admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-08-27 09:04:15 -04:00
parent ca18783919
commit 979ac76470
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 95 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2018/0xxx/CVE-2018-0715.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application."
"value" : "Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application."
}
]
},
@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://www.qnap.com/zh-tw/security-advisory/nas-201808-23",
"refsource" : "CONFIRM",
"url" : "https://www.qnap.com/zh-tw/security-advisory/nas-201808-23"
}
]

147
2018/10xxx/CVE-2018-10938.json
View File

@ -1,71 +1,82 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-10938",
"ASSIGNER": "sfowler@redhat.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "kernel:",
"version": {
"version_data": [
{
"version_value": "4.13-rc5"
}
]
}
}
]
}
}
"CVE_data_meta" : {
"ASSIGNER" : "sfowler@redhat.com",
"ID" : "CVE-2018-10938",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "kernel:",
"version" : {
"version_data" : [
{
"version_value" : "4.13-rc5"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-400"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10938",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10938",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
]
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20180827 CVE-2018-10938: Linux kernel: net: infinite loop in net/ipv4/cipso_ipv4.c:cipso_v4_optptr() allows a remote DoS",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2018/q3/179"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10938",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10938"
},
{
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=40413955ee265a5e42f710940ec78f5450d49149",
"refsource" : "CONFIRM",
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=40413955ee265a5e42f710940ec78f5450d49149"
}
]
}
}

6
2018/14xxx/CVE-2018-14371.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.5 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications."
"value" : "The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications."
}
]
},
@ -54,12 +54,12 @@
"reference_data" : [
{
"name" : "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"refsource" : "MISC",
"refsource" : "CONFIRM",
"url" : "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"name" : "https://github.com/javaserverfaces/mojarra/issues/4364",
"refsource" : "MISC",
"refsource" : "CONFIRM",
"url" : "https://github.com/javaserverfaces/mojarra/issues/4364"
}
]

5
2018/3xxx/CVE-2018-3620.json
View File

@ -113,6 +113,11 @@
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2018-0021.html"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
},
{
"name" : "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource" : "CISCO",

5
2018/3xxx/CVE-2018-3646.json
View File

@ -113,6 +113,11 @@
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2018-0020.html"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018"
},
{
"name" : "20180814 CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"refsource" : "CISCO",