From 5a1521b3d734c3e4f820a6f7af50fe149e9cfe5c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 2 May 2018 15:06:15 -0400 Subject: [PATCH] - Synchronized data. --- 2018/10xxx/CVE-2018-10677.json | 53 +++++++++++++++++++++++++++-- 2018/10xxx/CVE-2018-10678.json | 18 ++++++++++ 2018/10xxx/CVE-2018-10679.json | 18 ++++++++++ 2018/10xxx/CVE-2018-10680.json | 62 ++++++++++++++++++++++++++++++++++ 2018/10xxx/CVE-2018-10681.json | 18 ++++++++++ 2018/1xxx/CVE-2018-1104.json | 18 ++++++---- 2018/8xxx/CVE-2018-8115.json | 7 ++-- 7 files changed, 184 insertions(+), 10 deletions(-) create mode 100644 2018/10xxx/CVE-2018-10678.json create mode 100644 2018/10xxx/CVE-2018-10679.json create mode 100644 2018/10xxx/CVE-2018-10680.json create mode 100644 2018/10xxx/CVE-2018-10681.json diff --git a/2018/10xxx/CVE-2018-10677.json b/2018/10xxx/CVE-2018-10677.json index 047880fdf59..c2ddd8e9e7a 100644 --- a/2018/10xxx/CVE-2018-10677.json +++ b/2018/10xxx/CVE-2018-10677.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-10677", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/miniupnp/ngiflib/commit/b588a2249c7abbfc52173e32ee11d6facef82f89", + "refsource" : "CONFIRM", + "url" : "https://github.com/miniupnp/ngiflib/commit/b588a2249c7abbfc52173e32ee11d6facef82f89" + }, + { + "name" : "https://github.com/miniupnp/ngiflib/issues/1", + "refsource" : "CONFIRM", + "url" : "https://github.com/miniupnp/ngiflib/issues/1" } ] } diff --git a/2018/10xxx/CVE-2018-10678.json b/2018/10xxx/CVE-2018-10678.json new file mode 100644 index 00000000000..c1b0f9537f8 --- /dev/null +++ b/2018/10xxx/CVE-2018-10678.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-10678", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/10xxx/CVE-2018-10679.json b/2018/10xxx/CVE-2018-10679.json new file mode 100644 index 00000000000..3b575dd845e --- /dev/null +++ b/2018/10xxx/CVE-2018-10679.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-10679", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/10xxx/CVE-2018-10680.json b/2018/10xxx/CVE-2018-10680.json new file mode 100644 index 00000000000..13c839ada26 --- /dev/null +++ b/2018/10xxx/CVE-2018-10680.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-10680", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting Vulnerability exploitable by an administrator who navigates to \"Web site settings --> Basic setting --> Website title\" and enters an XSS payload via the zb_system/cmd.php ZC_BLOG_NAME parameter. NOTE: the vendor disputes the security relevance, noting it is \"just a functional bug.\"" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/zblogcn/zblogphp/issues/185", + "refsource" : "MISC", + "url" : "https://github.com/zblogcn/zblogphp/issues/185" + } + ] + } +} diff --git a/2018/10xxx/CVE-2018-10681.json b/2018/10xxx/CVE-2018-10681.json new file mode 100644 index 00000000000..d4b6e441654 --- /dev/null +++ b/2018/10xxx/CVE-2018-10681.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-10681", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1104.json b/2018/1xxx/CVE-2018-1104.json index 0275e6b3aa1..cb7607ca343 100644 --- a/2018/1xxx/CVE-2018-1104.json +++ b/2018/1xxx/CVE-2018-1104.json @@ -54,13 +54,19 @@ "references" : { "reference_data" : [ { - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1565862," - }, - { - "url" : "https://www.ansible.com/security," - }, - { + "name" : "https://access.redhat.com/security/cve/cve-2018-1104", + "refsource" : "MISC", "url" : "https://access.redhat.com/security/cve/cve-2018-1104" + }, + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1565862", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1565862" + }, + { + "name" : "https://www.ansible.com/security", + "refsource" : "CONFIRM", + "url" : "https://www.ansible.com/security" } ] } diff --git a/2018/8xxx/CVE-2018-8115.json b/2018/8xxx/CVE-2018-8115.json index 7d3f8889cff..707836cf138 100644 --- a/2018/8xxx/CVE-2018-8115.json +++ b/2018/8xxx/CVE-2018-8115.json @@ -1,7 +1,8 @@ { "CVE_data_meta" : { "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-8115" + "ID" : "CVE-2018-8115", + "STATE" : "PUBLIC" }, "affects" : { "vendor" : { @@ -33,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image, aka \"Windows Host Compute Service Shim Remote Code Execution Vulnerability.\" This affects Windows Host Compute. " + "value" : "A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image, aka \"Windows Host Compute Service Shim Remote Code Execution Vulnerability.\" This affects Windows Host Compute." } ] }, @@ -52,6 +53,8 @@ "references" : { "reference_data" : [ { + "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8115", + "refsource" : "CONFIRM", "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8115" } ]