From a2d018c38748a35ebb71429b43e80504a9a5619f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 23 Dec 2018 13:03:26 -0500 Subject: [PATCH] - Synchronized data. --- 2018/20xxx/CVE-2018-20374.json | 62 +++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20375.json | 62 +++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20376.json | 62 +++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20377.json | 77 ++++++++++++++++++++++++++++++++++ 4 files changed, 263 insertions(+) create mode 100644 2018/20xxx/CVE-2018-20374.json create mode 100644 2018/20xxx/CVE-2018-20375.json create mode 100644 2018/20xxx/CVE-2018-20376.json create mode 100644 2018/20xxx/CVE-2018-20377.json diff --git a/2018/20xxx/CVE-2018-20374.json b/2018/20xxx/CVE-2018-20374.json new file mode 100644 index 00000000000..6c3edcaf808 --- /dev/null +++ b/2018/20xxx/CVE-2018-20374.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20374", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the use_section1 function in tccasm.c." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00015.html", + "refsource" : "MISC", + "url" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00015.html" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20375.json b/2018/20xxx/CVE-2018-20375.json new file mode 100644 index 00000000000..d05896aeb2f --- /dev/null +++ b/2018/20xxx/CVE-2018-20375.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20375", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the sym_pop function in tccgen.c." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html", + "refsource" : "MISC", + "url" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20376.json b/2018/20xxx/CVE-2018-20376.json new file mode 100644 index 00000000000..9b0f21092e3 --- /dev/null +++ b/2018/20xxx/CVE-2018-20376.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20376", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the asm_parse_directive function in tccasm.c." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00013.html", + "refsource" : "MISC", + "url" : "https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00013.html" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20377.json b/2018/20xxx/CVE-2018-20377.json new file mode 100644 index 00000000000..a0264e45da1 --- /dev/null +++ b/2018/20xxx/CVE-2018-20377.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20377", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials/", + "refsource" : "MISC", + "url" : "https://badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials/" + }, + { + "name" : "https://github.com/zadewg/LIVEBOX-0DAY", + "refsource" : "MISC", + "url" : "https://github.com/zadewg/LIVEBOX-0DAY" + }, + { + "name" : "https://news.ycombinator.com/item?id=18745533", + "refsource" : "MISC", + "url" : "https://news.ycombinator.com/item?id=18745533" + }, + { + "name" : "https://web.archive.org/web/20181223120225/https://badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials/", + "refsource" : "MISC", + "url" : "https://web.archive.org/web/20181223120225/https://badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials/" + } + ] + } +}