admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #70 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2018-11-13 09:02:33 -05:00 committed by GitHub
commit e56882679e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
139 changed files with 3226 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2016/0xxx/CVE-2016-0801.json
View File

@ -57,6 +57,11 @@
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39801/"
},
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "http://source.android.com/security/bulletin/2016-02-01.html",
"refsource" : "CONFIRM",

5
2016/5xxx/CVE-2016-5419.json
View File

@ -102,6 +102,11 @@
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "SSA:2016-219-01",
"refsource" : "SLACKWARE",

5
2016/5xxx/CVE-2016-5420.json
View File

@ -102,6 +102,11 @@
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "SSA:2016-219-01",
"refsource" : "SLACKWARE",

5
2016/5xxx/CVE-2016-5421.json
View File

@ -92,6 +92,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-47"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "SSA:2016-219-01",
"refsource" : "SLACKWARE",

5
2016/7xxx/CVE-2016-7141.json
View File

@ -92,6 +92,11 @@
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "openSUSE-SU-2016:2379",
"refsource" : "SUSE",

5
2016/7xxx/CVE-2016-7167.json
View File

@ -97,6 +97,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "SSA:2016-259-01",
"refsource" : "SLACKWARE",

5
2016/8xxx/CVE-2016-8615.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94096",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8616.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94094",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8617.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94097",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8618.json
View File

@ -98,6 +98,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94098",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8619.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94100",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8620.json
View File

@ -93,6 +93,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-47"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94102",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8621.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94101",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8622.json
View File

@ -106,6 +106,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94105",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8623.json
View File

@ -103,6 +103,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94106",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8624.json
View File

@ -98,6 +98,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94103",
"refsource" : "BID",

5
2016/8xxx/CVE-2016-8625.json
View File

@ -98,6 +98,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94107",
"refsource" : "BID",

5
2016/9xxx/CVE-2016-9586.json
View File

@ -98,6 +98,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-47"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "95019",
"refsource" : "BID",

5
2017/0xxx/CVE-2017-0561.json
View File

@ -65,6 +65,11 @@
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41806/"
},
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM",

5
2017/1000xxx/CVE-2017-1000100.json
View File

@ -74,6 +74,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-14"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "100286",
"refsource" : "BID",

5
2017/1000xxx/CVE-2017-1000101.json
View File

@ -74,6 +74,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-14"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "100249",
"refsource" : "BID",

5
2017/1000xxx/CVE-2017-1000254.json
View File

@ -87,6 +87,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "101115",
"refsource" : "BID",

5
2017/1000xxx/CVE-2017-1000257.json
View File

@ -79,6 +79,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "101519",
"refsource" : "BID",

5
2017/13xxx/CVE-2017-13077.json
View File

@ -55,6 +55,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.krackattacks.com/",
"refsource" : "MISC",

5
2017/13xxx/CVE-2017-13078.json
View File

@ -55,6 +55,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.krackattacks.com/",
"refsource" : "MISC",

5
2017/13xxx/CVE-2017-13079.json
View File

@ -55,6 +55,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.krackattacks.com/",
"refsource" : "MISC",

5
2017/13xxx/CVE-2017-13080.json
View File

@ -60,6 +60,11 @@
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.krackattacks.com/",
"refsource" : "MISC",

5
2017/13xxx/CVE-2017-13081.json
View File

@ -55,6 +55,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.krackattacks.com/",
"refsource" : "MISC",

5
2017/15xxx/CVE-2017-15710.json
View File

@ -84,6 +84,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4164"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

5
2017/15xxx/CVE-2017-15715.json
View File

@ -73,6 +73,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4164"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

5
2017/16xxx/CVE-2017-16541.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://blog.torproject.org/tor-browser-709-released",
"refsource" : "MISC",

5
2017/7xxx/CVE-2017-7407.json
View File

@ -66,6 +66,11 @@
"name" : "GLSA-201709-14",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-14"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
}
]
}

5
2017/8xxx/CVE-2017-8816.json
View File

@ -72,6 +72,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201712-04"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "101998",
"refsource" : "BID",

5
2017/8xxx/CVE-2017-8817.json
View File

@ -77,6 +77,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201712-04"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "102057",
"refsource" : "BID",

5
2017/9xxx/CVE-2017-9417.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name" : "https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets",
"refsource" : "MISC",

