admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-06-27 14:03:55 -04:00
parent 385d8cca5d
commit a68488ad53
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 627 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/12xxx/CVE-2018-12912.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12912",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue wan discovered in admin\\controllers\\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/Neeke/HongCMS/issues/4",
"refsource" : "MISC",
"url" : "https://github.com/Neeke/HongCMS/issues/4"
}
]
}

48
2018/12xxx/CVE-2018-12913.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12913",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter can both remain equal to zero."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/richgel999/miniz/issues/90",
"refsource" : "MISC",
"url" : "https://github.com/richgel999/miniz/issues/90"
}
]
}

48
2018/12xxx/CVE-2018-12914.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12914",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/sanluan/PublicCMS/issues/13",
"refsource" : "MISC",
"url" : "https://github.com/sanluan/PublicCMS/issues/13"
}
]
}

62
2018/12xxx/CVE-2018-12915.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12915",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/cloudwu/pbc/issues/118",
"refsource" : "MISC",
"url" : "https://github.com/cloudwu/pbc/issues/118"
}
]
}
}

62
2018/12xxx/CVE-2018-12916.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12916",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/cloudwu/pbc/issues/120",
"refsource" : "MISC",
"url" : "https://github.com/cloudwu/pbc/issues/120"
}
]
}
}

62
2018/12xxx/CVE-2018-12917.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12917",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/cloudwu/pbc/issues/119",
"refsource" : "MISC",
"url" : "https://github.com/cloudwu/pbc/issues/119"
}
]
}
}

62
2018/12xxx/CVE-2018-12918.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12918",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in bootstrap.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/cloudwu/pbc/issues/121",
"refsource" : "MISC",
"url" : "https://github.com/cloudwu/pbc/issues/121"
}
]
}
}

62
2018/12xxx/CVE-2018-12919.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12919",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/lzlzh2016/CraftedWeb/blob/master/xss.md",
"refsource" : "MISC",
"url" : "https://github.com/lzlzh2016/CraftedWeb/blob/master/xss.md"
}
]
}
}

2
2018/1xxx/CVE-2018-1306.json
View File

@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
"name" : "http://portals.apache.org/pluto/security.html",
"refsource" : "MISC",
"url" : "http://portals.apache.org/pluto/security.html"
}
]

106
2018/1xxx/CVE-2018-1457.json
View File

@ -1,48 +1,14 @@
{
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22017436",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22017436",
"title" : "IBM Security Bulletin 2017436 (Rational DOORS)"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/140208",
"name" : "ibm-doors-cve20181457-sec-bypass(140208)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208."
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-21T00:00:00",
"ID" : "CVE-2018-1457",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -167,35 +133,67 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1457",
"DATE_PUBLIC" : "2018-06-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID: 140208."
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"A" : "H",
"AC" : "H",
"AV" : "N",
"PR" : "N",
"C" : "H",
"I" : "H",
"A" : "H",
"UI" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "8.100",
"S" : "U"
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22017436",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22017436"
},
{
"name" : "ibm-doors-cve20181457-sec-bypass(140208)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/140208"
}
]
}
}

82
2018/1xxx/CVE-2018-1507.json
View File

@ -1,28 +1,8 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "5.400",
"UI" : "R",
"S" : "C",
"C" : "L",
"AC" : "L",
"AV" : "N",
"PR" : "L",
"A" : "N",
"I" : "L"
},
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1507",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-21T00:00:00",
"ID" : "CVE-2018-1507",
"STATE" : "PUBLIC"
},
"affects" : {
@ -32,14 +12,14 @@
"product" : {
"product_data" : [
{
"product_name" : "Rational DOORS Next Generation",
"version" : {
"version_data" : [
{
"version_value" : "6.0.5"
}
]
},
"product_name" : "Rational DOORS Next Generation"
}
}
]
},
@ -48,43 +28,61 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141415."
"value" : "IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141415."
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016861",
"title" : "IBM Security Bulletin 2016861 (Rational DOORS Next Generation)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016861",
"refsource" : "CONFIRM"
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
{
"name" : "ibm-doors-cve20181507-xss(141415)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/141415",
"refsource" : "XF"
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016861",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016861"
},
{
"name" : "ibm-doors-cve20181507-xss(141415)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/141415"
}
]
}
}

88
2018/1xxx/CVE-2018-1543.json
View File

@ -1,29 +1,9 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"AV" : "N",
"AC" : "H",
"PR" : "N",
"C" : "H",
"I" : "N",
"A" : "N",
"UI" : "N",
"SCORE" : "5.900",
"S" : "U"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-06-22T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1543"
"DATE_PUBLIC" : "2018-06-22T00:00:00",
"ID" : "CVE-2018-1543",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -51,43 +31,61 @@
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016346",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016346",
"title" : "IBM Security Bulletin 2016346 (MQ)"
},
{
"name" : "ibm-websphere-cve20181543-info-disc(142598)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142598",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142598.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142598."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016346",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016346"
},
{
"name" : "ibm-websphere-cve20181543-info-disc(142598)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142598"
}
]
}
}

86
2018/1xxx/CVE-2018-1553.json
View File

@ -1,28 +1,8 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"AV" : "N",
"PR" : "N",
"C" : "L",
"I" : "N",
"A" : "N",
"UI" : "N",
"SCORE" : "5.300",
"S" : "U"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1553",
"DATE_PUBLIC" : "2018-06-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-06-21T00:00:00",
"ID" : "CVE-2018-1553",
"STATE" : "PUBLIC"
},
"affects" : {
@ -49,42 +29,60 @@
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016218",
"title" : "IBM Security Bulletin 2016218 (WebSphere Application Server)",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016218"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142890",
"name" : "ibm-websphere-cve20181553-info-disc(142890)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. IBM X-Force ID: 142890.",
"lang" : "eng"
"lang" : "eng",
"value" : "IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. IBM X-Force ID: 142890."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22016218",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22016218"
},
{
"name" : "ibm-websphere-cve20181553-info-disc(142890)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/142890"
}
]
}
}