admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submission from Huawei from 2018-12-03.

Browse Source
This commit is contained in:
CVE Team 2018-12-04 12:32:37 -05:00
parent d833c9486d
commit 72186b53e7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 90 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/7xxx/CVE-2018-7956.json
View File

@ -1,8 +1,31 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "psirt@huawei.com",
"ID" : "CVE-2018-7956", "ID" : "CVE-2018-7956",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Huawei VIP App",
"version" : {
"version_data" : [
{
"version_value" : "versions before 4.0.5"
}
]
}
}
]
},
"vendor_name" : "Huawei Technologies Co., Ltd."
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability that attackers can conduct bruteforce to the VIP App Web Services to get user information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "information leakage"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181129-01-huaweivip-en"
} }
] ]
} }

48
2018/7xxx/CVE-2018-7987.json
View File

@ -1,8 +1,31 @@
{ {
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "psirt@huawei.com",
"ID" : "CVE-2018-7987", "ID" : "CVE-2018-7987",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Huawei P20",
"version" : {
"version_data" : [
{
"version_value" : "the versions before 8.1.0.171(C00)"
}
]
}
}
]
},
"vendor_name" : "Huawei Technologies Co., Ltd."
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "There is an out-of-bounds write vulnerability on several smartphones. The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful exploit could cause a denial of service condition."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "out-of-bounds write"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181128-02-smartphone-en"
} }
] ]
} }