diff --git a/2018/1000xxx/CVE-2018-1000811.json b/2018/1000xxx/CVE-2018-1000811.json index 50bb0192857..22dddd8b5ad 100644 --- a/2018/1000xxx/CVE-2018-1000811.json +++ b/2018/1000xxx/CVE-2018-1000811.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/bludit/bludit/issues/812"}]},"description": {"description_data": [{"lang": "eng","value": "bludit version 3.0.0 contains a \tUnrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.0.0"}]},"product_name": "bludit"}]},"vendor_name": "bludit"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.452834","DATE_REQUESTED": "2018-10-04T17:36:25","ID": "CVE-2018-1000811","ASSIGNER": "kurt@seifried.org","REQUESTER": "bousalman@protonmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "\tUnrestricted Upload of File with Dangerous Type"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.452834", + "DATE_REQUESTED" : "2018-10-04T17:36:25", + "ID" : "CVE-2018-1000811", + "REQUESTER" : "bousalman@protonmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "bludit", + "version" : { + "version_data" : [ + { + "version_value" : "3.0.0" + } + ] + } + } + ] + }, + "vendor_name" : "bludit" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "\tUnrestricted Upload of File with Dangerous Type" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/bludit/bludit/issues/812", + "refsource" : "MISC", + "url" : "https://github.com/bludit/bludit/issues/812" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000812.json b/2018/1000xxx/CVE-2018-1000812.json index 23bd19d10d5..b4b6d1bc464 100644 --- a/2018/1000xxx/CVE-2018-1000812.json +++ b/2018/1000xxx/CVE-2018-1000812.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://cp270.wordpress.com/2018/05/14/war-story-password-resets/"},{"url": "https://github.com/articaST/integriaims/commit/f2ff0ba821644acecb893483c86a9c4d3bb75047"},{"url": "https://github.com/fleetcaptain/integria-takeover"}]},"description": {"description_data": [{"lang": "eng","value": "\u00c1rtica Soluciones Tecnol\u00f3gicas Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "5.0 MR56 Package 58, likely earlier versions"}]},"product_name": "Integria IMS"}]},"vendor_name": "\u00c1rtica Soluciones Tecnol\u00f3gicas"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.453737","DATE_REQUESTED": "2018-10-06T05:33:05","ID": "CVE-2018-1000812","ASSIGNER": "kurt@seifried.org","REQUESTER": "cpearson9@yahoo.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.453737", + "DATE_REQUESTED" : "2018-10-06T05:33:05", + "ID" : "CVE-2018-1000812", + "REQUESTER" : "cpearson9@yahoo.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Integria IMS", + "version" : { + "version_data" : [ + { + "version_value" : "5.0 MR56 Package 58, likely earlier versions" + } + ] + } + } + ] + }, + "vendor_name" : "Ártica Soluciones Tecnológicas" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Ártica Soluciones Tecnológicas Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-640: Weak Password Recovery Mechanism for Forgotten Password" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://cp270.wordpress.com/2018/05/14/war-story-password-resets/", + "refsource" : "MISC", + "url" : "https://cp270.wordpress.com/2018/05/14/war-story-password-resets/" + }, + { + "name" : "https://github.com/articaST/integriaims/commit/f2ff0ba821644acecb893483c86a9c4d3bb75047", + "refsource" : "MISC", + "url" : "https://github.com/articaST/integriaims/commit/f2ff0ba821644acecb893483c86a9c4d3bb75047" + }, + { + "name" : "https://github.com/fleetcaptain/integria-takeover", + "refsource" : "MISC", + "url" : "https://github.com/fleetcaptain/integria-takeover" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000813.json b/2018/1000xxx/CVE-2018-1000813.json index be617e12e4e..9eac1580179 100644 --- a/2018/1000xxx/CVE-2018-1000813.json +++ b/2018/1000xxx/CVE-2018-1000813.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://backdropcms.org/security/backdrop-sa-core-2018-005"}]},"description": {"description_data": [{"lang": "eng","value": "Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts. that can result in Execution of JavaScript from an unexpected source.. This attack appear to be exploitable via A user must be directed to an affected page while logged in.. This vulnerability appears to have been fixed in 1.11.1 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.11.0 and earlier"}]},"product_name": "Backdrop CMS"}]},"vendor_name": "Backdrop CMS"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.454455","DATE_REQUESTED": "2018-10-11T02:59:02","ID": "CVE-2018-1000813","ASSIGNER": "kurt@seifried.org","REQUESTER": "nate@quicksketch.org"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.454455", + "DATE_REQUESTED" : "2018-10-11T02:59:02", + "ID" : "CVE-2018-1000813", + "REQUESTER" : "nate@quicksketch.org", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Backdrop CMS", + "version" : { + "version_data" : [ + { + "version_value" : "1.11.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "Backdrop CMS" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts. that can result in Execution of JavaScript from an unexpected source.. This attack appear to be exploitable via A user must be directed to an affected page while logged in.. This vulnerability appears to have been fixed in 1.11.1 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://backdropcms.org/security/backdrop-sa-core-2018-005", + "refsource" : "MISC", + "url" : "https://backdropcms.org/security/backdrop-sa-core-2018-005" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000814.json b/2018/1000xxx/CVE-2018-1000814.json index 945df2b1305..1e2e9c0307e 100644 --- a/2018/1000xxx/CVE-2018-1000814.json +++ b/2018/1000xxx/CVE-2018-1000814.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/aio-libs/aiohttp-session/issues/325"},{"url": "https://github.com/aio-libs/aiohttp-session/pull/331"}]},"description": {"description_data": [{"lang": "eng","value": "aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.6.0 and earlier"}]},"product_name": "aiohttp-session"}]},"vendor_name": "aio-libs"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.455118","DATE_REQUESTED": "2018-10-11T15:23:21","ID": "CVE-2018-1000814","ASSIGNER": "kurt@seifried.org","REQUESTER": "panos122008@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.455118", + "DATE_REQUESTED" : "2018-10-11T15:23:21", + "ID" : "CVE-2018-1000814", + "REQUESTER" : "panos122008@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "aiohttp-session", + "version" : { + "version_data" : [ + { + "version_value" : "2.6.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "aio-libs" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan. This attack appear to be exploitable via Recreation of a cookie post-expiry with the same value." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/aio-libs/aiohttp-session/issues/325", + "refsource" : "MISC", + "url" : "https://github.com/aio-libs/aiohttp-session/issues/325" + }, + { + "name" : "https://github.com/aio-libs/aiohttp-session/pull/331", + "refsource" : "MISC", + "url" : "https://github.com/aio-libs/aiohttp-session/pull/331" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000815.json b/2018/1000xxx/CVE-2018-1000815.json index 0e3585a05be..10b2f4b8c8c 100644 --- a/2018/1000xxx/CVE-2018-1000815.json +++ b/2018/1000xxx/CVE-2018-1000815.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/brave/muon/pull/651"},{"url": "https://github.com/brave/browser-laptop/issues/15232"},{"url": "https://github.com/brave/muon/commit/c18663aa171c6cdf03da3e8c70df8663645b97c4"}]},"description": {"description_data": [{"lang": "eng","value": "Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers easier to track users. This attack appear to be exploitable via the victim must visit a specially crafted website. This vulnerability appears to have been fixed in 0.25.2."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "version 0.22.810 to 0.24.0"}]},"product_name": "Brave"}]},"vendor_name": "Brave Software Inc."}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.455785","DATE_REQUESTED": "2018-10-12T13:27:47","ID": "CVE-2018-1000815","ASSIGNER": "kurt@seifried.org","REQUESTER": "xiaoyin.l@outlook.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.455785", + "DATE_REQUESTED" : "2018-10-12T13:27:47", + "ID" : "CVE-2018-1000815", + "REQUESTER" : "xiaoyin.l@outlook.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Brave", + "version" : { + "version_data" : [ + { + "version_value" : "version 0.22.810 to 0.24.0" + } + ] + } + } + ] + }, + "vendor_name" : "Brave Software Inc." + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers easier to track users. This attack appear to be exploitable via the victim must visit a specially crafted website. This vulnerability appears to have been fixed in 0.25.2." