From 71e55990cd4354762ede4adbe04f59031bb376ba Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Fri, 26 Oct 2018 09:45:50 -0400
Subject: [PATCH] - Synchronized data.

---
 2017/18xxx/CVE-2017-18309.json |  1 -
 2017/18xxx/CVE-2017-18310.json |  1 -
 2017/18xxx/CVE-2017-18311.json |  1 -
 2018/11xxx/CVE-2018-11305.json |  1 -
 2018/11xxx/CVE-2018-11821.json |  1 -
 2018/11xxx/CVE-2018-11828.json |  1 -
 2018/11xxx/CVE-2018-11846.json |  1 -
 2018/11xxx/CVE-2018-11849.json |  3 +-
 2018/11xxx/CVE-2018-11850.json |  3 +-
 2018/11xxx/CVE-2018-11853.json |  1 -
 2018/11xxx/CVE-2018-11854.json |  1 -
 2018/11xxx/CVE-2018-11950.json |  1 -
 2018/18xxx/CVE-2018-18657.json | 72 ++++++++++++++++++++++++++++++++++
 2018/18xxx/CVE-2018-18658.json | 72 ++++++++++++++++++++++++++++++++++
 2018/18xxx/CVE-2018-18659.json | 72 ++++++++++++++++++++++++++++++++++
 2018/18xxx/CVE-2018-18660.json | 72 ++++++++++++++++++++++++++++++++++
 2018/18xxx/CVE-2018-18661.json | 62 +++++++++++++++++++++++++++++
 2018/18xxx/CVE-2018-18662.json | 67 +++++++++++++++++++++++++++++++
 2018/5xxx/CVE-2018-5914.json   |  1 -
 19 files changed, 419 insertions(+), 15 deletions(-)
 create mode 100644 2018/18xxx/CVE-2018-18657.json
 create mode 100644 2018/18xxx/CVE-2018-18658.json
 create mode 100644 2018/18xxx/CVE-2018-18659.json
 create mode 100644 2018/18xxx/CVE-2018-18660.json
 create mode 100644 2018/18xxx/CVE-2018-18661.json
 create mode 100644 2018/18xxx/CVE-2018-18662.json

diff --git a/2017/18xxx/CVE-2017-18309.json b/2017/18xxx/CVE-2017-18309.json
index e01aff72bbd..f1c63239cc0 100644
--- a/2017/18xxx/CVE-2017-18309.json
+++ b/2017/18xxx/CVE-2017-18309.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2017/18xxx/CVE-2017-18310.json b/2017/18xxx/CVE-2017-18310.json
index 10708a0160e..4e493aae423 100644
--- a/2017/18xxx/CVE-2017-18310.json
+++ b/2017/18xxx/CVE-2017-18310.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2017/18xxx/CVE-2017-18311.json b/2017/18xxx/CVE-2017-18311.json
index cac30beeaae..521bdb0b147 100644
--- a/2017/18xxx/CVE-2017-18311.json
+++ b/2017/18xxx/CVE-2017-18311.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11305.json b/2018/11xxx/CVE-2018-11305.json
index f0c631791b6..007571fbed1 100644
--- a/2018/11xxx/CVE-2018-11305.json
+++ b/2018/11xxx/CVE-2018-11305.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11821.json b/2018/11xxx/CVE-2018-11821.json
index 401c6a303e3..c98a0711049 100644
--- a/2018/11xxx/CVE-2018-11821.json
+++ b/2018/11xxx/CVE-2018-11821.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11828.json b/2018/11xxx/CVE-2018-11828.json
index c49c233dda5..f0452ba4bfa 100644
--- a/2018/11xxx/CVE-2018-11828.json
+++ b/2018/11xxx/CVE-2018-11828.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11846.json b/2018/11xxx/CVE-2018-11846.json
index 683941d82f3..de4b3e36039 100644
--- a/2018/11xxx/CVE-2018-11846.json
+++ b/2018/11xxx/CVE-2018-11846.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11849.json b/2018/11xxx/CVE-2018-11849.json
index 3d945f52162..5aa3566f731 100644
--- a/2018/11xxx/CVE-2018-11849.json
+++ b/2018/11xxx/CVE-2018-11849.json
@@ -34,7 +34,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "Lack of check on out of range of bssid parameter When processing scan start command  will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016"
+            "value" : "Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016"
          }
       ]
    },
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11850.json b/2018/11xxx/CVE-2018-11850.json
index 2ca46ac0061..459ddd74351 100644
--- a/2018/11xxx/CVE-2018-11850.json
+++ b/2018/11xxx/CVE-2018-11850.json
@@ -34,7 +34,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "Lack of check on remaining length parameter When processing scan start command  will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20"
+            "value" : "Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20"
          }
       ]
    },
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11853.json b/2018/11xxx/CVE-2018-11853.json
index 356a2fe2732..ae2acea2a79 100644
--- a/2018/11xxx/CVE-2018-11853.json
+++ b/2018/11xxx/CVE-2018-11853.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11854.json b/2018/11xxx/CVE-2018-11854.json
index e4b1359fb5b..1a5409e0c0f 100644
--- a/2018/11xxx/CVE-2018-11854.json
+++ b/2018/11xxx/CVE-2018-11854.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/11xxx/CVE-2018-11950.json b/2018/11xxx/CVE-2018-11950.json
index e8cba04624f..2e08be262f8 100644
--- a/2018/11xxx/CVE-2018-11950.json
+++ b/2018/11xxx/CVE-2018-11950.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-
diff --git a/2018/18xxx/CVE-2018-18657.json b/2018/18xxx/CVE-2018-18657.json
