admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-12-13 09:24:16 -05:00
parent 981d525f34
commit a3ab2fc74d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/7xxx/CVE-2018-7690.json
View File

@ -42,7 +42,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access\n" "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access"
} }
] ]
}, },
@ -83,7 +83,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"refsource" : "CONFIRM", "name" : "https://softwaresupport.softwaregrp.com/doc/KM03298201",
"refsource" : "MISC",
"url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201" "url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201"
} }
] ]

5
2018/7xxx/CVE-2018-7691.json
View File

@ -42,7 +42,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access\n" "value" : "A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access"
} }
] ]
}, },
@ -83,7 +83,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"refsource" : "CONFIRM", "name" : "https://softwaresupport.softwaregrp.com/doc/KM03298201",
"refsource" : "MISC",
"url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201" "url" : "https://softwaresupport.softwaregrp.com/doc/KM03298201"
} }
] ]

6
2018/8xxx/CVE-2018-8033.json
View File

@ -34,7 +34,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "The OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host." "value" : "In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host."
} }
] ]
}, },
@ -53,7 +53,9 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"url" : "http://ofbiz.apache.org/download.html#vulnerabilities" "name" : "[user] 20181005 [SECURITY] CVE-2018-8033 Apache OFBiz XXE Vulnerability in HttpEngine",
"refsource" : "MLIST",
"url" : "https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E"
} }
] ]
} }