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/brave/browser-laptop/issues/15232", + "refsource" : "MISC", + "url" : "https://github.com/brave/browser-laptop/issues/15232" + }, + { + "name" : "https://github.com/brave/muon/commit/c18663aa171c6cdf03da3e8c70df8663645b97c4", + "refsource" : "MISC", + "url" : "https://github.com/brave/muon/commit/c18663aa171c6cdf03da3e8c70df8663645b97c4" + }, + { + "name" : "https://github.com/brave/muon/pull/651", + "refsource" : "MISC", + "url" : "https://github.com/brave/muon/pull/651" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000816.json b/2018/1000xxx/CVE-2018-1000816.json index 61f1f27271f..aa1e4ee5136 100644 --- a/2018/1000xxx/CVE-2018-1000816.json +++ b/2018/1000xxx/CVE-2018-1000816.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/grafana/grafana/issues/13667"}]},"description": {"description_data": [{"lang": "eng","value": "Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted.."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "confirmed for 5.2.4 and 5.3.0 "}]},"product_name": "Grafana"}]},"vendor_name": "Grafana"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.456461","DATE_REQUESTED": "2018-10-15T09:16:59","ID": "CVE-2018-1000816","ASSIGNER": "kurt@seifried.org","REQUESTER": "lokalhorst@protonmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.456461", + "DATE_REQUESTED" : "2018-10-15T09:16:59", + "ID" : "CVE-2018-1000816", + "REQUESTER" : "lokalhorst@protonmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Grafana", + "version" : { + "version_data" : [ + { + "version_value" : "confirmed for 5.2.4 and 5.3.0 " + } + ] + } + } + ] + }, + "vendor_name" : "Grafana" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted.." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/grafana/grafana/issues/13667", + "refsource" : "MISC", + "url" : "https://github.com/grafana/grafana/issues/13667" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000817.json b/2018/1000xxx/CVE-2018-1000817.json index d79188fa601..3c60b7c1718 100644 --- a/2018/1000xxx/CVE-2018-1000817.json +++ b/2018/1000xxx/CVE-2018-1000817.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "http://grailsblog.objectcomputing.com/posts/2018/09/23/security-vulnerability-in-asset-pipeline-and-jetty.html"},{"url": "https://github.com/grails/grails-core/issues/11068"}]},"description": {"description_data": [{"lang": "eng","value": "Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially crafted GET request containing directory traversal from assets-pipeline context. This vulnerability appears to have been fixed in 2.14.1.1 (for Grails 2.x), 2.15.1 (for Grails 3 and Java 7) and 3.0.6 (for Grails 3 and Java 8)."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Prior to 2.14.1.1, 2.15.1 and 3.0.6"}]},"product_name": "Asset-pipeline plugin"}]},"vendor_name": "Asset Pipeline Grails Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.457096","DATE_REQUESTED": "2018-10-22T08:06:39","ID": "CVE-2018-1000817","ASSIGNER": "kurt@seifried.org","REQUESTER": "lopezi@objectcomputing.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Incorrect Access Control"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.457096", + "DATE_REQUESTED" : "2018-10-22T08:06:39", + "ID" : "CVE-2018-1000817", + "REQUESTER" : "lopezi@objectcomputing.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Asset-pipeline plugin", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to 2.14.1.1, 2.15.1 and 3.0.6" + } + ] + } + } + ] + }, + "vendor_name" : "Asset Pipeline Grails Plugin" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file. This attack appear to be exploitable via Specially crafted GET request containing directory traversal from assets-pipeline context. This vulnerability appears to have been fixed in 2.14.1.1 (for Grails 2.x), 2.15.1 (for Grails 3 and Java 7) and 3.0.6 (for Grails 3 and Java 8)." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Incorrect Access Control" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://grailsblog.objectcomputing.com/posts/2018/09/23/security-vulnerability-in-asset-pipeline-and-jetty.html", + "refsource" : "MISC", + "url" : "http://grailsblog.objectcomputing.com/posts/2018/09/23/security-vulnerability-in-asset-pipeline-and-jetty.html" + }, + { + "name" : "https://github.com/grails/grails-core/issues/11068", + "refsource" : "MISC", + "url" : "https://github.com/grails/grails-core/issues/11068" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000820.json b/2018/1000xxx/CVE-2018-1000820.json index 8e4144a2115..378067b4e46 100644 --- a/2018/1000xxx/CVE-2018-1000820.json +++ b/2018/1000xxx/CVE-2018-1000820.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/neo4j-contrib/neo4j-apoc-procedures/issues/931"},{"url": "https://0dd.zone/2018/10/27/neo4f-apoc-procedures-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "before commit 45bc09c"}]},"product_name": "neo4j-apoc-procedures"}]},"vendor_name": "neo4j-contrib"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.459191","DATE_REQUESTED": "2018-10-28T03:32:51","ID": "CVE-2018-1000820","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.459191", + "DATE_REQUESTED" : "2018-10-28T03:32:51", + "ID" : "CVE-2018-1000820", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "neo4j-apoc-procedures", + "version" : { + "version_data" : [ + { + "version_value" : "before commit 45bc09c" + } + ] + } + } + ] + }, + "vendor_name" : "neo4j-contrib" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/27/neo4f-apoc-procedures-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/27/neo4f-apoc-procedures-XXE/" + }, + { + "name" : "https://github.com/neo4j-contrib/neo4j-apoc-procedures/issues/931", + "refsource" : "MISC", + "url" : "https://github.com/neo4j-contrib/neo4j-apoc-procedures/issues/931" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000821.json b/2018/1000xxx/CVE-2018-1000821.json index cec7a96dd47..bdc1d4eef42 100644 --- a/2018/1000xxx/CVE-2018-1000821.json +++ b/2018/1000xxx/CVE-2018-1000821.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/mkulesh/microMathematics/issues/79"},{"url": "https://0dd.zone/2018/10/27/micromathematics-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability in SMathStudio files that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted SMathStudio files. This vulnerability appears to have been fixed in after commit 5c05ac8."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "before commit 5c05ac8"}]},"product_name": "MicroMathematics"}]},"vendor_name": "MicroMathematics"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.459827","DATE_REQUESTED": "2018-10-28T03:36:17","ID": "CVE-2018-1000821","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.459827", + "DATE_REQUESTED" : "2018-10-28T03:36:17", + "ID" : "CVE-2018-1000821", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "MicroMathematics", + "version" : { + "version_data" : [ + { + "version_value" : "before commit 5c05ac8" + } + ] + } + } + ] + }, + "vendor_name" : "MicroMathematics" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability in SMathStudio files that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted SMathStudio files. This vulnerability appears to have been fixed in after commit 5c05ac8." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/27/micromathematics-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/27/micromathematics-XXE/" + }, + { + "name" : "https://github.com/mkulesh/microMathematics/issues/79", + "refsource" : "MISC", + "url" : "https://github.com/mkulesh/microMathematics/issues/79" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000822.json b/2018/1000xxx/CVE-2018-1000822.json index 3d2a3213ef2..5397ff58de6 100644 --- a/2018/1000xxx/CVE-2018-1000822.json +++ b/2018/1000xxx/CVE-2018-1000822.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/codelibs/fess/issues/1851"},{"url": "https://0dd.zone/2018/10/27/fess-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML files. This vulnerability appears to have been fixed in after commit faa265b."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "before commit faa265b"}]},"product_name": "fess"}]},"vendor_name": "codelibs"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.460601","DATE_REQUESTED": "2018-10-28T03:39:47","ID": "CVE-2018-1000822","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.460601", + "DATE_REQUESTED" : "2018-10-28T03:39:47", + "ID" : "CVE-2018-1000822", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "fess", + "version" : { + "version_data" : [ + { + "version_value" : "before commit faa265b" + } + ] + } + } + ] + }, + "vendor_name" : "codelibs" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via specially crafted GSA XML files. This vulnerability appears to have been fixed in after commit faa265b." