diff --git a/2018/11xxx/CVE-2018-11330.json b/2018/11xxx/CVE-2018-11330.json new file mode 100644 index 00000000000..bea8e687640 --- /dev/null +++ b/2018/11xxx/CVE-2018-11330.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-11330", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Pluck before 4.7.6. There is authenticated stored XSS because the character set for filenames is not properly restricted." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976e", + "refsource" : "MISC", + "url" : "https://github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976e" + }, + { + "name" : "https://github.com/pluck-cms/pluck/issues/58", + "refsource" : "MISC", + "url" : "https://github.com/pluck-cms/pluck/issues/58" + } + ] + } +} diff --git a/2018/11xxx/CVE-2018-11331.json b/2018/11xxx/CVE-2018-11331.json new file mode 100644 index 00000000000..e3d78018d36 --- /dev/null +++ b/2018/11xxx/CVE-2018-11331.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-11331", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976e", + "refsource" : "MISC", + "url" : "https://github.com/pluck-cms/pluck/commit/8f6541e60c9435e82e9c531a20cb3c218d36976e" + }, + { + "name" : "https://github.com/pluck-cms/pluck/issues/58", + "refsource" : "MISC", + "url" : "https://github.com/pluck-cms/pluck/issues/58" + } + ] + } +} diff --git a/2018/11xxx/CVE-2018-11332.json b/2018/11xxx/CVE-2018-11332.json new file mode 100644 index 00000000000..33a5644ec03 --- /dev/null +++ b/2018/11xxx/CVE-2018-11332.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-11332", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/11xxx/CVE-2018-11333.json b/2018/11xxx/CVE-2018-11333.json new file mode 100644 index 00000000000..1a50bf61162 --- /dev/null +++ b/2018/11xxx/CVE-2018-11333.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-11333", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/1xxx/CVE-2018-1108.json b/2018/1xxx/CVE-2018-1108.json index 33262a54387..895c2c5d4c0 100644 --- a/2018/1xxx/CVE-2018-1108.json +++ b/2018/1xxx/CVE-2018-1108.json @@ -1,69 +1,72 @@ { - "impact": { - "cvss": [ - [ - { - "vectorString": "5.9/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", - "version": "3.0" - } + "CVE_data_meta" : { + "ASSIGNER" : "lpardo@redhat.com", + "ID" : "CVE-2018-1108", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "drivers", + "version" : { + "version_data" : [ + { + "version_value" : "kernel 4.17-rc1" + } + ] + } + } + ] + }, + "vendor_name" : "kernel" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "5.9/CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-119" + } ] - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "kernel 4.17-rc1" - } - ] - }, - "product_name": "drivers" - } - ] - }, - "vendor_name": "kernel" - } - ] - } - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-119" - } - ] - } - ] - }, - "data_version": "4.0", - "references": { - "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1108" - } - ] - }, - "CVE_data_meta": { - "ID": "CVE-2018-1108", - "ASSIGNER": "lpardo@redhat.com" - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1108", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1108" + } + ] + } } diff --git a/2018/7xxx/CVE-2018-7687.json b/2018/7xxx/CVE-2018-7687.json index eb0af283f1c..8917fabe851 100644 --- a/2018/7xxx/CVE-2018-7687.json +++ b/2018/7xxx/CVE-2018-7687.json @@ -1,93 +1,93 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@microfocus.com", - "DATE_PUBLIC": "2018-05-18T18:00:00.000Z", - "ID": "CVE-2018-7687", - "STATE": "PUBLIC", - "TITLE": "Client for OES Elevation of Privilege via Buffer Overflow" + "CVE_data_meta" : { + "ASSIGNER" : "security@microfocus.com", + "DATE_PUBLIC" : "2018-05-18T18:00:00.000Z", + "ID" : "CVE-2018-7687", + "STATE" : "PUBLIC", + "TITLE" : "Client for OES Elevation of Privilege via Buffer Overflow" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Client for Open Enterprise Server", - "version": { - "version_data": [ + "product_name" : "Client for Open Enterprise Server", + "version" : { + "version_data" : [ { - "affected": "<", - "version_name": "2 SP4 (IR8a)", - "version_value": "2 SP4 (IR8a)" + "affected" : "<", + "version_name" : "2 SP4 (IR8a)", + "version_value" : "2 SP4 (IR8a)" } ] } } ] }, - "vendor_name": "Micro Focus" + "vendor_name" : "Micro Focus" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys." + "lang" : "eng", + "value" : "The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys." } ] }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "LOCAL", + "availabilityImpact" : "HIGH", + "baseScore" : 7.8, + "baseSeverity" : "HIGH", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "privilegesRequired" : "LOW", + "scope" : "UNCHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Elevation of privilege via buffer overflow." + "lang" : "eng", + "value" : "Elevation of privilege via buffer overflow." } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "name": "TID #7022983", - "refsource": "CONFIRM", - "url": "https://www.novell.com/support/kb/doc.php?id=7022983" + "name" : "https://bugzilla.novell.com/show_bug.cgi?id=1093607", + "refsource" : "MISC", + "url" : "https://bugzilla.novell.com/show_bug.cgi?id=1093607" }, { - "name": "Bug #1093607", - "refsource": "CONFIRM", - "url": "https://bugzilla.novell.com/show_bug.cgi?id=1093607" + "name" : "https://www.novell.com/support/kb/doc.php?id=7022983", + "refsource" : "MISC", + "url" : "https://www.novell.com/support/kb/doc.php?id=7022983" } ] }, - "source": { - "defect": [ + "source" : { + "defect" : [ "1093607" ], - "discovery": "EXTERNAL" + "discovery" : "EXTERNAL" } -} \ No newline at end of file +}