ] + }, + "vendor_name" : "OpenKMIP" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE 399: Resource Management Errors (similar issue to CVE-2015-5262)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/OpenKMIP/PyKMIP/issues/430", + "refsource" : "MISC", + "url" : "https://github.com/OpenKMIP/PyKMIP/issues/430" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000873.json b/2018/1000xxx/CVE-2018-1000873.json index b619bfe6dd7..ad836aec564 100644 --- a/2018/1000xxx/CVE-2018-1000873.json +++ b/2018/1000xxx/CVE-2018-1000873.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/FasterXML/jackson-modules-java8/issues/90"},{"url": "https://github.com/FasterXML/jackson-modules-java8/pull/87"}]},"description": {"description_data": [{"lang": "eng","value": "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Before 2.9.8"}]},"product_name": "Jackson"}]},"vendor_name": "Fasterxml"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.260099","DATE_REQUESTED": "2018-12-17T16:15:43","ID": "CVE-2018-1000873","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.260099", + "DATE_REQUESTED" : "2018-12-17T16:15:43", + "ID" : "CVE-2018-1000873", + "REQUESTER" : "secure@veritas.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Jackson", + "version" : { + "version_data" : [ + { + "version_value" : "Before 2.9.8" + } + ] + } + } + ] + }, + "vendor_name" : "Fasterxml" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-20: Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/FasterXML/jackson-modules-java8/issues/90", + "refsource" : "MISC", + "url" : "https://github.com/FasterXML/jackson-modules-java8/issues/90" + }, + { + "name" : "https://github.com/FasterXML/jackson-modules-java8/pull/87", + "refsource" : "MISC", + "url" : "https://github.com/FasterXML/jackson-modules-java8/pull/87" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000874.json b/2018/1000xxx/CVE-2018-1000874.json index a6eaa02be86..942a33d72cc 100644 --- a/2018/1000xxx/CVE-2018-1000874.json +++ b/2018/1000xxx/CVE-2018-1000874.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/cebe/markdown/issues/166"}]},"description": {"description_data": [{"lang": "eng","value": "PHP Markdown version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in The parser allows a malicious crafted script to be executed that can result in Steal user data with a crafted script. This attack appear to be exploitable via User must open a crafted MD formatted file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.2.0 and earlier"}]},"product_name": "Markdown"}]},"vendor_name": "PHP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.261247","DATE_REQUESTED": "2018-12-05T15:20:20","ID": "CVE-2018-1000874","ASSIGNER": "kurt@seifried.org","REQUESTER": "stayysalty@protonmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.261247", + "DATE_REQUESTED" : "2018-12-05T15:20:20", + "ID" : "CVE-2018-1000874", + "REQUESTER" : "stayysalty@protonmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Markdown", + "version" : { + "version_data" : [ + { + "version_value" : "1.2.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "PHP" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Markdown version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in The parser allows a malicious crafted script to be executed that can result in Steal user data with a crafted script. This attack appear to be exploitable via User must open a crafted MD formatted file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/cebe/markdown/issues/166", + "refsource" : "MISC", + "url" : "https://github.com/cebe/markdown/issues/166" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000875.json b/2018/1000xxx/CVE-2018-1000875.json index fa4598275d4..88ec9964159 100644 --- a/2018/1000xxx/CVE-2018-1000875.json +++ b/2018/1000xxx/CVE-2018-1000875.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/BOINC/boinc/issues/2907"}]},"description": {"description_data": [{"lang": "eng","value": "Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "0.9-1.0.2"}]},"product_name": "BOINC Server and Website Code"}]},"vendor_name": "Berkeley Open Infrastructure for Network Computing"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262092","DATE_REQUESTED": "2018-12-13T17:03:00","ID": "CVE-2018-1000875","ASSIGNER": "kurt@seifried.org","REQUESTER": "theaspens0@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-302: Authentication Bypass by Assumed-Immutable Data"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.262092", + "DATE_REQUESTED" : "2018-12-13T17:03:00", + "ID" : "CVE-2018-1000875", + "REQUESTER" : "theaspens0@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "BOINC Server and Website Code", + "version" : { + "version_data" : [ + { + "version_value" : "0.9-1.0.2" + } + ] + } + } + ] + }, + "vendor_name" : "Berkeley Open Infrastructure for Network Computing" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-302: Authentication Bypass by Assumed-Immutable Data" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/BOINC/boinc/issues/2907", + "refsource" : "MISC", + "url" : "https://github.com/BOINC/boinc/issues/2907" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000876.json b/2018/1000xxx/CVE-2018-1000876.json index 30eda14dce0..37d320d0f3c 100644 --- a/2018/1000xxx/CVE-2018-1000876.json +++ b/2018/1000xxx/CVE-2018-1000876.