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/27/fess-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/27/fess-XXE/" + }, + { + "name" : "https://github.com/codelibs/fess/issues/1851", + "refsource" : "MISC", + "url" : "https://github.com/codelibs/fess/issues/1851" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000823.json b/2018/1000xxx/CVE-2018-1000823.json index e5537886cf9..232c6a22f18 100644 --- a/2018/1000xxx/CVE-2018-1000823.json +++ b/2018/1000xxx/CVE-2018-1000823.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/eXist-db/exist/issues/2180"},{"url": "https://0dd.zone/2018/10/27/exist-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 5.0.0-RC4"}]},"product_name": "exist"}]},"vendor_name": "exist"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.461361","DATE_REQUESTED": "2018-10-28T03:43:03","ID": "CVE-2018-1000823","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.461361", + "DATE_REQUESTED" : "2018-10-28T03:43:03", + "ID" : "CVE-2018-1000823", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "exist", + "version" : { + "version_data" : [ + { + "version_value" : "<= 5.0.0-RC4" + } + ] + } + } + ] + }, + "vendor_name" : "exist" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/27/exist-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/27/exist-XXE/" + }, + { + "name" : "https://github.com/eXist-db/exist/issues/2180", + "refsource" : "MISC", + "url" : "https://github.com/eXist-db/exist/issues/2180" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000824.json b/2018/1000xxx/CVE-2018-1000824.json index 4db78620ab9..3fb8dd1ba7d 100644 --- a/2018/1000xxx/CVE-2018-1000824.json +++ b/2018/1000xxx/CVE-2018-1000824.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/MegaMek/megamek/issues/1162"},{"url": "https://0dd.zone/2018/10/28/megamek-Object-Injection/"}]},"description": {"description_data": [{"lang": "eng","value": "MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "< v0.45.1"}]},"product_name": "MegaMek"}]},"vendor_name": "MegaMek"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.462021","DATE_REQUESTED": "2018-10-28T03:45:55","ID": "CVE-2018-1000824","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.462021", + "DATE_REQUESTED" : "2018-10-28T03:45:55", + "ID" : "CVE-2018-1000824", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "MegaMek", + "version" : { + "version_data" : [ + { + "version_value" : "< v0.45.1" + } + ] + } + } + ] + }, + "vendor_name" : "MegaMek" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/megamek-Object-Injection/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/megamek-Object-Injection/" + }, + { + "name" : "https://github.com/MegaMek/megamek/issues/1162", + "refsource" : "MISC", + "url" : "https://github.com/MegaMek/megamek/issues/1162" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000825.json b/2018/1000xxx/CVE-2018-1000825.json index 4e7d2127467..2698322d942 100644 --- a/2018/1000xxx/CVE-2018-1000825.json +++ b/2018/1000xxx/CVE-2018-1000825.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/FreeCol/freecol/issues/26"},{"url": "https://0dd.zone/2018/10/28/freecol-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freecol file."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= nightly-2018-08-22"}]},"product_name": "FreeCol"}]},"vendor_name": "FreeCol"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.462752","DATE_REQUESTED": "2018-10-28T03:51:06","ID": "CVE-2018-1000825","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.462752", + "DATE_REQUESTED" : "2018-10-28T03:51:06", + "ID" : "CVE-2018-1000825", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FreeCol", + "version" : { + "version_data" : [ + { + "version_value" : "<= nightly-2018-08-22" + } + ] + } + } + ] + }, + "vendor_name" : "FreeCol" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freecol file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/freecol-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/freecol-XXE/" + }, + { + "name" : "https://github.com/FreeCol/freecol/issues/26", + "refsource" : "MISC", + "url" : "https://github.com/FreeCol/freecol/issues/26" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000826.json b/2018/1000xxx/CVE-2018-1000826.json index 3be690022d1..76181a8c2f5 100644 --- a/2018/1000xxx/CVE-2018-1000826.json +++ b/2018/1000xxx/CVE-2018-1000826.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/microweber/microweber/issues/489"},{"url": "https://0dd.zone/2018/10/28/microweber-XSS/"}]},"description": {"description_data": [{"lang": "eng","value": "Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 1.0.7"}]},"product_name": "Microweber"}]},"vendor_name": "Microweber"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.463447","DATE_REQUESTED": "2018-10-28T03:53:36","ID": "CVE-2018-1000826","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.463447", + "DATE_REQUESTED" : "2018-10-28T03:53:36", + "ID" : "CVE-2018-1000826", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Microweber", + "version" : { + "version_data" : [ + { + "version_value" : "<= 1.0.7" + } + ] + } + } + ] + }, + "vendor_name" : "Microweber" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/microweber-XSS/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/microweber-XSS/" + }, + { + "name" : "https://github.com/microweber/microweber/issues/489", + "refsource" : "MISC", + "url" : "https://github.com/microweber/microweber/issues/489" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000827.json b/2018/1000xxx/CVE-2018-1000827.json index a45522b1fef..92a646dc54e 100644 --- a/2018/1000xxx/CVE-2018-1000827.json +++ b/2018/1000xxx/CVE-2018-1000827.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/nightflyza/Ubilling/issues/330"},{"url": "https://0dd.zone/2018/10/28/ubilling-Object-Injection/"}]},"description": {"description_data": [{"lang": "eng","value": "Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 0.9.2"}]},"product_name": "Ubilling"}]},"vendor_name": "Ubilling"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.464248","DATE_REQUESTED": "2018-10-28T03:56:49","ID": "CVE-2018-1000827","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.464248", + "DATE_REQUESTED" : "2018-10-28T03:56:49", + "ID" : "CVE-2018-1000827", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Ubilling", + "version" : { + "version_data" : [ + { + "version_value" : "<= 0.9.2" + } + ] + } + } + ] + }, + "vendor_name" : "Ubilling" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/ubilling-Object-Injection/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/ubilling-Object-Injection/" + }, + { + "name" : "https://github.com/nightflyza/Ubilling/issues/330", + "refsource" : "MISC", + "url" : "https://github.com/nightflyza/Ubilling/issues/330" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000828.json b/2018/1000xxx/CVE-2018-1000828.json index 7df270214bd..d0986d05bc9 100644 --- a/2018/1000xxx/CVE-2018-1000828.json +++ b/2018/1000xxx/CVE-2018-1000828.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/frostwire/frostwire/issues/829"},{"url": "https://0dd.zone/2018/10/28/frostwire-XXE-MitM/"}]},"description": {"description_data": [{"lang": "eng","value": "FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the middle the call to update the software."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= frostwire-desktop-6.7.4-build-272"}]},"product_name": "FrostWire"}]},"vendor_name": "FrostWire"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.464913","DATE_REQUESTED": "2018-10-28T03:59:08","ID": "CVE-2018-1000828","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.464913", + "DATE_REQUESTED" : "2018-10-28T03:59:08", + "ID" : "CVE-2018-1000828", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FrostWire", + "version" : { + "version_data" : [ + { + "version_value" : "<= frostwire-desktop-6.7.4-build-272" + } + ] + } + } + ] + }, + "vendor_name" : "FrostWire" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the middle the call to update the software." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/frostwire-XXE-MitM/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/frostwire-XXE-MitM/" + }, + { + "name" : "https://github.com/frostwire/frostwire/issues/829", + "refsource" : "MISC", + "url" : "https://github.com/frostwire/frostwire/issues/829" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000829.json b/2018/1000xxx/CVE-2018-1000829.json index f7318c9bfeb..026c533507e 100644 --- a/2018/1000xxx/CVE-2018-1000829.json +++ b/2018/1000xxx/CVE-2018-1000829.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/dmsl/anyplace/issues/263"},{"url": "https://0dd.zone/2018/10/28/anyplace-XXE-MitM/"}]},"description": {"description_data": [{"lang": "eng","value": "Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 80359b4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "before commit 80359b4"}]},"product_name": "Anyplace "}]},"vendor_name": "Anyplace "}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.465566","DATE_REQUESTED": "2018-10-28T04:02:32","ID": "CVE-2018-1000829","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.465566", + "DATE_REQUESTED" : "2018-10-28T04:02:32", + "ID" : "CVE-2018-1000829", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Anyplace ", + "version" : { + "version_data" : [ + { + "version_value" : "before commit 80359b4" + } + ] + } + } + ] + }, + "vendor_name" : "Anyplace " + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 80359b4." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/anyplace-XXE-MitM/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/anyplace-XXE-MitM/" + }, + { + "name" : "https://github.com/dmsl/anyplace/issues/263", + "refsource" : "MISC", + "url" : "https://github.com/dmsl/anyplace/issues/263" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000830.json b/2018/1000xxx/CVE-2018-1000830.json index 13acbab52e2..b9745625680 100644 --- a/2018/1000xxx/CVE-2018-1000830.json +++ b/2018/1000xxx/CVE-2018-1000830.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/goxr3plus/XR3Player/issues/9"},{"url": "https://0dd.zone/2018/10/28/xr3player-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= V3.124"}]},"product_name": "XR3Player"}]},"vendor_name": "XR3Player"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.466201","DATE_REQUESTED": "2018-10-28T04:05:27","ID": "CVE-2018-1000830","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.466201", + "DATE_REQUESTED" : "2018-10-28T04:05:27", + "ID" : "CVE-2018-1000830", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "XR3Player", + "version" : { + "version_data" : [ + { + "version_value" : "<= V3.124" + } + ] + } + } + ] + }, + "vendor_name" : "XR3Player" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/xr3player-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/xr3player-XXE/" + }, + { + "name" : "https://github.com/goxr3plus/XR3Player/issues/9", + "refsource" : "MISC", + "url" : "https://github.com/goxr3plus/XR3Player/issues/9" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000831.json b/2018/1000xxx/CVE-2018-1000831.json index 773d86d552e..ddf811de23d 100644 --- a/2018/1000xxx/CVE-2018-1000831.json +++ b/2018/1000xxx/CVE-2018-1000831.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/k9mail/k-9/issues/3681"},{"url": "https://0dd.zone/2018/10/28/k9mail-XXE-MitM/"}]},"description": {"description_data": [{"lang": "eng","value": "K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious WebDAV server or intercept the reponse of a valid WebDAV server."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= v5.600"}]},"product_name": "K9Mail"}]},"vendor_name": "K9Mail"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.466844","DATE_REQUESTED": "2018-10-28T04:07:12","ID": "CVE-2018-1000831","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.466844", + "DATE_REQUESTED" : "2018-10-28T04:07:12", + "ID" : "CVE-2018-1000831", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "K9Mail", + "version" : { + "version_data" : [ + { + "version_value" : "<= v5.600" + } + ] + } + } + ] + }, + "vendor_name" : "K9Mail" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious WebDAV server or intercept the reponse of a valid WebDAV server." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/k9mail-XXE-MitM/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/k9mail-XXE-MitM/" + }, + { + "name" : "https://github.com/k9mail/k-9/issues/3681", + "refsource" : "MISC", + "url" : "https://github.com/k9mail/k-9/issues/3681" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000832.json b/2018/1000xxx/CVE-2018-1000832.json index b330ae6e3b5..c1dd3e71696 100644 --- a/2018/1000xxx/CVE-2018-1000832.json +++ b/2018/1000xxx/CVE-2018-1000832.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/ZoneMinder/zoneminder/issues/2271"},{"url": "https://0dd.zone/2018/10/28/zoneminder-Object-Injection/"}]},"description": {"description_data": [{"lang": "eng","value": "ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 1.32.2"}]},"product_name": "ZoneMinder"}]},"vendor_name": "ZoneMinder"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.467477","DATE_REQUESTED": "2018-10-28T04:10:05","ID": "CVE-2018-1000832","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.467477", + "DATE_REQUESTED" : "2018-10-28T04:10:05", + "ID" : "CVE-2018-1000832", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "ZoneMinder", + "version" : { + "version_data" : [ + { + "version_value" : "<= 1.32.2" + } + ] + } + } + ] + }, + "vendor_name" : "ZoneMinder" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/zoneminder-Object-Injection/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/zoneminder-Object-Injection/" + }, + { + "name" : "https://github.com/ZoneMinder/zoneminder/issues/2271", + "refsource" : "MISC", + "url" : "https://github.com/ZoneMinder/zoneminder/issues/2271" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000833.json b/2018/1000xxx/CVE-2018-1000833.json index 19aaf06add2..d718b2e5c5c 100644 --- a/2018/1000xxx/CVE-2018-1000833.json +++ b/2018/1000xxx/CVE-2018-1000833.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/ZoneMinder/zoneminder/issues/2272"},{"url": "https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/"}]},"description": {"description_data": [{"lang": "eng","value": "ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 1.32.2"}]},"product_name": "ZoneMinder"}]},"vendor_name": "ZoneMinder"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.468341","DATE_REQUESTED": "2018-10-28T04:10:36","ID": "CVE-2018-1000833","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.468341", + "DATE_REQUESTED" : "2018-10-28T04:10:36", + "ID" : "CVE-2018-1000833", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "ZoneMinder", + "version" : { + "version_data" : [ + { + "version_value" : "<= 1.32.2" + } + ] + } + } + ] + }, + "vendor_name" : "ZoneMinder" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/" + }, + { + "name" : "https://github.com/ZoneMinder/zoneminder/issues/2272", + "refsource" : "MISC", + "url" : "https://github.com/ZoneMinder/zoneminder/issues/2272" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000834.json b/2018/1000xxx/CVE-2018-1000834.json index d680aed6286..70cbc0f047b 100644 --- a/2018/1000xxx/CVE-2018-1000834.json +++ b/2018/1000xxx/CVE-2018-1000834.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/runelite/runelite/issues/6160"},{"url": "https://0dd.zone/2018/10/28/runelite-XXE-MitM/"}]},"description": {"description_data": [{"lang": "eng","value": "runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= runelite-parent-1.4.23"}]},"product_name": "runelite"}]},"vendor_name": "runelite"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.469415","DATE_REQUESTED": "2018-10-28T04:12:41","ID": "CVE-2018-1000834","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.469415", + "DATE_REQUESTED" : "2018-10-28T04:12:41", + "ID" : "CVE-2018-1000834", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "runelite", + "version" : { + "version_data" : [ + { + "version_value" : "<= runelite-parent-1.4.23" + } + ] + } + } + ] + }, + "vendor_name" : "runelite" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/runelite-XXE-MitM/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/runelite-XXE-MitM/" + }, + { + "name" : "https://github.com/runelite/runelite/issues/6160", + "refsource" : "MISC", + "url" : "https://github.com/runelite/runelite/issues/6160" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000835.json b/2018/1000xxx/CVE-2018-1000835.json index 853e9215173..bfdac16ffba 100644 --- a/2018/1000xxx/CVE-2018-1000835.json +++ b/2018/1000xxx/CVE-2018-1000835.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/Kunzisoft/KeePassDX/issues/200"},{"url": "https://0dd.zone/2018/10/28/KeePassDX-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity (XXE) vulnerability in kdbx file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 2.5.0.0beta17"}]},"product_name": "KeePassDX"}]},"vendor_name": "KeePassDX"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.470861","DATE_REQUESTED": "2018-10-28T04:14:44","ID": "CVE-2018-1000835","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.470861", + "DATE_REQUESTED" : "2018-10-28T04:14:44", + "ID" : "CVE-2018-1000835", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "KeePassDX", + "version" : { + "version_data" : [ + { + "version_value" : "<= 2.5.0.0beta17" + } + ] + } + } + ] + }, + "vendor_name" : "KeePassDX" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity (XXE) vulnerability in kdbx file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/KeePassDX-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/KeePassDX-XXE/" + }, + { + "name" : "https://github.com/Kunzisoft/KeePassDX/issues/200", + "refsource" : "MISC", + "url" : "https://github.com/Kunzisoft/KeePassDX/issues/200" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000836.json b/2018/1000xxx/CVE-2018-1000836.json index 2535854bc15..0c2d678aea8 100644 --- a/2018/1000xxx/CVE-2018-1000836.json +++ b/2018/1000xxx/CVE-2018-1000836.