admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-12-07 11:06:21 -05:00
parent 982e83fcf0
commit bec1643d4c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
27 changed files with 665 additions and 253 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2018/19xxx/CVE-2018-19940.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19940",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19941.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19941",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19942.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19942",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19943.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19943",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19944.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19944",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19945.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19945",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19946.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19946",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19947.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19947",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19948.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19948",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19949.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19949",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19950.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19950",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19951.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19951",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19952.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19952",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19953.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19953",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19954.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19954",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19955.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19955",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19956.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19956",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19957.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19957",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19958.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19958",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19959.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19959",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2018/19xxx/CVE-2018-19960.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19960",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The debug_mode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshare_server.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.debian.org/915859",
"refsource" : "MISC",
"url" : "https://bugs.debian.org/915859"
}
]
}
}

100
2018/1xxx/CVE-2018-1424.json
View File

@ -1,48 +1,18 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 744217 (Marketing Platform)",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-marketing-cve20181424-info-disc (139029)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139029"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"PR" : "L",
"S" : "U",
"C" : "H",
"I" : "N",
"SCORE" : "7.100",
"AV" : "N",
"AC" : "L",
"A" : "L"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"ID" : "CVE-2018-1424",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Marketing Platform",
"version" : {
"version_data" : [
{
@ -55,13 +25,44 @@
"version_value" : "10.1"
}
]
}
}
]
},
"product_name" : "Marketing Platform"
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "7.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
@ -76,21 +77,18 @@
}
]
},
"description" : {
"description_data" : [
"references" : {
"reference_data" : [
{
"value" : "IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029.",
"lang" : "eng"
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217"
},
{
"name" : "ibm-marketing-cve20181424-info-disc(139029)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139029"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1424"
},
"data_format" : "MITRE",
"data_type" : "CVE"
}
}

100
2018/1xxx/CVE-2018-1663.json
View File

@ -1,39 +1,9 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 740033 (DataPower Gateways)",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740033",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740033"
},
{
"refsource" : "XF",
"name" : "ibm-websphere-cve20181663-info-disc (144889)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/144889",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"PR" : "N",
"UI" : "N",
"AC" : "H",
"A" : "N",
"AV" : "N",
"SCORE" : "5.900",
"I" : "N",
"C" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"ID" : "CVE-2018-1663",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -70,33 +40,61 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 144889."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1663"
},
"description" : {
"description_data" : [
"references" : {
"reference_data" : [
{
"value" : "IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 144889.",
"lang" : "eng"
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10740033",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10740033"
},
{
"name" : "ibm-websphere-cve20181663-info-disc(144889)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/144889"
}
]
},
"data_type" : "CVE"
}
}

100
2018/1xxx/CVE-2018-1883.json
View File

@ -1,56 +1,9 @@
{
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A problem within the IBM MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, and 9.1.0.0 Console REST API Could allow attackers to execute a denial of service attack preventing users from logging into the MQ Console REST API. IBM X-Force ID: 151969."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"ID" : "CVE-2018-1883"
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 738197 (MQ)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10738197",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10738197"
},
{
"refsource" : "XF",
"name" : "ibm-websphere-cve20181883-dos (151969)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151969",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"PR" : "N",
"UI" : "N",
"S" : "U",
"C" : "N",
"SCORE" : "5.300",
"I" : "N",
"AC" : "L",
"A" : "L",
"AV" : "N"
}
}
"ID" : "CVE-2018-1883",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -59,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "MQ",
"version" : {
"version_data" : [
{
@ -77,8 +31,7 @@
"version_value" : "9.1.0.0"
}
]
},
"product_name" : "MQ"
}
}
]
},
@ -87,6 +40,37 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A problem within the IBM MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, and 9.1.0.0 Console REST API Could allow attackers to execute a denial of service attack preventing users from logging into the MQ Console REST API. IBM X-Force ID: 151969."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "N",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -98,5 +82,19 @@
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10738197",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10738197"
},
{
"name" : "ibm-websphere-cve20181883-dos(151969)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151969"
}
]
}
}

88
2018/1xxx/CVE-2018-1896.json
View File

@ -1,15 +1,9 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"ID" : "CVE-2018-1896",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -40,57 +34,61 @@
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. IBM X-Force ID: 152456."
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "R",
"PR" : "L",
"S" : "U",
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "U",
"SCORE" : "4.600",
"AV" : "N",
"AC" : "L",
"A" : "N"
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10742567",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10742567",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 742567 (Connections)"
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10742567"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152456",
"name" : "ibm-connections-cve20181896-head-injection (152456)",
"refsource" : "XF"
"name" : "ibm-connections-cve20181896-head-injection(152456)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152456"
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. IBM X-Force ID: 152456.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2018-1896",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-12-05T00:00:00"
},
"data_format" : "MITRE"
}

100
2018/1xxx/CVE-2018-1920.json
View File

@ -1,62 +1,14 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2018-12-05T00:00:00",
"ID" : "CVE-2018-1920"
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 744217 (Marketing Platform)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152855",
"name" : "ibm-marketing-cve20181920-xxe (152855)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"S" : "U",
"PR" : "L",
"UI" : "N",
"C" : "H",
"AC" : "L",
"A" : "L",
"AV" : "N",
"SCORE" : "7.100",
"I" : "N"
}
}
"ID" : "CVE-2018-1920",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -76,11 +28,43 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "7.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
@ -92,5 +76,19 @@
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744217"
},
{
"name" : "ibm-marketing-cve20181920-xxe(152855)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152855"
}
]
}
}

2
2018/6xxx/CVE-2018-6755.json
View File

@ -44,7 +44,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware."
"value" : "Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware."
}
]
},