admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-09 16:04:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-04-30 13:05:29 -04:00
parent 17c7d51551
commit a29da3eef1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 231 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2013/5xxx/CVE-2013-5391.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128."
"value" : "IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128."
}
]
},

2
2013/5xxx/CVE-2013-5461.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which make it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309."
"value" : "IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309."
}
]
},

63
2018/10xxx/CVE-2018-10571.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10571",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Multiple reflected cross-site scripting (XSS) vulnerabilities in OpenEMR before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) patient parameter to interface/main/finder/finder_navigation.php; (2) key parameter to interface/billing/get_claim_file.php; (3) formid or (4) formseq parameter to interface/orders/types.php; (5) eraname, (6) paydate, (7) post_to_date, (8) deposit_date, (9) debug, or (10) InsId parameter to interface/billing/sl_eob_process.php; (11) form_source, (12) form_paydate, (13) form_deposit_date, (14) form_amount, (15) form_name, (16) form_pid, (17) form_encounter, (18) form_date, or (19) form_to_date parameter to interface/billing/sl_eob_search.php; (20) codetype or (21) search_term parameter to interface/de_identification_forms/find_code_popup.php; (22) search_term parameter to interface/de_identification_forms/find_drug_popup.php; (23) search_term parameter to interface/de_identification_forms/find_immunization_popup.php; (24) id parameter to interface/forms/CAMOS/view.php; (25) id parameter to interface/forms/reviewofs/view.php; or (26) list_id parameter to library/custom_template/personalize.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"
},
{
"name" : "https://github.com/openemr/openemr/issues/1518",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/issues/1518"
},
{
"name" : "https://github.com/openemr/openemr/pull/1519",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/pull/1519"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1",
"refsource" : "MISC",
"url" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"
}
]
}

63
2018/10xxx/CVE-2018-10572.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10572",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "interface/patient_file/letter.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the newtemplatename and form_body parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"
},
{
"name" : "https://github.com/openemr/openemr/issues/1518",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/issues/1518"
},
{
"name" : "https://github.com/openemr/openemr/pull/1519",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/pull/1519"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1",
"refsource" : "MISC",
"url" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"
}
]
}

63
2018/10xxx/CVE-2018-10573.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10573",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,43 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the scan parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"
},
{
"name" : "https://github.com/openemr/openemr/issues/1518",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/issues/1518"
},
{
"name" : "https://github.com/openemr/openemr/pull/1519",
"refsource" : "MISC",
"url" : "https://github.com/openemr/openemr/pull/1519"
},
{
"name" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1",
"refsource" : "MISC",
"url" : "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"
}
]
}

48
2018/9xxx/CVE-2018-9310.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9310",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in MagniComp SysInfo before 10-H81 if setuid root (the default). This vulnerability allows any local user on a Linux/UNIX system to run SysInfo and obtain a root shell, which can be used to compromise the local system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.magnicomp.com/about/2018/CVE-2018-9310.html",
"refsource" : "CONFIRM",
"url" : "http://www.magnicomp.com/about/2018/CVE-2018-9310.html"
}
]
}