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23994"},{"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f"}]},"description": {"description_data": [{"lang": "eng","value": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.32 and earlier"}]},"product_name": "binutils"}]},"vendor_name": "binutils"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262881","DATE_REQUESTED": "2018-12-17T03:18:24","ID": "CVE-2018-1000876","ASSIGNER": "kurt@seifried.org","REQUESTER": "yanshb@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Integer Overflow"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.262881", + "DATE_REQUESTED" : "2018-12-17T03:18:24", + "ID" : "CVE-2018-1000876", + "REQUESTER" : "yanshb@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "binutils", + "version" : { + "version_data" : [ + { + "version_value" : "2.32 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "binutils" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Integer Overflow" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "refsource" : "MISC", + "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=23994" + }, + { + "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f", + "refsource" : "MISC", + "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000877.json b/2018/1000xxx/CVE-2018-1000877.json index a038aa74ba4..56674e4b4b5 100644 --- a/2018/1000xxx/CVE-2018-1000877.json +++ b/2018/1000xxx/CVE-2018-1000877.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.246062","DATE_REQUESTED": "2018-12-13T08:59:54","ID": "CVE-2018-1000877","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-415: Double Free"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.246062", + "DATE_REQUESTED" : "2018-12-13T08:59:54", + "ID" : "CVE-2018-1000877", + "REQUESTER" : "dja@axtens.net", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "libarchive", + "version" : { + "version_data" : [ + { + "version_value" : "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)" + } + ] + } + } + ] + }, + "vendor_name" : "libarchive" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-415: Double Free" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909", + "refsource" : "MISC", + "url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000878.json b/2018/1000xxx/CVE-2018-1000878.json index 18625f35cb8..25ad4e8b820 100644 --- a/2018/1000xxx/CVE-2018-1000878.json +++ b/2018/1000xxx/CVE-2018-1000878.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247087","DATE_REQUESTED": "2018-12-13T09:07:08","ID": "CVE-2018-1000878","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-416: Use After Free"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.247087", + "DATE_REQUESTED" : "2018-12-13T09:07:08", + "ID" : "CVE-2018-1000878", + "REQUESTER" : "dja@axtens.net", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "libarchive", + "version" : { + "version_data" : [ + { + "version_value" : "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)" + } + ] + } + } + ] + }, + "vendor_name" : "libarchive" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-416: Use After Free" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909", + "refsource" : "MISC", + "url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000879.json b/2018/1000xxx/CVE-2018-1000879.json index 88bca891e59..aa20eaae510 100644 --- a/2018/1000xxx/CVE-2018-1000879.json +++ b/2018/1000xxx/CVE-2018-1000879.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247953","DATE_REQUESTED": "2018-12-13T09:14:30","ID": "CVE-2018-1000879","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-476: NULL Pointer Dereference"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.247953", + "DATE_REQUESTED" : "2018-12-13T09:14:30", + "ID" : "CVE-2018-1000879", + "REQUESTER" : "dja@axtens.net", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "libarchive", + "version" : { + "version_data" : [ + { + "version_value" : "commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards)" + } + ] + } + } + ] + }, + "vendor_name" : "libarchive" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-476: NULL Pointer Dereference" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909", + "refsource" : "MISC", + "url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000880.json b/2018/1000xxx/CVE-2018-1000880.json index 19386b3eac1..e2eedbd5244 100644 --- a/2018/1000xxx/CVE-2018-1000880.json +++ b/2018/1000xxx/CVE-2018-1000880.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.248774","DATE_REQUESTED": "2018-12-13T09:53:50","ID": "CVE-2018-1000880","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.248774", + "DATE_REQUESTED" : "2018-12-13T09:53:50", + "ID" : "CVE-2018-1000880", + "REQUESTER" : "dja@axtens.net", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "libarchive", + "version" : { + "version_data" : [ + { + "version_value" : "commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards)" + } + ] + } + } + ] + }, + "vendor_name" : "libarchive" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-20: Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909", + "refsource" : "MISC", + "url" : "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105" + }, + { + "name" : "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680", + "refsource" : "MISC", + "url" : "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000881.json b/2018/1000xxx/CVE-2018-1000881.json index 7d72453e8b4..9a610fa2cb2 100644 --- a/2018/1000xxx/CVE-2018-1000881.json +++ b/2018/1000xxx/CVE-2018-1000881.