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/Bedework/bw-calendar-engine/issues/3"},{"url": "https://0dd.zone/2018/10/28/bw-calendar-engine-XXE-MitM/"}]},"description": {"description_data": [{"lang": "eng","value": "bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the Middle or malicious server."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= bw-calendar-engine-3.12.0 "}]},"product_name": "bw-calendar-engine"}]},"vendor_name": "bw-calendar-engine"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.472275","DATE_REQUESTED": "2018-10-28T04:26:29","ID": "CVE-2018-1000836","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.472275", + "DATE_REQUESTED" : "2018-10-28T04:26:29", + "ID" : "CVE-2018-1000836", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "bw-calendar-engine", + "version" : { + "version_data" : [ + { + "version_value" : "<= bw-calendar-engine-3.12.0 " + } + ] + } + } + ] + }, + "vendor_name" : "bw-calendar-engine" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the Middle or malicious server." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/bw-calendar-engine-XXE-MitM/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/bw-calendar-engine-XXE-MitM/" + }, + { + "name" : "https://github.com/Bedework/bw-calendar-engine/issues/3", + "refsource" : "MISC", + "url" : "https://github.com/Bedework/bw-calendar-engine/issues/3" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000837.json b/2018/1000xxx/CVE-2018-1000837.json index d099449ac28..3e1980238f5 100644 --- a/2018/1000xxx/CVE-2018-1000837.json +++ b/2018/1000xxx/CVE-2018-1000837.json @@ -1,65 +1,70 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ - { - "url": "https://github.com/ObeoNetwork/UML-Designer/issues/1035" - }, - { - "url": "https://0dd.zone/2018/10/28/uml-designer-XXE/" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "UML Designer version <= 8.0.0 contains a XML External Entity (XXE) vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "<= 8.0.0" - } + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.473507", + "DATE_REQUESTED" : "2018-10-28T04:29:19", + "ID" : "CVE-2018-1000837", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "UML Designer", + "version" : { + "version_data" : [ + { + "version_value" : "<= 8.0.0" + } + ] + } + } ] - }, - "product_name": "UML Designer" - } - ] - }, - "vendor_name": "UML Designer" - } - ] - } - }, - "CVE_data_meta": { - "DATE_ASSIGNED": "2018-11-27T13:54:33.473507", - "DATE_REQUESTED": "2018-10-28T04:29:19", - "ID": "CVE-2018-1000837", - "ASSIGNER": "kurt@seifried.org", - "REQUESTER": "sajeeb@0dd.zone" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "XML External Entity (XXE)" - } - ] + }, + "vendor_name" : "UML Designer" + } + ] } - ] - } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "UML Designer version <= 8.0.0 contains a XML External Entity (XXE) vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/uml-designer-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/uml-designer-XXE/" + }, + { + "name" : "https://github.com/ObeoNetwork/UML-Designer/issues/1035", + "refsource" : "MISC", + "url" : "https://github.com/ObeoNetwork/UML-Designer/issues/1035" + } + ] + } } diff --git a/2018/1000xxx/CVE-2018-1000838.json b/2018/1000xxx/CVE-2018-1000838.json index ecfdd825560..12c8211f3cb 100644 --- a/2018/1000xxx/CVE-2018-1000838.json +++ b/2018/1000xxx/CVE-2018-1000838.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/sleuthkit/autopsy/issues/4236"},{"url": "https://0dd.zone/2018/10/28/autopsy-XXE/"}]},"description": {"description_data": [{"lang": "eng","value": "autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "<= 4.9.0"}]},"product_name": "autopsy"}]},"vendor_name": "autopsy"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.474656","DATE_REQUESTED": "2018-10-28T04:32:50","ID": "CVE-2018-1000838","ASSIGNER": "kurt@seifried.org","REQUESTER": "sajeeb@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.474656", + "DATE_REQUESTED" : "2018-10-28T04:32:50", + "ID" : "CVE-2018-1000838", + "REQUESTER" : "sajeeb@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "autopsy", + "version" : { + "version_data" : [ + { + "version_value" : "<= 4.9.0" + } + ] + } + } + ] + }, + "vendor_name" : "autopsy" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/10/28/autopsy-XXE/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/10/28/autopsy-XXE/" + }, + { + "name" : "https://github.com/sleuthkit/autopsy/issues/4236", + "refsource" : "MISC", + "url" : "https://github.com/sleuthkit/autopsy/issues/4236" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000839.json b/2018/1000xxx/CVE-2018-1000839.json index 207d9e3f0e2..7a8d3185fa5 100644 --- a/2018/1000xxx/CVE-2018-1000839.json +++ b/2018/1000xxx/CVE-2018-1000839.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/LibreHealthIO/lh-ehr/issues/1223"},{"url": "https://0dd.zone/2018/09/03/lh-ehr-RCE-via-picture-upload/"}]},"description": {"description_data": [{"lang": "eng","value": "LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "REL-2_0_0"}]},"product_name": "LH-EHR"}]},"vendor_name": "LH-EHR"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.475758","DATE_REQUESTED": "2018-09-03T02:38:48","ID": "CVE-2018-1000839","ASSIGNER": "kurt@seifried.org","REQUESTER": "cam@0dd.zone"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Arbitrary File Upload"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.475758", + "DATE_REQUESTED" : "2018-09-03T02:38:48", + "ID" : "CVE-2018-1000839", + "REQUESTER" : "cam@0dd.zone", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "LH-EHR", + "version" : { + "version_data" : [ + { + "version_value" : "REL-2_0_0" + } + ] + } + } + ] + }, + "vendor_name" : "LH-EHR" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution. This attack appear to be exploitable via Uploading a PHP file with image MIME type." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Arbitrary File Upload" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://0dd.zone/2018/09/03/lh-ehr-RCE-via-picture-upload/", + "refsource" : "MISC", + "url" : "https://0dd.zone/2018/09/03/lh-ehr-RCE-via-picture-upload/" + }, + { + "name" : "https://github.com/LibreHealthIO/lh-ehr/issues/1223", + "refsource" : "MISC", + "url" : "https://github.com/LibreHealthIO/lh-ehr/issues/1223" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000840.json b/2018/1000xxx/CVE-2018-1000840.json index b1b35cf08ab..5a4d0d6b655 100644 --- a/2018/1000xxx/CVE-2018-1000840.json +++ b/2018/1000xxx/CVE-2018-1000840.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://twitter.com/ben_fry/status/1054333613465059329"},{"url": "https://github.com/processing/processing/issues/5706"}]},"description": {"description_data": [{"lang": "eng","value": "Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests. This attack appear to be exploitable via The victim must use Processing to parse a crafted XML document."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.4 and earlier"}]},"product_name": "Processing"}]},"vendor_name": "Processing Foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.476966","DATE_REQUESTED": "2018-10-22T13:34:23","ID": "CVE-2018-1000840","ASSIGNER": "kurt@seifried.org","REQUESTER": "me@lucapezzolla.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.476966", + "DATE_REQUESTED" : "2018-10-22T13:34:23", + "ID" : "CVE-2018-1000840", + "REQUESTER" : "me@lucapezzolla.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Processing", + "version" : { + "version_data" : [ + { + "version_value" : "3.4 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "Processing Foundation" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests. This attack appear to be exploitable via The victim must use Processing to parse a crafted XML document." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/processing/processing/issues/5706", + "refsource" : "MISC", + "url" : "https://github.com/processing/processing/issues/5706" + }, + { + "name" : "https://twitter.com/ben_fry/status/1054333613465059329", + "refsource" : "MISC", + "url" : "https://twitter.com/ben_fry/status/1054333613465059329" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000841.json b/2018/1000xxx/CVE-2018-1000841.json index f92842784bc..50a60dd8179 100644 --- a/2018/1000xxx/CVE-2018-1000841.json +++ b/2018/1000xxx/CVE-2018-1000841.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://zend.to/changelog.php"}]},"description": {"description_data": [{"lang": "eng","value": "Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser.. This attack appear to be exploitable via HTTP POST request. This vulnerability appears to have been fixed in 5.16-1 Beta."