admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'DWF-2018-12-19-seifried2' of https://github.com/distributedweaknessfiling/cvelist

Browse Source
This commit is contained in:
CVE Team 2018-12-20 11:26:08 -05:00
commit ba45befb93
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
16 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
2018/1000xxx/CVE-2018-1000867.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=647"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250853","DATE_REQUESTED": "2018-12-03T08:55:27","ID": "CVE-2018-1000867","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}}

1
2018/1000xxx/CVE-2018-1000868.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=648"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page. This attack appear to be exploitable via The victim user must click a malicous link. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.251656","DATE_REQUESTED": "2018-12-03T08:58:33","ID": "CVE-2018-1000868","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}

1
2018/1000xxx/CVE-2018-1000869.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2344"},{"url": "https://github.com/phpipam/phpipam/commit/856b10ca85a24c04ed8651f4e13f867ec78a353d"}]},"description": {"description_data": [{"lang": "eng","value": "phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection.. This attack appear to be exploitable via Rough user, exploiting the vulnerability to access information he/she does not have access to.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2"}]},"product_name": "phpIPAM"}]},"vendor_name": "phpIPAM"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.252735","DATE_REQUESTED": "2018-12-05T07:39:06","ID": "CVE-2018-1000869","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@arnflo.se"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-89"}]}]}}

1
2018/1000xxx/CVE-2018-1000870.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/phpipam/phpipam/issues/2326"},{"url": "https://github.com/phpipam/phpipam/commit/552fbb0fc7ecb84bda4a131b4f290a3de9980040"}]},"description": {"description_data": [{"lang": "eng","value": "PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. Admin(Victim) views user in admin-panel and gets exploited.. This vulnerability appears to have been fixed in 1.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.3.2 and earlier"}]},"product_name": "PHPipam"}]},"vendor_name": "PHPipam"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.253944","DATE_REQUESTED": "2018-12-06T06:56:23","ID": "CVE-2018-1000870","ASSIGNER": "kurt@seifried.org","REQUESTER": "oscar@sakerhetskontoret.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-79"}]}]}}

1
2018/1000xxx/CVE-2018-1000871.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://www.exploit-db.com/exploits/45976"}]},"description": {"description_data": [{"lang": "eng","value": "HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.3.0 and earlier"}]},"product_name": "HotelDruid 2.3.0"}]},"vendor_name": "HotelDruid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.256066","DATE_REQUESTED": "2018-12-13T10:45:12","ID": "CVE-2018-1000871","ASSIGNER": "kurt@seifried.org","REQUESTER": "sainadhjamalpur@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "SQL Injection"}]}]}}

1
2018/1000xxx/CVE-2018-1000872.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/OpenKMIP/PyKMIP/issues/430"}]},"description": {"description_data": [{"lang": "eng","value": "OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "All versions before 0.8.0"}]},"product_name": "PyKMIP"}]},"vendor_name": "OpenKMIP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.258149","DATE_REQUESTED": "2018-11-12T15:52:55","ID": "CVE-2018-1000872","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE 399: Resource Management Errors (similar issue to CVE-2015-5262)"}]}]}}

1
2018/1000xxx/CVE-2018-1000873.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/FasterXML/jackson-modules-java8/issues/90"},{"url": "https://github.com/FasterXML/jackson-modules-java8/pull/87"}]},"description": {"description_data": [{"lang": "eng","value": "Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Databind that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Before 2.9.8"}]},"product_name": "Jackson"}]},"vendor_name": "Fasterxml"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.260099","DATE_REQUESTED": "2018-12-17T16:15:43","ID": "CVE-2018-1000873","ASSIGNER": "kurt@seifried.org","REQUESTER": "secure@veritas.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}}