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/"}]},"description": {"description_data": [{"lang": "eng","value": "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.0 and earlier"}]},"product_name": "Traccar Server"}]},"vendor_name": "Traccar"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.249463","DATE_REQUESTED": "2018-12-04T14:07:18","ID": "CVE-2018-1000881","ASSIGNER": "kurt@seifried.org","REQUESTER": "nickb@appcheck-ng.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.249463", + "DATE_REQUESTED" : "2018-12-04T14:07:18", + "ID" : "CVE-2018-1000881", + "REQUESTER" : "nickb@appcheck-ng.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Traccar Server", + "version" : { + "version_data" : [ + { + "version_value" : "4.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "Traccar" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-94: Improper Control of Generation of Code ('Code Injection')" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/", + "refsource" : "MISC", + "url" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000882.json b/2018/1000xxx/CVE-2018-1000882.json index 60bb61bed2c..2532d9a402d 100644 --- a/2018/1000xxx/CVE-2018-1000882.json +++ b/2018/1000xxx/CVE-2018-1000882.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=646"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250141","DATE_REQUESTED": "2018-12-03T08:52:04","ID": "CVE-2018-1000882","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Directory Traversal"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-12-19T20:52:45.250141", + "DATE_REQUESTED" : "2018-12-03T08:52:04", + "ID" : "CVE-2018-1000882", + "REQUESTER" : "nils.stuenkel@t-systems.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "WeBid", + "version" : { + "version_data" : [ + { + "version_value" : "up to current version 1.2.2" + } + ] + } + } + ] + }, + "vendor_name" : "WeBid" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Directory Traversal" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://bugs.webidsupport.com/view.php?id=646", + "refsource" : "MISC", + "url" : "http://bugs.webidsupport.com/view.php?id=646" + }, + { + "name" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f", + "refsource" : "MISC", + "url" : "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f" + }, + { + "name" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt", + "refsource" : "MISC", + "url" : "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt" + } + ] + } +} diff --git a/2018/13xxx/CVE-2018-13843.json b/2018/13xxx/CVE-2018-13843.json index 64bf62ef8e9..5a8cf735a18 100644 --- a/2018/13xxx/CVE-2018-13843.json +++ b/2018/13xxx/CVE-2018-13843.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c." + "value" : "** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the \"failure to free memory\" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue." } ] }, diff --git a/2018/19xxx/CVE-2018-19233.json b/2018/19xxx/CVE-2018-19233.json index dc364d4ba4b..39e2b0bdb80 100644 --- a/2018/19xxx/CVE-2018-19233.json +++ b/2018/19xxx/CVE-2018-19233.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-19233", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,43 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition", + "refsource" : "BUGTRAQ", + "url" : "https://seclists.org/bugtraq/2018/Nov/37" + }, + { + "name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition", + "refsource" : "FULLDISC", + "url" : "http://seclists.org/fulldisclosure/2018/Nov/55" + }, + { + "name" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html" + }, + { + "name" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/", + "refsource" : "MISC", + "url" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/" } ] } diff --git a/2018/19xxx/CVE-2018-19234.json b/2018/19xxx/CVE-2018-19234.json index 6d8761c2afe..43dacbec115 100644 --- a/2018/19xxx/CVE-2018-19234.json +++ b/2018/19xxx/CVE-2018-19234.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-19234", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,43 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition", + "refsource" : "BUGTRAQ", + "url" : "https://seclists.org/bugtraq/2018/Nov/37" + }, + { + "name" : "20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition", + "refsource" : "FULLDISC", + "url" : "http://seclists.org/fulldisclosure/2018/Nov/55" + }, + { + "name" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/150427/Miss-Marple-Enterprise-Edition-File-Upload-Hardcoded-AES-Key.html" + }, + { + "name" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/", + "refsource" : "MISC", + "url" : "https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-miss-marple-enterprise-edition/" } ] }