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": " Prior to 5.15-1"}]},"product_name": "Zend.To"}]},"vendor_name": "Zend.To"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.478148","DATE_REQUESTED": "2018-10-26T09:44:20","ID": "CVE-2018-1000841","ASSIGNER": "kurt@seifried.org","REQUESTER": "lo@microlab.red"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.478148", + "DATE_REQUESTED" : "2018-10-26T09:44:20", + "ID" : "CVE-2018-1000841", + "REQUESTER" : "lo@microlab.red", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Zend.To", + "version" : { + "version_data" : [ + { + "version_value" : " Prior to 5.15-1" + } + ] + } + } + ] + }, + "vendor_name" : "Zend.To" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser.. This attack appear to be exploitable via HTTP POST request. This vulnerability appears to have been fixed in 5.16-1 Beta." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://zend.to/changelog.php", + "refsource" : "MISC", + "url" : "https://zend.to/changelog.php" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000842.json b/2018/1000xxx/CVE-2018-1000842.json index 24ed0badf1a..3601c70ff2f 100644 --- a/2018/1000xxx/CVE-2018-1000842.json +++ b/2018/1000xxx/CVE-2018-1000842.json @@ -1,71 +1,80 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ - { - "url": "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-Vulnerability-%282018-10-27%29" - }, - { - "url": "https://groups.google.com/forum/#!topic/fat-free-crm-users/TxsdZXSe7Jc" - }, - { - "url": "https://github.com/asteinhauser/fat_free_crm/issues/1" - }, - { - "url": "https://github.com/asteinhauser/fat_free_crm/commit/306f940b26ccf3f406665f07bece1229a7a5dcfa" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "FatFreeCRM version <=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0 contains a Cross Site Scripting (XSS) vulnerability in commit 6d60bc8ed010c4eda05d6645c64849f415f68d65 that can result in Javascript execution. This attack appear to be exploitable via Content with Javascript payload will be executed on end user browsers when they visit the page. This vulnerability appears to have been fixed in 0.18.1, 0.17.3, 0.16.4, 0.15.2, 0.14.2." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "<=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0" - } + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.479249", + "DATE_REQUESTED" : "2018-10-27T06:04:25", + "ID" : "CVE-2018-1000842", + "REQUESTER" : "security@fatfreecrm.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FatFreeCRM", + "version" : { + "version_data" : [ + { + "version_value" : "<=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0" + } + ] + } + } ] - }, - "product_name": "FatFreeCRM" - } - ] - }, - "vendor_name": "FatFreeCRM" - } - ] - } - }, - "CVE_data_meta": { - "DATE_ASSIGNED": "2018-11-27T13:54:33.479249", - "DATE_REQUESTED": "2018-10-27T06:04:25", - "ID": "CVE-2018-1000842", - "ASSIGNER": "kurt@seifried.org", - "REQUESTER": "security@fatfreecrm.com" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross Site Scripting (XSS)" - } - ] + }, + "vendor_name" : "FatFreeCRM" + } + ] } - ] - } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FatFreeCRM version <=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0 contains a Cross Site Scripting (XSS) vulnerability in commit 6d60bc8ed010c4eda05d6645c64849f415f68d65 that can result in Javascript execution. This attack appear to be exploitable via Content with Javascript payload will be executed on end user browsers when they visit the page. This vulnerability appears to have been fixed in 0.18.1, 0.17.3, 0.16.4, 0.15.2, 0.14.2." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/asteinhauser/fat_free_crm/commit/306f940b26ccf3f406665f07bece1229a7a5dcfa", + "refsource" : "MISC", + "url" : "https://github.com/asteinhauser/fat_free_crm/commit/306f940b26ccf3f406665f07bece1229a7a5dcfa" + }, + { + "name" : "https://github.com/asteinhauser/fat_free_crm/issues/1", + "refsource" : "MISC", + "url" : "https://github.com/asteinhauser/fat_free_crm/issues/1" + }, + { + "name" : "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-Vulnerability-%282018-10-27%29", + "refsource" : "MISC", + "url" : "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-Vulnerability-%282018-10-27%29" + }, + { + "name" : "https://groups.google.com/forum/#!topic/fat-free-crm-users/TxsdZXSe7Jc", + "refsource" : "MISC", + "url" : "https://groups.google.com/forum/#!topic/fat-free-crm-users/TxsdZXSe7Jc" + } + ] + } } diff --git a/2018/1000xxx/CVE-2018-1000843.json b/2018/1000xxx/CVE-2018-1000843.json index d40e0b84b7f..01a4fb3512c 100644 --- a/2018/1000xxx/CVE-2018-1000843.json +++ b/2018/1000xxx/CVE-2018-1000843.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://groups.google.com/forum/#!topic/luigi-user/ZgfRTpBsVUY"},{"url": "https://github.com/spotify/luigi/pull/1870"},{"url": "https://github.com/spotify/luigi/blob/2.7.9/luigi/server.py#L67"}]},"description": {"description_data": [{"lang": "eng","value": "Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery (CSRF) vulnerability in API endpoint: /api/ that can result in Task metadata such as task name, id, parameter, etc. will be leaked to unauthorized users. This attack appear to be exploitable via The victim must visit a specially crafted webpage from the network where their Luigi server is accessible.. This vulnerability appears to have been fixed in 2.8.0 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after PR https://github.com/spotify/luigi/pull/1870"}]},"product_name": "Luigi"}]},"vendor_name": "Luigi"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.480387","DATE_REQUESTED": "2018-11-02T13:25:28","ID": "CVE-2018-1000843","ASSIGNER": "kurt@seifried.org","REQUESTER": "honnix@spotify.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross ite Request Forgery (CSRF)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.480387", + "DATE_REQUESTED" : "2018-11-02T13:25:28", + "ID" : "CVE-2018-1000843", + "REQUESTER" : "honnix@spotify.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Luigi", + "version" : { + "version_data" : [ + { + "version_value" : "prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after PR https://github.com/spotify/luigi/pull/1870" + } + ] + } + } + ] + }, + "vendor_name" : "Luigi" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery (CSRF) vulnerability in API endpoint: /api/ that can result in Task metadata such as task name, id, parameter, etc. will be leaked to unauthorized users. This attack appear to be exploitable via The victim must visit a specially crafted webpage from the network where their Luigi server is accessible.. This vulnerability appears to have been fixed in 2.8.0 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross ite Request Forgery (CSRF)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/spotify/luigi/blob/2.7.9/luigi/server.py#L67", + "refsource" : "MISC", + "url" : "https://github.com/spotify/luigi/blob/2.7.9/luigi/server.py#L67" + }, + { + "name" : "https://github.com/spotify/luigi/pull/1870", + "refsource" : "MISC", + "url" : "https://github.com/spotify/luigi/pull/1870" + }, + { + "name" : "https://groups.google.com/forum/#!topic/luigi-user/ZgfRTpBsVUY", + "refsource" : "MISC", + "url" : "https://groups.google.com/forum/#!topic/luigi-user/ZgfRTpBsVUY" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000844.json b/2018/1000xxx/CVE-2018-1000844.json index 00e39ccde09..1ffccea623e 100644 --- a/2018/1000xxx/CVE-2018-1000844.json +++ b/2018/1000xxx/CVE-2018-1000844.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/square/retrofit/pull/2735"}]},"description": {"description_data": [{"lang": "eng","value": "Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerability appears to have been fixed in After commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437"}]},"product_name": "Retrofit"}]},"vendor_name": "Square Open Source "}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.481816","DATE_REQUESTED": "2018-11-05T16:23:59","ID": "CVE-2018-1000844","ASSIGNER": "kurt@seifried.org","REQUESTER": "zacharymillerconsulting@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity (XXE)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.481816", + "DATE_REQUESTED" : "2018-11-05T16:23:59", + "ID" : "CVE-2018-1000844", + "REQUESTER" : "zacharymillerconsulting@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Retrofit", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437" + } + ] + } + } + ] + }, + "vendor_name" : "Square Open Source " + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerability appears to have been fixed in After commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "XML External Entity (XXE)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/square/retrofit/pull/2735", + "refsource" : "MISC", + "url" : "https://github.com/square/retrofit/pull/2735" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000845.json b/2018/1000xxx/CVE-2018-1000845.json index ea3fa206625..5345150cb03 100644 --- a/2018/1000xxx/CVE-2018-1000845.json +++ b/2018/1000xxx/CVE-2018-1000845.