5
2018/0xxx/CVE-2018-0284.json
View File

@ -111,6 +111,11 @@
"name" : "20181107 Cisco Meraki Local Status Page Privilege Escalation Vulnerability",
"refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki"
},
{
"name" : "105878",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105878"
}
]
},

5
2018/1000xxx/CVE-2018-1000007.json
View File

@ -74,6 +74,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3157"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3554-2",
"refsource" : "UBUNTU",

5
2018/1000xxx/CVE-2018-1000120.json
View File

@ -84,6 +84,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3157"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3598-1",
"refsource" : "UBUNTU",

5
2018/1000xxx/CVE-2018-1000121.json
View File

@ -84,6 +84,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3157"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3598-1",
"refsource" : "UBUNTU",

5
2018/1000xxx/CVE-2018-1000122.json
View File

@ -84,6 +84,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3157"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3598-1",
"refsource" : "UBUNTU",

5
2018/1000xxx/CVE-2018-1000301.json
View File

@ -90,6 +90,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3157"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3598-2",
"refsource" : "UBUNTU",

2
2018/11xxx/CVE-2018-11693.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service."
"value" : "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service."
}
]
},

2
2018/11xxx/CVE-2018-11694.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
"value" : "An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
}
]
},

2
2018/11xxx/CVE-2018-11695.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LibSaas through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
"value" : "An issue was discovered in LibSass through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
}
]
},

2
2018/11xxx/CVE-2018-11696.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
"value" : "An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact."
}
]
},

2
2018/11xxx/CVE-2018-11698.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service."
"value" : "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service."
}
]
},

5
2018/11xxx/CVE-2018-11763.json
View File

@ -58,6 +58,11 @@
"refsource" : "CONFIRM",
"url" : "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3783-1",
"refsource" : "UBUNTU",

5
2018/11xxx/CVE-2018-11777.json
View File

@ -56,6 +56,11 @@
"name" : "https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E",
"refsource" : "MISC",
"url" : "https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E"
},
{
"name" : "105886",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105886"
}
]
}

5
2018/12xxx/CVE-2018-12361.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12367.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1462891",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12376.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1469309%2C1469914%2C1450989%2C1480092%2C1480517%2C1481093%2C1478575%2C1471953%2C1473161%2C1466991%2C1468738%2C1483120%2C1467363%2C1472925%2C1466577%2C1467889%2C1480521%2C1478849",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12377.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1470260",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12378.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1459383",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12379.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1473113",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12383.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1475775",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12385.json
View File

@ -75,6 +75,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1490585",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12891.json
View File

@ -57,6 +57,11 @@
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/27/10"
},
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-264.html",
"refsource" : "CONFIRM",

5
2018/12xxx/CVE-2018-12893.json
View File

@ -57,6 +57,11 @@
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2018/06/27/11"
},
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-265.html",
"refsource" : "CONFIRM",

5
2018/14xxx/CVE-2018-14618.json
View File

@ -90,6 +90,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4286"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "USN-3765-1",
"refsource" : "UBUNTU",

100
2018/15xxx/CVE-2018-15452.json
View File

@ -1,18 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15452",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-10-29T16:00:00-0500",
"ID": "CVE-2018-15452",
"STATE": "PUBLIC",
"TITLE": "Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AMP for Endpoints ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the attacker would need to have administrative credentials on the Windows system.\nThe vulnerability is due to the improper validation of resources loaded by a system process at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. A successful exploit could allow the attacker to disable the targeted system's scanning services and ultimately prevent the system from being protected from further intrusion.\nThere are no workarounds that address this vulnerability.\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181029-amp-dll"
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\n"
}
],
"impact": {
"cvss": {
"baseScore": "6.7",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\n",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20181029 Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181029-amp-dll"
}
]
},
"source": {
"advisory": "cisco-sa-20181029-amp-dll",
"defect": [
[
"CSCvm93525"
]
],
"discovery": "INTERNAL"
}
}

5
2018/15xxx/CVE-2018-15469.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-268.html",
"refsource" : "MISC",

5
2018/15xxx/CVE-2018-15470.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name" : "http://xenbits.xen.org/xsa/advisory-272.html",
"refsource" : "MISC",

5
2018/15xxx/CVE-2018-15686.json
View File

@ -92,6 +92,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201810-10"
},
{
"name" : "USN-3816-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3816-1/"
},
{
"name" : "105747",
"refsource" : "BID",

