admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-10-22 16:04:33 -04:00
parent 864bad5379
commit 7107a635fd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 139 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/13xxx/CVE-2018-13114.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13114",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the \"ssid\" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://utkusen.com/blog/multiple-vulnerabilities-on-kerui-endoscope-camera.html",
"refsource" : "MISC",
"url" : "https://utkusen.com/blog/multiple-vulnerabilities-on-kerui-endoscope-camera.html"
}
]
}

48
2018/13xxx/CVE-2018-13115.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-13115",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://utkusen.com/blog/multiple-vulnerabilities-on-kerui-endoscope-camera.html",
"refsource" : "MISC",
"url" : "https://utkusen.com/blog/multiple-vulnerabilities-on-kerui-endoscope-camera.html"
}
]
}

5
2018/14xxx/CVE-2018-14825.json
View File

@ -105,6 +105,11 @@
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-256-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-256-01"
},
{
"name" : "https://cert.vde.com/de-de/advisories/vde-2018-016",
"refsource" : "MISC",
"url" : "https://cert.vde.com/de-de/advisories/vde-2018-016"
}
]
}

2
2018/17xxx/CVE-2018-17793.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Virtualenv 16.0.0 allows a sandbox escape via \"python $(bash >&2)\" and \"python $(rbash >&2)\" commands."
"value" : "** DISPUTED ** Virtualenv 16.0.0 allows a sandbox escape via \"python $(bash >&2)\" and \"python $(rbash >&2)\" commands. NOTE: the software maintainer disputes this because the Python interpreter in a virtualenv is supposed to be able to execute arbitrary code."
}
]
},

5
2018/18xxx/CVE-2018-18478.json
View File

@ -66,6 +66,11 @@
"name" : "https://github.com/librenms/librenms/releases/tag/1.44",
"refsource" : "MISC",
"url" : "https://github.com/librenms/librenms/releases/tag/1.44"
},
{
"name" : "https://hackpuntes.com/cve-2018-18478-libre-nms-1-43-cross-site-scripting-persistente/",
"refsource" : "MISC",
"url" : "https://hackpuntes.com/cve-2018-18478-libre-nms-1-43-cross-site-scripting-persistente/"
}
]
}

18
2018/18xxx/CVE-2018-18576.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18576",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/18xxx/CVE-2018-18577.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18577",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}