new file mode 100644
index 00000000000..5a47748ddb1
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18657.json
@@ -0,0 +1,72 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18657",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://support.arcserve.com/s/article/360001392563?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/360001392563?language=en_US"
+         },
+         {
+            "name" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US"
+         },
+         {
+            "name" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/",
+            "refsource" : "MISC",
+            "url" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/"
+         }
+      ]
+   }
+}
diff --git a/2018/18xxx/CVE-2018-18658.json b/2018/18xxx/CVE-2018-18658.json
new file mode 100644
index 00000000000..95a8e97959d
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18658.json
@@ -0,0 +1,72 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18658",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSettings.xml issue."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://support.arcserve.com/s/article/360001392563?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/360001392563?language=en_US"
+         },
+         {
+            "name" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US"
+         },
+         {
+            "name" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/",
+            "refsource" : "MISC",
+            "url" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/"
+         }
+      ]
+   }
+}
diff --git a/2018/18xxx/CVE-2018-18659.json b/2018/18xxx/CVE-2018-18659.json
new file mode 100644
index 00000000000..1f31401fdf1
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18659.json
@@ -0,0 +1,72 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18659",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://support.arcserve.com/s/article/360001392563?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/360001392563?language=en_US"
+         },
+         {
+            "name" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US"
+         },
+         {
+            "name" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/",
+            "refsource" : "MISC",
+            "url" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/"
+         }
+      ]
+   }
+}
diff --git a/2018/18xxx/CVE-2018-18660.json b/2018/18xxx/CVE-2018-18660.json
new file mode 100644
index 00000000000..cb5bb9205a6
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18660.json
@@ -0,0 +1,72 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18660",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://support.arcserve.com/s/article/360001392563?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/360001392563?language=en_US"
+         },
+         {
+            "name" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US",
+            "refsource" : "MISC",
+            "url" : "https://support.arcserve.com/s/article/Security-vulnerabilities-with-Arcserve-UDP-and-fixes-for-them?language=en_US"
+         },
+         {
+            "name" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/",
+            "refsource" : "MISC",
+            "url" : "https://www.digitaldefense.com/blog/zero-day-alerts/arcserve-disclosure/"
+         }
+      ]
+   }
+}
diff --git a/2018/18xxx/CVE-2018-18661.json b/2018/18xxx/CVE-2018-18661.json
new file mode 100644
index 00000000000..f42d91cc7b8
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18661.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18661",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2819",
+            "refsource" : "MISC",
+            "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2819"
+         }
+      ]
+   }
+}
diff --git a/2018/18xxx/CVE-2018-18662.json b/2018/18xxx/CVE-2018-18662.json
new file mode 100644
index 00000000000..4aca19194ee
--- /dev/null
+++ b/2018/18xxx/CVE-2018-18662.json
@@ -0,0 +1,67 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-18662",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://bugs.ghostscript.com/show_bug.cgi?id=700043",
+            "refsource" : "MISC",
+            "url" : "https://bugs.ghostscript.com/show_bug.cgi?id=700043"
+         },
+         {
+            "name" : "https://github.com/TeamSeri0us/pocs/tree/master/mupdf",
+            "refsource" : "MISC",
+            "url" : "https://github.com/TeamSeri0us/pocs/tree/master/mupdf"
+         }
+      ]
+   }
+}
diff --git a/2018/5xxx/CVE-2018-5914.json b/2018/5xxx/CVE-2018-5914.json
index 1df0a1f47dc..b388c53f0e1 100644
--- a/2018/5xxx/CVE-2018-5914.json
+++ b/2018/5xxx/CVE-2018-5914.json
@@ -60,4 +60,3 @@
       ]
    }
 }
-