admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-07-13 12:05:47 -04:00
parent cff05ea9f7
commit 6f08cb4ad2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 526 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2017/1xxx/CVE-2017-1367.json
View File

@ -1,56 +1,14 @@
{
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126860",
"name" : "ibm-sig-cve20171367-info-disc (126860)",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126860."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"A" : "N",
"AV" : "N",
"S" : "U",
"C" : "L",
"SCORE" : "3.700",
"AC" : "H",
"PR" : "N",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-10T00:00:00",
"ID" : "CVE-2017-1367",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -82,16 +40,42 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2017-1367",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-10T00:00:00",
"STATE" : "PUBLIC"
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126860."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "3.700",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
@ -104,5 +88,19 @@
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171367-info-disc(126860)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126860"
}
]
}
}

104
2017/1xxx/CVE-2017-1395.json
View File

@ -1,50 +1,9 @@
{
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"title" : "IBM Security Bulletin 2016869 (Security Identity Governance and Intelligence)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127341",
"name" : "ibm-sig-cve20171395-info-disc (127341)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 127341.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"PR" : "N",
"AC" : "H",
"SCORE" : "5.900",
"S" : "U",
"C" : "H",
"AV" : "N",
"A" : "N",
"I" : "N"
}
}
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-07-10T00:00:00",
"ID" : "CVE-2017-1395",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -87,22 +46,61 @@
]
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-07-10T00:00:00",
"ID" : "CVE-2017-1395",
"ASSIGNER" : "psirt@us.ibm.com"
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 127341."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016869",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016869"
},
{
"name" : "ibm-sig-cve20171395-info-disc(127341)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/127341"
}
]
}
}

67
2018/14xxx/CVE-2018-14047.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14047",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a \"Warning: PNGwriter was never designed for reading untrusted files with it. Do NOT use this in sensitive environments, especially DO NOT read PNGs from unknown sources with it!\" statement in the master/README.md file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/pngwriter",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/pngwriter"
},
{
"name" : "https://github.com/pngwriter/pngwriter/issues/129",
"refsource" : "MISC",
"url" : "https://github.com/pngwriter/pngwriter/issues/129"
}
]
}
}

67
2018/14xxx/CVE-2018-14048.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14048",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/libpng",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/libpng"
},
{
"name" : "https://github.com/glennrp/libpng/issues/238",
"refsource" : "MISC",
"url" : "https://github.com/glennrp/libpng/issues/238"
}
]
}
}

67
2018/14xxx/CVE-2018-14049.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14049",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/libwav",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/libwav"
},
{
"name" : "https://github.com/marc-q/libwav/issues/22",
"refsource" : "MISC",
"url" : "https://github.com/marc-q/libwav/issues/22"
}
]
}
}

67
2018/14xxx/CVE-2018-14050.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14050",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_free in libwav.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/libwav",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/libwav"
},
{
"name" : "https://github.com/marc-q/libwav/issues/20",
"refsource" : "MISC",
"url" : "https://github.com/marc-q/libwav/issues/20"
}
]
}
}

67
2018/14xxx/CVE-2018-14051.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14051",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/libwav",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/libwav"
},
{
"name" : "https://github.com/marc-q/libwav/issues/21",
"refsource" : "MISC",
"url" : "https://github.com/marc-q/libwav/issues/21"
}
]
}
}

67
2018/14xxx/CVE-2018-14052.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14052",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/fouzhe/security/tree/master/libwav",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/libwav"
},
{
"name" : "https://github.com/marc-q/libwav/issues/19",
"refsource" : "MISC",
"url" : "https://github.com/marc-q/libwav/issues/19"
}
]
}
}

18
2018/14xxx/CVE-2018-14053.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14053",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2018/9xxx/CVE-2018-9067.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://support.lenovo.com/us/en/solutions/LEN-21561",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-21561"
}
]

2
2018/9xxx/CVE-2018-9070.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://support.lenovo.com/us/en/solutions/LEN-22172",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-22172"
}
]