5
2018/15xxx/CVE-2018-15687.json
View File

@ -92,6 +92,11 @@
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201810-10"
},
{
"name" : "USN-3816-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3816-1/"
},
{
"name" : "105748",
"refsource" : "BID",

84
2018/15xxx/CVE-2018-15771.json
View File

@ -1,18 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15771",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2018-11-09T05:00:00.000Z",
"ID": "CVE-2018-15771",
"STATE": "PUBLIC",
"TITLE": "Dell EMC RecoverPoint Information Disclosure Vulnerability"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC RecoverPoint",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "5.1.2.1"
}
]
}
},
{
"product_name": "Dell EMC RecoverPoint Virtual Machine (VM)",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "5.2.0.2"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2018/Nov/34"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

84
2018/15xxx/CVE-2018-15772.json
View File

@ -1,18 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15772",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2018-11-09T05:00:00.000Z",
"ID": "CVE-2018-15772",
"STATE": "PUBLIC",
"TITLE": "Dell EMC RecoverPoint Uncontrolled Resource Consumption Vulnerability"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell EMC RecoverPoint",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "5.1.2.1"
}
]
}
},
{
"product_name": "Dell EMC RecoverPoint Virtual Machine (VM)",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "5.2.0.2"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "uncontrolled resource consumption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"url": "https://seclists.org/fulldisclosure/2018/Nov/34"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

90
2018/15xxx/CVE-2018-15795.json
View File

@ -1,18 +1,84 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15795",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2018-11-09T08:00:00.000Z",
"ID": "CVE-2018-15795",
"STATE": "PUBLIC",
"TITLE": "CredHub Service Broker uses guessable client secret"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CredHub Service Broker",
"version": {
"version_data": [
{
"affected": "<",
"version_name": "all versions",
"version_value": "1.1.0"
}
]
}
}
]
},
"vendor_name": "Pivotal Cloud Foundry"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Predictability problems"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2018-15795"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}

5
2018/16xxx/CVE-2018-16837.json
View File

@ -62,6 +62,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837",
"refsource" : "CONFIRM",

5
2018/17xxx/CVE-2018-17456.json
View File

@ -97,6 +97,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name" : "RHSA-2018:3541",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3541"
},
{
"name" : "USN-3791-1",
"refsource" : "UBUNTU",

5
2018/18xxx/CVE-2018-18025.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1335",
"refsource" : "MISC",

10
2018/18xxx/CVE-2018-18584.json
View File

@ -76,6 +76,16 @@
"name" : "https://www.openwall.com/lists/oss-security/2018/10/22/1",
"refsource" : "MISC",
"url" : "https://www.openwall.com/lists/oss-security/2018/10/22/1"
},
{
"name" : "USN-3814-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3814-1/"
},
{
"name" : "USN-3814-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3814-2/"
}
]
}

10
2018/18xxx/CVE-2018-18585.json
View File

@ -71,6 +71,16 @@
"name" : "https://www.openwall.com/lists/oss-security/2018/10/22/1",
"refsource" : "MISC",
"url" : "https://www.openwall.com/lists/oss-security/2018/10/22/1"
},
{
"name" : "USN-3814-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3814-1/"
},
{
"name" : "USN-3814-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3814-2/"
}
]
}

77
2018/18xxx/CVE-2018-18591.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security@microfocus.com",
"DATE_PUBLIC" : "2018-11-12T17:00:00.000Z",
"ID" : "CVE-2018-18591",
"STATE" : "RESERVED"
"STATE" : "PUBLIC",
"TITLE" : "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Micro Focus Service Manager",
"version" : {
"version_data" : [
{
"version_value" : "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51"
}
]
}
}
]
},
"vendor_name" : "Micro Focus"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,8 +36,54 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Unauthorized Disclosure of Data"
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 6.8,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unauthorized Disclosure of Data"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
}
}

5
2018/18xxx/CVE-2018-18751.json
View File

@ -61,6 +61,11 @@
"name" : "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption",
"refsource" : "MISC",
"url" : "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption"
},
{
"name" : "USN-3815-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3815-2/"
}
]
}

18
2018/19xxx/CVE-2018-19201.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19201",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19202.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19202",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

