admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-03-22 12:04:22 -04:00
parent 8fb0ce8f3b
commit d9d0597f4e
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
6 changed files with 147 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
2017/1xxx/CVE-2017-1774.json
View File

@ -1,16 +1,14 @@
{
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2017-1774",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-02-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
"ID" : "CVE-2017-1774",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -24,18 +22,20 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 136818."
"value" : "IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 136818."
}
]
},
@ -54,12 +54,13 @@
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013595",
"name" : "IBM Security Bulletin 2013595 (Security Guardium Big Data Intelligence)"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136818"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136818",
"name" : "X-Force Vulnerability Report"
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013595"
},
{
"url" : "http://www.securityfocus.com/bid/103214"
}
]
}

83
2018/1xxx/CVE-2018-1377.json
View File

@ -1,7 +1,44 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-02-21T00:00:00",
"ID" : "CVE-2018-1377",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Big Data Intelligence",
"version" : {
"version_data" : [
{
"version_value" : "3.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 137778."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
@ -14,52 +51,16 @@
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 137778."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2018-1377",
"DATE_PUBLIC" : "2018-02-21T00:00:00",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.1"
}
]
},
"product_name" : "Security Guardium Big Data Intelligence"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "IBM Security Bulletin 2013596 (Security Guardium Big Data Intelligence)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137778"
},
{
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22013596"
},
{
"name" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137778"
"url" : "http://www.securityfocus.com/bid/103213"
}
]
}

46
2018/5xxx/CVE-2018-5349.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-5349",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory \"C:\\ProgramData\\Heimdal Security\\Heimdal Agent\" allow BUILTIN\\Users to write new files to the directory. On startup, the process Heimdal.MonitorServices.exe running as SYSTEM will attempt to load version.dll from this directory. Placing a malicious version.dll in this directory will result in privilege escalation. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://improsec.com/blog/heimdal-advisory-1"
}
]
}

4
2018/5xxx/CVE-2018-5550.json
View File

@ -53,10 +53,10 @@
"references" : {
"reference_data" : [
{
"url" : "https://epson.com/support/wa00860"
"url" : "https://blog.rapid7.com/2018/02/08/r7-2017-28-epson-airprint-xss-cve-2018-5550/"
},
{
"url" : "https://blog.rapid7.com/2018/02/08/r7-2017-28-epson-airprint-xss-cve-2018-5550/"
"url" : "https://epson.com/support/wa00860"
}
]
}

46
2018/5xxx/CVE-2018-5731.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-5731",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\\windows\\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the file in the window between md.hs closing the file and executing it. This can be exploited via opportunistic locks and a high priority thread. The vulnerablity is triggered when a scan starts. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://improsec.com/blog/heimdal-advisory-2"
}
]
}

3
2018/6xxx/CVE-2018-6384.json
View File

@ -52,6 +52,9 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_nsclient_-_cve-2018-6384.pdf"
},
{
"url" : "https://nsclient.org/blog/2018/01/30/CVE-2018-6384-0.3.9/"
}