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/lathiat/avahi/issues/203"}]},"description": {"description_data": [{"lang": "eng","value": "Avahi version 0.7 contains a Incorrect Access Control vulnerability in avahi-daemon that can result in Traffic reflection and amplification for DDoS attacks.. This attack appear to be exploitable via unicast IP network packet with spoofed source address."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "0.7"}]},"product_name": "Avahi"}]},"vendor_name": "Avahi"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.482962","DATE_REQUESTED": "2018-11-13T20:17:58","ID": "CVE-2018-1000845","ASSIGNER": "kurt@seifried.org","REQUESTER": "krzysztof@burghardt.pl"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Incorrect Access Control"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.482962", + "DATE_REQUESTED" : "2018-11-13T20:17:58", + "ID" : "CVE-2018-1000845", + "REQUESTER" : "krzysztof@burghardt.pl", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Avahi", + "version" : { + "version_data" : [ + { + "version_value" : "0.7" + } + ] + } + } + ] + }, + "vendor_name" : "Avahi" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Avahi version 0.7 contains a Incorrect Access Control vulnerability in avahi-daemon that can result in Traffic reflection and amplification for DDoS attacks.. This attack appear to be exploitable via unicast IP network packet with spoofed source address." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Incorrect Access Control" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/lathiat/avahi/issues/203", + "refsource" : "MISC", + "url" : "https://github.com/lathiat/avahi/issues/203" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000846.json b/2018/1000xxx/CVE-2018-1000846.json index 3119c0d0d91..03758cfc0f3 100644 --- a/2018/1000xxx/CVE-2018-1000846.json +++ b/2018/1000xxx/CVE-2018-1000846.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/funzoneq/freshdns/issues/7"},{"url": "https://github.com/funzoneq/freshdns/pull/6/commits/bdeff81bd4baff9463d46b90fb1889e7ac7ec4ed"}]},"description": {"description_data": [{"lang": "eng","value": "FreshDNS version 1.0.3 and earlier contains a Cross ite Request Forgery (CSRF) vulnerability in All (authenticated) API calls in index.php / class.manager.php that can result in Editing domains and zones with victim's privileges. This attack appear to be exploitable via Victim must open a website containing attacker's javascript. This vulnerability appears to have been fixed in 1.0.5 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.0.3 and earlier"}]},"product_name": "FreshDNS"}]},"vendor_name": "FreshDNS"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.484138","DATE_REQUESTED": "2018-11-14T20:29:08","ID": "CVE-2018-1000846","ASSIGNER": "kurt@seifried.org","REQUESTER": "cve@max-weller.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross ite Request Forgery (CSRF)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.484138", + "DATE_REQUESTED" : "2018-11-14T20:29:08", + "ID" : "CVE-2018-1000846", + "REQUESTER" : "cve@max-weller.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FreshDNS", + "version" : { + "version_data" : [ + { + "version_value" : "1.0.3 and earlier" + } + ] + } + } + ] + }, + "vendor_name" : "FreshDNS" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FreshDNS version 1.0.3 and earlier contains a Cross ite Request Forgery (CSRF) vulnerability in All (authenticated) API calls in index.php / class.manager.php that can result in Editing domains and zones with victim's privileges. This attack appear to be exploitable via Victim must open a website containing attacker's javascript. This vulnerability appears to have been fixed in 1.0.5 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross ite Request Forgery (CSRF)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/funzoneq/freshdns/issues/7", + "refsource" : "MISC", + "url" : "https://github.com/funzoneq/freshdns/issues/7" + }, + { + "name" : "https://github.com/funzoneq/freshdns/pull/6/commits/bdeff81bd4baff9463d46b90fb1889e7ac7ec4ed", + "refsource" : "MISC", + "url" : "https://github.com/funzoneq/freshdns/pull/6/commits/bdeff81bd4baff9463d46b90fb1889e7ac7ec4ed" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000847.json b/2018/1000xxx/CVE-2018-1000847.json index f3f480d1037..b0db1ee1327 100644 --- a/2018/1000xxx/CVE-2018-1000847.json +++ b/2018/1000xxx/CVE-2018-1000847.json @@ -1 +1,70 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/funzoneq/freshdns/issues/16"},{"url": "https://github.com/funzoneq/freshdns/pull/6/commits/48b5ca812a89689fd2f32248875cedcba8c9014f"}]},"description": {"description_data": [{"lang": "eng","value": "FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) vulnerability in Account data form; Zone editor that can result in Execution of attacker's JavaScript code in victim's session. This attack appear to be exploitable via The attacker stores a specially crafted string as their Full Name in their account details. The victim (e.g. the administrator of the FreshDNS instance) opens the User List in the admin interface.. This vulnerability appears to have been fixed in 1.0.5 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.0.3 and prior"}]},"product_name": "FreshDNS"}]},"vendor_name": "FreshDNS"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.485354","DATE_REQUESTED": "2018-11-14T21:13:40","ID": "CVE-2018-1000847","ASSIGNER": "kurt@seifried.org","REQUESTER": "cve@max-weller.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.485354", + "DATE_REQUESTED" : "2018-11-14T21:13:40", + "ID" : "CVE-2018-1000847", + "REQUESTER" : "cve@max-weller.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FreshDNS", + "version" : { + "version_data" : [ + { + "version_value" : "1.0.3 and prior" + } + ] + } + } + ] + }, + "vendor_name" : "FreshDNS" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) vulnerability in Account data form; Zone editor that can result in Execution of attacker's JavaScript code in victim's session. This attack appear to be exploitable via The attacker stores a specially crafted string as their Full Name in their account details. The victim (e.g. the administrator of the FreshDNS instance) opens the User List in the admin interface.. This vulnerability appears to have been fixed in 1.0.5 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/funzoneq/freshdns/issues/16", + "refsource" : "MISC", + "url" : "https://github.com/funzoneq/freshdns/issues/16" + }, + { + "name" : "https://github.com/funzoneq/freshdns/pull/6/commits/48b5ca812a89689fd2f32248875cedcba8c9014f", + "refsource" : "MISC", + "url" : "https://github.com/funzoneq/freshdns/pull/6/commits/48b5ca812a89689fd2f32248875cedcba8c9014f" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000848.json b/2018/1000xxx/CVE-2018-1000848.json index 74041d84d10..362c680c91d 100644 --- a/2018/1000xxx/CVE-2018-1000848.json +++ b/2018/1000xxx/CVE-2018-1000848.json @@ -1 +1,65 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "http://forum.wampserver.com/read.php?2,153491"}]},"description": {"description_data": [{"lang": "eng","value": "Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "prior to version 3.1.5"}]},"product_name": "Wampserver"}]},"vendor_name": "Wampserver"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.486534","DATE_REQUESTED": "2018-11-18T12:33:39","ID": "CVE-2018-1000848","ASSIGNER": "kurt@seifried.org","REQUESTER": "wampserver@otomatic.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.486534", + "DATE_REQUESTED" : "2018-11-18T12:33:39", + "ID" : "CVE-2018-1000848", + "REQUESTER" : "wampserver@otomatic.net", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Wampserver", + "version" : { + "version_data" : [ + { + "version_value" : "prior to version 3.1.5" + } + ] + } + } + ] + }, + "vendor_name" : "Wampserver" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://forum.wampserver.com/read.php?2,153491", + "refsource" : "MISC", + "url" : "http://forum.wampserver.com/read.php?2,153491" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000849.json b/2018/1000xxx/CVE-2018-1000849.json index 7952dce4631..82743174f2c 100644 --- a/2018/1000xxx/CVE-2018-1000849.json +++ b/2018/1000xxx/CVE-2018-1000849.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://alpinelinux.org/posts/Alpine-3.8.1-released.html"},{"url": "https://git.alpinelinux.org/cgit/apk-tools/commit/?id=6484ed9849f03971eb48ee1fdc21a2f128247eb1"},{"url": "https://justi.cz/security/2018/09/13/alpine-apk-rce.html"}]},"description": {"description_data": [{"lang": "eng","value": "Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data to an attacker-specified file, due to bugs in handling long link target name and the way a regular file is extracted.. This vulnerability appears to have been fixed in 2.6.10, 2.7.6, and 2.10.1."