admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-11-10 14:06:39 -05:00
parent 088b3590ab
commit 873fae5a4c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 153 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2018/19xxx/CVE-2018-19148.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19148", "ID" : "CVE-2018-19148",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Caddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames. Specifically, when unable to match a Host header with a vhost in its configuration, it serves the X.509 certificate for a randomly selected vhost in its configuration. Repeated requests (with a nonexistent hostname in the Host header) permit full enumeration of all certificates on the server. This generally permits an attacker to easily and accurately discover the existence of and relationships among hostnames that weren't meant to be public, though this information could likely have been discovered via other methods with additional effort."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/mholt/caddy/issues/1303",
"refsource" : "MISC",
"url" : "https://github.com/mholt/caddy/issues/1303"
},
{
"name" : "https://github.com/mholt/caddy/issues/2334",
"refsource" : "MISC",
"url" : "https://github.com/mholt/caddy/issues/2334"
},
{
"name" : "https://github.com/mholt/caddy/pull/2015",
"refsource" : "MISC",
"url" : "https://github.com/mholt/caddy/pull/2015"
} }
] ]
} }

48
2018/19xxx/CVE-2018-19149.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19149", "ID" : "CVE-2018-19149",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://gitlab.freedesktop.org/poppler/poppler/issues/664",
"refsource" : "MISC",
"url" : "https://gitlab.freedesktop.org/poppler/poppler/issues/664"
} }
] ]
} }

53
2018/19xxx/CVE-2018-19150.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19150", "ID" : "CVE-2018-19150",
"STATE" : "RESERVED" "STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
}, },
"data_format" : "MITRE", "data_format" : "MITRE",
"data_type" : "CVE", "data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value" : "Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a \"Data from Faulting Address controls Code Flow\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2018-09-19-pdf-architect-corruption.md",
"refsource" : "MISC",
"url" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2018-09-19-pdf-architect-corruption.md"
},
{
"name" : "https://nafiez.github.io/security/integer/2018/09/18/pdf-architect-corruption.html",
"refsource" : "MISC",
"url" : "https://nafiez.github.io/security/integer/2018/09/18/pdf-architect-corruption.html"
} }
] ]
} }