diff --git a/2015/9xxx/CVE-2015-9271.json b/2015/9xxx/CVE-2015-9271.json index 3d7a935a2a7..08c6badccfa 100644 --- a/2015/9xxx/CVE-2015-9271.json +++ b/2015/9xxx/CVE-2015-9271.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2015-9271", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The VideoWhisper videowhisper-video-conference-integration plugin 4.91.8 for WordPress allows remote attackers to execute arbitrary code because vc/vw_upload.php considers a file safe when \"html\" are the last four characters, as demonstrated by a .phtml file containing PHP code, a different vulnerability than CVE-2014-1905." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.vapidlabs.com/advisory.php?v=116", + "refsource" : "MISC", + "url" : "http://www.vapidlabs.com/advisory.php?v=116" } ] } diff --git a/2018/17xxx/CVE-2018-17983.json b/2018/17xxx/CVE-2018-17983.json index e974efa8967..cc7428b164e 100644 --- a/2018/17xxx/CVE-2018-17983.json +++ b/2018/17xxx/CVE-2018-17983.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-17983", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901", + "refsource" : "MISC", + "url" : "https://www.mercurial-scm.org/repo/hg/rev/5405cb1a7901" + }, + { + "name" : "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.7.2_.282018-10-01.29", + "refsource" : "MISC", + "url" : "https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.7.2_.282018-10-01.29" } ] } diff --git a/2018/17xxx/CVE-2018-17984.json b/2018/17xxx/CVE-2018-17984.json new file mode 100644 index 00000000000..f3caf869103 --- /dev/null +++ b/2018/17xxx/CVE-2018-17984.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17984", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html", + "refsource" : "MISC", + "url" : "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html" + }, + { + "name" : "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown", + "refsource" : "MISC", + "url" : "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown" + }, + { + "name" : "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/", + "refsource" : "MISC", + "url" : "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/" + } + ] + } +} diff --git a/2018/17xxx/CVE-2018-17985.json b/2018/17xxx/CVE-2018-17985.json new file mode 100644 index 00000000000..d54e600d8d4 --- /dev/null +++ b/2018/17xxx/CVE-2018-17985.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-17985", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335", + "refsource" : "MISC", + "url" : "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" + } + ] + } +}