72
2018/19xxx/CVE-2018-19203.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19203",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://en.securitylab.ru/lab/PT-2018-22",
"refsource" : "MISC",
"url" : "http://en.securitylab.ru/lab/PT-2018-22"
},
{
"name" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652",
"refsource" : "MISC",
"url" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652"
},
{
"name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/",
"refsource" : "MISC",
"url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/"
}
]
}
}

72
2018/19xxx/CVE-2018-19204.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19204",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \\Custom Sensors\\EXE directory and execute it by creating EXE/Script Sensor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://en.securitylab.ru/lab/PT-2018-23",
"refsource" : "MISC",
"url" : "http://en.securitylab.ru/lab/PT-2018-23"
},
{
"name" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054",
"refsource" : "MISC",
"url" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054"
},
{
"name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/",
"refsource" : "MISC",
"url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/"
}
]
}
}

67
2018/19xxx/CVE-2018-19205.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19205",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.7",
"refsource" : "MISC",
"url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.7"
},
{
"name" : "https://roundcube.net/news/2018/07/27/update-1.3.7-released",
"refsource" : "MISC",
"url" : "https://roundcube.net/news/2018/07/27/update-1.3.7-released"
}
]
}
}

67
2018/19xxx/CVE-2018-19206.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19206",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.8",
"refsource" : "MISC",
"url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.8"
},
{
"name" : "https://roundcube.net/news/2018/10/26/update-1.3.8-released",
"refsource" : "MISC",
"url" : "https://roundcube.net/news/2018/10/26/update-1.3.8-released"
}
]
}
}

67
2018/19xxx/CVE-2018-19207.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19207",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://wordpress.org/plugins/wp-gdpr-compliance/#developers",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/wp-gdpr-compliance/#developers"
},
{
"name" : "https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/",
"refsource" : "MISC",
"url" : "https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/"
}
]
}
}

62
2018/19xxx/CVE-2018-19208.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19208",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643752",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643752"
}
]
}
}

62
2018/19xxx/CVE-2018-19209.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19209",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392522",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392522"
}
]
}
}

62
2018/19xxx/CVE-2018-19210.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19210",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2820",
"refsource" : "MISC",
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2820"
}
]
}
}

62
2018/19xxx/CVE-2018-19211.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19211",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643754",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643754"
}
]
}
}

62
2018/19xxx/CVE-2018-19212.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19212",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1644196",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
}
]
}
}

62
2018/19xxx/CVE-2018-19213.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19213",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392524",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392524"
}
]
}
}

67
2018/19xxx/CVE-2018-19214.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19214",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392521",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392521"
},
{
"name" : "https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354",
"refsource" : "MISC",
"url" : "https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354"
}
]
}
}

67
2018/19xxx/CVE-2018-19215.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19215",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392525",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392525"
},
{
"name" : "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f",
"refsource" : "MISC",
"url" : "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f"
}
]
}
}

67
2018/19xxx/CVE-2018-19216.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19216",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392425",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392425"
},
{
"name" : "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f",
"refsource" : "MISC",
"url" : "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f"
}
]
}
}

62
2018/19xxx/CVE-2018-19217.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19217",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ncurses 6.1, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643753",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643753"
}
]
}
}

62
2018/19xxx/CVE-2018-19218.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19218",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parse_css_variable_value_token that will lead to a DoS attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643758",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643758"
}
]
}
}

62
2018/19xxx/CVE-2018-19219.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19219",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643760",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1643760"
}
]
}
}

62
2018/19xxx/CVE-2018-19220.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19220",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#getshell",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#getshell"
}
]
}
}

62
2018/19xxx/CVE-2018-19221.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19221",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#sql-injection",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#sql-injection"
}
]
}
}

62
2018/19xxx/CVE-2018-19222.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19222",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#reset-admin-password",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#reset-admin-password"
}
]
}
}

62
2018/19xxx/CVE-2018-19223.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19223",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#xss2",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#xss2"
}
]
}
}

62
2018/19xxx/CVE-2018-19224.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19224",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#unauthorized-access",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#unauthorized-access"
}
]
}
}

62
2018/19xxx/CVE-2018-19225.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19225",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#csrf",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#csrf"
}
]
}
}

62
2018/19xxx/CVE-2018-19226.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19226",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#info_exp",
"refsource" : "MISC",
"url" : "https://github.com/AvaterXXX/laobanCMS/blob/master/1.md#info_exp"
}
]
}
}

Some files were not shown because too many files have changed in this diff Show More