admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-03-30 17:12:06 -04:00
parent b6ee525afd
commit 8832f27408
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
25 changed files with 270 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2017/14xxx/CVE-2017-14875.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=755261330733bb2440907a8407ed691c99451ddc"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=755261330733bb2440907a8407ed691c99451ddc"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14876.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14877.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ca395c15c49cf6463a39d197b6a9331d183d94cb"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ca395c15c49cf6463a39d197b6a9331d183d94cb"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14881.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=81ea9c34f575422a78015535c619500c34b8a69c"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=81ea9c34f575422a78015535c619500c34b8a69c"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14883.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=3de34af4e2ca91e1a2260deb380b81620a631c85"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=3de34af4e2ca91e1a2260deb380b81620a631c85"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14891.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=736667bf08b03fdca824e88b901c2dbdd6703a0c"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=736667bf08b03fdca824e88b901c2dbdd6703a0c"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/14xxx/CVE-2017-14892.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a3bed71777c133cfec78b5140877c6ba109961a0"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=a3bed71777c133cfec78b5140877c6ba109961a0"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/15xxx/CVE-2017-15823.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=49c1ce19c8a4689c33e6e8f17ab77d77fae6ff93"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=49c1ce19c8a4689c33e6e8f17ab77d77fae6ff93"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/15xxx/CVE-2017-15826.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/15xxx/CVE-2017-15846.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=9fdbd92ec9196ba3629f68f4c22342aa6eedc960"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/15xxx/CVE-2017-15859.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=88dcc44ea8fbe158d1dee3ea197e47794bf4449d"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=88dcc44ea8fbe158d1dee3ea197e47794bf4449d"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

46
2017/16xxx/CVE-2017-16614.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16614",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2018/Mar/77"
}
]
}

4
2017/17xxx/CVE-2017-17766.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a37d8a78f5bd0e9a2c91de46721a6d80bd229a43"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a37d8a78f5bd0e9a2c91de46721a6d80bd229a43"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

4
2017/17xxx/CVE-2017-17771.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a452045792bc09548b4e1b940aa8adfed822b51c"
},
{
"url" : "https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=a452045792bc09548b4e1b940aa8adfed822b51c"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

6
2017/9xxx/CVE-2017-9692.json
View File

@ -53,14 +53,14 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://www.codeaurora.org/security-bulletin/2018/02/16/february-2018-code-aurora-security-bulletin"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=061556e74a08f89f04b3da30119029ca3fd87ad8"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=ef8e3cd4588b5ae71b73a3aca751d59e882e6748"
},
{
"url" : "https://www.codeaurora.org/security-bulletin/2018/02/16/february-2018-code-aurora-security-bulletin"
}
]
}

4
2017/9xxx/CVE-2017-9693.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05a5abb21e4d97001f77d344444a3ec2f9c275f9"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05a5abb21e4d97001f77d344444a3ec2f9c275f9"
"url" : "https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1"
}
]
}

4
2017/9xxx/CVE-2017-9694.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1"
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1e47d44de7bab5500d27f17ae5c4ebebc7d2b4ef"
},
{
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=1e47d44de7bab5500d27f17ae5c4ebebc7d2b4ef"
"url" : "https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1"
}
]
}

4
2017/9xxx/CVE-2017-9723.json
View File

@ -54,10 +54,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e83ebd2098009b0d336ffab11e00f739902bd5d9"
},
{
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e83ebd2098009b0d336ffab11e00f739902bd5d9"
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}

2
2018/1xxx/CVE-2018-1232.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "RSA Authentication Agent for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation."
"value" : "RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation."
}
]
},

2
2018/1xxx/CVE-2018-1233.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "RSA Authentication Agent for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website."
"value" : "RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's browser session in the context of the affected website."
}
]
},

2
2018/1xxx/CVE-2018-1234.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "RSA Authentication Agent for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent."
"value" : "RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can exploit this vulnerability to read configuration properties for the authentication agent."
}
]
},

46
2018/5xxx/CVE-2018-5708.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-5708",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2018/Mar/66"
}
]
}

49
2018/7xxx/CVE-2018-7171.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7171",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://packetstormsecurity.com/files/146938/TwonkyMedia-Server-7.0.11-8.5-Directory-Traversal.html"
},
{
"url" : "https://github.com/mechanico/sharingIsCaring/blob/master/twonky.py"
}
]
}

46
2018/7xxx/CVE-2018-7203.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7203",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://packetstormsecurity.com/files/146939/TwonkyMedia-Server-7.0.11-8.5-Cross-Site-Scripting.html"
}
]
}

55
2018/7xxx/CVE-2018-7566.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7566",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,35 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://mailman.alsa-project.org/pipermail/alsa-devel/2018-February/132026.html"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1550142"
},
{
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d15d662e89fc667b90cd294b0eb45694e33144da"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.html"
}
]
}