admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-07-30 09:05:40 -04:00
parent 2b9e69ae97
commit 624490946c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
4 changed files with 159 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/12xxx/CVE-2017-12150.json
View File

@ -86,11 +86,6 @@
"refsource" : "CONFIRM", "refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us" "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us"
}, },
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbux03817en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbux03817en_us"
},
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us", "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us",
"refsource" : "CONFIRM", "refsource" : "CONFIRM",

5
2017/12xxx/CVE-2017-12163.json
View File

@ -86,11 +86,6 @@
"refsource" : "CONFIRM", "refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us" "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03775en_us"
}, },
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbux03817en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbux03817en_us"
},
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us", "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03817en_us",
"refsource" : "CONFIRM", "refsource" : "CONFIRM",

137
2017/7xxx/CVE-2017-7514.json
View File

@ -1,71 +1,72 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "sfowler@redhat.com",
"data_version": "4.0", "ID" : "CVE-2017-7514",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2017-7514", },
"ASSIGNER": "sfowler@redhat.com" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "Red Hat", {
"product": { "product_name" : "Red Hat Satellite",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "Red Hat Satellite", {
"version": { "version_value" : "5.8.0"
"version_data": [ }
{ ]
"version_value": "5.8.0" }
} }
] ]
} },
} "vendor_name" : "Red Hat"
] }
} ]
} }
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0. A user able to specify a failed action could exploit this flaw to perform XSS attacks against other Satellite users."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79"
}
] ]
} }
}, ]
"problemtype": { },
"problemtype_data": [ "references" : {
{ "reference_data" : [
"description": [ {
{ "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7514",
"lang": "eng", "refsource" : "CONFIRM",
"value": "CWE-79" "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7514"
} }
] ]
} }
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7514",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7514",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0. A user able to specify a failed action could exploit this flaw to perform XSS attacks against other Satellite users."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
]
]
}
} }

164
2017/7xxx/CVE-2017-7518.json
View File

@ -1,77 +1,93 @@
{ {
"data_type": "CVE", "CVE_data_meta" : {
"data_format": "MITRE", "ASSIGNER" : "sfowler@redhat.com",
"data_version": "4.0", "ID" : "CVE-2017-7518",
"CVE_data_meta": { "STATE" : "PUBLIC"
"ID": "CVE-2017-7518", },
"ASSIGNER": "sfowler@redhat.com" "affects" : {
}, "vendor" : {
"affects": { "vendor_data" : [
"vendor": { {
"vendor_data": [ "product" : {
{ "product_data" : [
"vendor_name": "[UNKNOWN]", {
"product": { "product_name" : "Kernel:",
"product_data": [ "version" : {
{ "version_data" : [
"product_name": "Kernel:", {
"version": { "version_value" : "4.12"
"version_data": [ }
{ ]
"version_value": "4.12" }
} }
] ]
} },
} "vendor_name" : "[UNKNOWN]"
] }
} ]
} }
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version" : "3.0"
}
],
[
{
"vectorString" : "5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version" : "2.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-250"
}
] ]
} }
}, ]
"problemtype": { },
"problemtype_data": [ "references" : {
{ "reference_data" : [
"description": [ {
{ "name" : "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
"lang": "eng", "refsource" : "MLIST",
"value": "CWE-250" "url" : "https://www.spinics.net/lists/kvm/msg151817.html"
} },
] {
} "name" : "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
] "refsource" : "MLIST",
}, "url" : "http://www.openwall.com/lists/oss-security/2017/06/23/5"
"references": { },
"reference_data": [ {
{ "name" : "https://access.redhat.com/articles/3290921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518", "refsource" : "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518", "url" : "https://access.redhat.com/articles/3290921"
"refsource": "CONFIRM" },
} {
] "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
}, "refsource" : "CONFIRM",
"description": { "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518"
"description_data": [ }
{ ]
"lang": "eng", }
"value": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
[
{
"vectorString": "5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
]
}
} }