admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-06-11 06:03:55 -04:00
parent afcc2d2abe
commit c0811ebb6a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
19 changed files with 304 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/10xxx/CVE-2018-10360.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10360",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22",
"refsource" : "CONFIRM",
"url" : "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22"
}
]
}

5
2018/12xxx/CVE-2018-12020.json
View File

@ -81,6 +81,11 @@
"name" : "DSA-4224",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4224"
},
{
"name" : "1041051",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041051"
}
]
}

48
2018/12xxx/CVE-2018-12025.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12025",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://medium.com/secbit-media/bugged-smart-contract-f-e-how-could-someone-mess-up-with-boolean-d2251defd6ff",
"refsource" : "MISC",
"url" : "https://medium.com/secbit-media/bugged-smart-contract-f-e-how-could-someone-mess-up-with-boolean-d2251defd6ff"
}
]
}

62
2018/12xxx/CVE-2018-12089.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12089",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Octopus Deploy version 2018.5.1 to 2018.5.7, a user with Task View is able to view a password for a Service Fabric Cluster, when the Service Fabric Cluster target is configured in Azure Active Directory security mode and a deployment is executed with OctopusPrintVariables set to True. This is fixed in 2018.6.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/OctopusDeploy/Issues/issues/4628",
"refsource" : "CONFIRM",
"url" : "https://github.com/OctopusDeploy/Issues/issues/4628"
}
]
}
}

62
2018/12xxx/CVE-2018-12090.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12090",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "There is unauthenticated reflected cross-site scripting (XSS) in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter during a forgotPasswordChange.jsp?key= password change."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.lamsfoundation.org/browse/LDEV-4600",
"refsource" : "CONFIRM",
"url" : "https://bugs.lamsfoundation.org/browse/LDEV-4600"
}
]
}
}

18
2018/12xxx/CVE-2018-12091.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-12091",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2018/1xxx/CVE-2018-1124.json
View File

@ -110,6 +110,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1777"
},
{
"name" : "RHSA-2018:1820",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1820"
},
{
"name" : "USN-3658-1",
"refsource" : "UBUNTU",

5
2018/1xxx/CVE-2018-1126.json
View File

@ -97,6 +97,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1777"
},
{
"name" : "RHSA-2018:1820",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1820"
},
{
"name" : "USN-3658-1",
"refsource" : "UBUNTU",

5
2018/2xxx/CVE-2018-2790.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2794.json
View File

@ -84,6 +84,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2795.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2796.json
View File

@ -76,6 +76,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2797.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2798.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2799.json
View File

@ -76,6 +76,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2800.json
View File

@ -76,6 +76,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2814.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/2xxx/CVE-2018-2815.json
View File

@ -80,6 +80,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4185"
},
{
"name" : "DSA-4225",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4225"
},
{
"name" : "RHSA-2018:1188",
"refsource" : "REDHAT",

5
2018/4xxx/CVE-2018-4205.json
View File

@ -57,6 +57,11 @@
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208854"
},
{
"name" : "104358",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104358"
},
{
"name" : "1041029",
"refsource" : "SECTRACK",