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "Versions prior to 2.6.10, 2.7.6, and 2.10.1"}]},"product_name": "Alpine Linux"}]},"vendor_name": "Alpine Linux"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.487947","DATE_REQUESTED": "2018-11-21T15:16:04","ID": "CVE-2018-1000849","ASSIGNER": "kurt@seifried.org","REQUESTER": "d@duniel.no"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.487947", + "DATE_REQUESTED" : "2018-11-21T15:16:04", + "ID" : "CVE-2018-1000849", + "REQUESTER" : "d@duniel.no", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Alpine Linux", + "version" : { + "version_data" : [ + { + "version_value" : "Versions prior to 2.6.10, 2.7.6, and 2.10.1" + } + ] + } + } + ] + }, + "vendor_name" : "Alpine Linux" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data to an attacker-specified file, due to bugs in handling long link target name and the way a regular file is extracted.. This vulnerability appears to have been fixed in 2.6.10, 2.7.6, and 2.10.1." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://alpinelinux.org/posts/Alpine-3.8.1-released.html", + "refsource" : "MISC", + "url" : "https://alpinelinux.org/posts/Alpine-3.8.1-released.html" + }, + { + "name" : "https://git.alpinelinux.org/cgit/apk-tools/commit/?id=6484ed9849f03971eb48ee1fdc21a2f128247eb1", + "refsource" : "MISC", + "url" : "https://git.alpinelinux.org/cgit/apk-tools/commit/?id=6484ed9849f03971eb48ee1fdc21a2f128247eb1" + }, + { + "name" : "https://justi.cz/security/2018/09/13/alpine-apk-rce.html", + "refsource" : "MISC", + "url" : "https://justi.cz/security/2018/09/13/alpine-apk-rce.html" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000850.json b/2018/1000xxx/CVE-2018-1000850.json index efbd92b9a88..b27eaeeaa30 100644 --- a/2018/1000xxx/CVE-2018-1000850.json +++ b/2018/1000xxx/CVE-2018-1000850.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/square/retrofit/blob/master/CHANGELOG.md"},{"url": "https://ihacktoprotect.com/post/retrofit-path-traversal/"},{"url": "https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982"}]},"description": {"description_data": [{"lang": "eng","value": "Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack appear to be exploitable via An attacker should have access to an encoded path parameter on POST, PUT or DELETE request.. This vulnerability appears to have been fixed in 2.5.0 and later."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "versions from (including) 2.0 and 2.5.0 (excluding)"}]},"product_name": "Retrofit"}]},"vendor_name": "Square"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.489515","DATE_REQUESTED": "2018-11-25T10:27:23","ID": "CVE-2018-1000850","ASSIGNER": "kurt@seifried.org","REQUESTER": "mario.s.s.areias@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Directory Traversal"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.489515", + "DATE_REQUESTED" : "2018-11-25T10:27:23", + "ID" : "CVE-2018-1000850", + "REQUESTER" : "mario.s.s.areias@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Retrofit", + "version" : { + "version_data" : [ + { + "version_value" : "versions from (including) 2.0 and 2.5.0 (excluding)" + } + ] + } + } + ] + }, + "vendor_name" : "Square" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack appear to be exploitable via An attacker should have access to an encoded path parameter on POST, PUT or DELETE request.. This vulnerability appears to have been fixed in 2.5.0 and later." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Directory Traversal" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/square/retrofit/blob/master/CHANGELOG.md", + "refsource" : "MISC", + "url" : "https://github.com/square/retrofit/blob/master/CHANGELOG.md" + }, + { + "name" : "https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982", + "refsource" : "MISC", + "url" : "https://github.com/square/retrofit/commit/b9a7f6ad72073ddd40254c0058710e87a073047d#diff-943ec7ed35e68201824904d1dc0ec982" + }, + { + "name" : "https://ihacktoprotect.com/post/retrofit-path-traversal/", + "refsource" : "MISC", + "url" : "https://ihacktoprotect.com/post/retrofit-path-traversal/" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000851.json b/2018/1000xxx/CVE-2018-1000851.json index 099a2434287..594be735778 100644 --- a/2018/1000xxx/CVE-2018-1000851.json +++ b/2018/1000xxx/CVE-2018-1000851.json @@ -1 +1,80 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://blog.bitpay.com/npm-package-vulnerability-copay/"},{"url": "https://github.com/bitpay/copay/issues/9346"},{"url": "https://github.com/dominictarr/event-stream/issues/116"},{"url": "https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/"}]},"description": {"description_data": [{"lang": "eng","value": "Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability appears to have been fixed in 5.2.0 and later ."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "5.01 to 5.1.0 included."}]},"product_name": "Copay Bitcoin Wallet"}]},"vendor_name": "Copay Bitcoin Wallet"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.490711","DATE_REQUESTED": "2018-11-27T14:18:02","ID": "CVE-2018-1000851","ASSIGNER": "kurt@seifried.org","REQUESTER": "matias@bitpay.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T13:54:33.490711", + "DATE_REQUESTED" : "2018-11-27T14:18:02", + "ID" : "CVE-2018-1000851", + "REQUESTER" : "matias@bitpay.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Copay Bitcoin Wallet", + "version" : { + "version_data" : [ + { + "version_value" : "5.01 to 5.1.0 included." + } + ] + } + } + ] + }, + "vendor_name" : "Copay Bitcoin Wallet" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability appears to have been fixed in 5.2.0 and later ." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/", + "refsource" : "MISC", + "url" : "https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/" + }, + { + "name" : "https://blog.bitpay.com/npm-package-vulnerability-copay/", + "refsource" : "MISC", + "url" : "https://blog.bitpay.com/npm-package-vulnerability-copay/" + }, + { + "name" : "https://github.com/bitpay/copay/issues/9346", + "refsource" : "MISC", + "url" : "https://github.com/bitpay/copay/issues/9346" + }, + { + "name" : "https://github.com/dominictarr/event-stream/issues/116", + "refsource" : "MISC", + "url" : "https://github.com/dominictarr/event-stream/issues/116" + } + ] + } +} diff --git a/2018/1000xxx/CVE-2018-1000852.json b/2018/1000xxx/CVE-2018-1000852.json index 98645223d5a..ce9767d5b81 100644 --- a/2018/1000xxx/CVE-2018-1000852.json +++ b/2018/1000xxx/CVE-2018-1000852.json @@ -1 +1,75 @@ -{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/FreeRDP/FreeRDP/issues/4866"},{"url": "https://github.com/FreeRDP/FreeRDP/pull/4871"},{"url": "https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471"}]},"description": {"description_data": [{"lang": "eng","value": "FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3"}]},"product_name": "FreeRDP 2.0.0-rc3 released"}]},"vendor_name": "FreeRDP"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T14:14:31.672614","DATE_REQUESTED": "2018-11-09T01:21:55","ID": "CVE-2018-1000852","ASSIGNER": "kurt@seifried.org","REQUESTER": "tonix0114@gmail.com"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Other/Unknown"}]}]}} \ No newline at end of file +{ + "CVE_data_meta" : { + "ASSIGNER" : "kurt@seifried.org", + "DATE_ASSIGNED" : "2018-11-27T14:14:31.672614", + "DATE_REQUESTED" : "2018-11-09T01:21:55", + "ID" : "CVE-2018-1000852", + "REQUESTER" : "tonix0114@gmail.com", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "FreeRDP 2.0.0-rc3 released", + "version" : { + "version_data" : [ + { + "version_value" : "before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3" + } + ] + } + } + ] + }, + "vendor_name" : "FreeRDP" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Other/Unknown" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/FreeRDP/FreeRDP/issues/4866", + "refsource" : "MISC", + "url" : "https://github.com/FreeRDP/FreeRDP/issues/4866" + }, + { + "name" : "https://github.com/FreeRDP/FreeRDP/pull/4871", + "refsource" : "MISC", + "url" : "https://github.com/FreeRDP/FreeRDP/pull/4871" + }, + { + "name" : "https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471", + "refsource" : "MISC", + "url" : "https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471" + } + ] + } +} diff --git a/2018/11xxx/CVE-2018-11985.json b/2018/11xxx/CVE-2018-11985.json index 73daebef6bc..8f5dac27ba9 100644 --- a/2018/11xxx/CVE-2018-11985.json +++ b/2018/11xxx/CVE-2018-11985.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vunerability due to integer overflow in roundup to native pointer." + "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer." } ] },