admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:CVEProject/cvelist

Browse Source
This commit is contained in:
CVE Team 2019-01-29 10:53:50 -05:00
commit 63eeb004ef
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
4 changed files with 343 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
2018/16xxx/CVE-2018-16880.json
View File

@ -1,18 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-16880",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16880",
"ASSIGNER": "psampaio@redhat.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "The Linux Foundation",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "from v4.16 and newer"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. Versions from v4.16 and newer are vulnerable."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
]
]
}
}

111
2018/1xxx/CVE-2018-1668.json
View File

@ -1,17 +1,110 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1668",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows \"null\" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"A" : "N",
"S" : "U",
"UI" : "N",
"SCORE" : "5.300",
"C" : "L",
"AC" : "L",
"AV" : "N",
"I" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.6.0.0"
},
{
"version_value" : "7.5.2.0"
},
{
"version_value" : "7.5.1.0"
},
{
"version_value" : "7.5.0.0"
},
{
"version_value" : "7.5.0.19"
},
{
"version_value" : "7.5.1.18"
},
{
"version_value" : "7.5.2.18"
},
{
"version_value" : "7.6.0.11"
}
]
},
"product_name" : "DataPower Gateway"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1668",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-01-11T00:00:00"
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 794735 (DataPower Gateway)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794735",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794735"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/144894",
"name" : "ibm-websphere-cve20181668-info-disc (144894)"
}
]
}

97
2018/1xxx/CVE-2018-1733.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1733",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content. IBM X-Force ID: 147811.",
"lang" : "eng"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Data Manipulation"
}
]
}
]
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10794523",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10794523",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 794523 (QRadar SIEM)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-qradar-cve20181733-spoofing (147811)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147811"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-01-23T00:00:00",
"ID" : "CVE-2018-1733",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.2"
},
{
"version_value" : "7.3"
}
]
},
"product_name" : "QRadar SIEM"
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "L",
"AV" : "N",
"UI" : "N",
"S" : "U",
"AC" : "L",
"C" : "N",
"SCORE" : "5.300",
"A" : "N",
"PR" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"data_version" : "4.0"
}

97
2018/1xxx/CVE-2018-1976.json
View File

@ -1,18 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1976",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive information disclosure via a REST API that could allow a user with administrative privileges to obtain highly sensitive information. IBM X-Force ID: 154031.",
"lang" : "eng"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-01-24T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1976",
"ASSIGNER" : "psirt@us.ibm.com"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10843130",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10843130",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 843130 (API Connect)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154031",
"name" : "ibm-api-cve20181976-info-disc (154031)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "5.0.0.0"
},
{
"version_value" : "5.0.8.4"
}
]
},
"product_name" : "API Connect"
}
]
}
}
]
}
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"PR" : "H",
"UI" : "N",
"S" : "U",
"AC" : "L",
"SCORE" : "4.900",
"C" : "H",
"I" : "N",
"AV" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_format" : "MITRE"
}