1
2018/1000xxx/CVE-2018-1000874.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/cebe/markdown/issues/166"}]},"description": {"description_data": [{"lang": "eng","value": "PHP Markdown version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in The parser allows a malicious crafted script to be executed that can result in Steal user data with a crafted script. This attack appear to be exploitable via User must open a crafted MD formatted file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.2.0 and earlier"}]},"product_name": "Markdown"}]},"vendor_name": "PHP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.261247","DATE_REQUESTED": "2018-12-05T15:20:20","ID": "CVE-2018-1000874","ASSIGNER": "kurt@seifried.org","REQUESTER": "stayysalty@protonmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}

1
2018/1000xxx/CVE-2018-1000875.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/BOINC/boinc/issues/2907"}]},"description": {"description_data": [{"lang": "eng","value": "Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account. This attack appear to be exploitable via Specially crafted URL. This vulnerability appears to have been fixed in 1.0.3."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "0.9-1.0.2"}]},"product_name": "BOINC Server and Website Code"}]},"vendor_name": "Berkeley Open Infrastructure for Network Computing"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262092","DATE_REQUESTED": "2018-12-13T17:03:00","ID": "CVE-2018-1000875","ASSIGNER": "kurt@seifried.org","REQUESTER": "theaspens0@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-302: Authentication Bypass by Assumed-Immutable Data"}]}]}}

1
2018/1000xxx/CVE-2018-1000876.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23994"},{"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f"}]},"description": {"description_data": [{"lang": "eng","value": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.32 and earlier"}]},"product_name": "binutils"}]},"vendor_name": "binutils"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.262881","DATE_REQUESTED": "2018-12-17T03:18:24","ID": "CVE-2018-1000876","ASSIGNER": "kurt@seifried.org","REQUESTER": "yanshb@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Integer Overflow"}]}]}}

1
2018/1000xxx/CVE-2018-1000877.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/021efa522ad729ff0f5806c4ce53e4a6cc1daa31"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.246062","DATE_REQUESTED": "2018-12-13T08:59:54","ID": "CVE-2018-1000877","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-415: Double Free"}]}]}}

1
2018/1000xxx/CVE-2018-1000878.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be exploitable via the victim must open a specially crafted RAR archive."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247087","DATE_REQUESTED": "2018-12-13T09:07:08","ID": "CVE-2018-1000878","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-416: Use After Free"}]}]}}

1
2018/1000xxx/CVE-2018-1000879.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to be exploitable via the victim must open a specially crafted archive file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.247953","DATE_REQUESTED": "2018-12-13T09:14:30","ID": "CVE-2018-1000879","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-476: NULL Pointer Dereference"}]}]}}

1
2018/1000xxx/CVE-2018-1000880.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909"},{"url": "https://github.com/libarchive/libarchive/pull/1105"},{"url": "https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680"}]},"description": {"description_data": [{"lang": "eng","value": "libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards)"}]},"product_name": "libarchive"}]},"vendor_name": "libarchive"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.248774","DATE_REQUESTED": "2018-12-13T09:53:50","ID": "CVE-2018-1000880","ASSIGNER": "kurt@seifried.org","REQUESTER": "dja@axtens.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-20: Improper Input Validation"}]}]}}

1
2018/1000xxx/CVE-2018-1000881.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/"}]},"description": {"description_data": [{"lang": "eng","value": "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.0 and earlier"}]},"product_name": "Traccar Server"}]},"vendor_name": "Traccar"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.249463","DATE_REQUESTED": "2018-12-04T14:07:18","ID": "CVE-2018-1000881","ASSIGNER": "kurt@seifried.org","REQUESTER": "nickb@appcheck-ng.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}]}}

1
2018/1000xxx/CVE-2018-1000882.json Normal file
View File

@ -0,0 +1 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt"},{"url": "http://bugs.webidsupport.com/view.php?id=646"},{"url": "https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f"}]},"description": {"description_data": [{"lang": "eng","value": "WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "up to current version 1.2.2"}]},"product_name": "WeBid"}]},"vendor_name": "WeBid"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-12-19T20:52:45.250141","DATE_REQUESTED": "2018-12-03T08:52:04","ID": "CVE-2018-1000882","ASSIGNER": "kurt@seifried.org","REQUESTER": "nils.stuenkel@t-systems.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Directory Traversal"}]}]}}