admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-11-12 11:04:51 -05:00
parent 40a71db1e7
commit eea6ff211c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 326 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2018/19xxx/CVE-2018-19201.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19201",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/19xxx/CVE-2018-19202.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19202",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

72
2018/19xxx/CVE-2018-19203.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19203",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://en.securitylab.ru/lab/PT-2018-22",
"refsource" : "MISC",
"url" : "http://en.securitylab.ru/lab/PT-2018-22"
},
{
"name" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652",
"refsource" : "MISC",
"url" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652"
},
{
"name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/",
"refsource" : "MISC",
"url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/"
}
]
}
}

72
2018/19xxx/CVE-2018-19204.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19204",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \\Custom Sensors\\EXE directory and execute it by creating EXE/Script Sensor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://en.securitylab.ru/lab/PT-2018-23",
"refsource" : "MISC",
"url" : "http://en.securitylab.ru/lab/PT-2018-23"
},
{
"name" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054",
"refsource" : "MISC",
"url" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054"
},
{
"name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/",
"refsource" : "MISC",
"url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/"
}
]
}
}

82
2018/1xxx/CVE-2018-1786.json
View File

@ -1,37 +1,9 @@
{
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2018-1786",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-11-08T00:00:00"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"C" : "N",
"AV" : "N",
"PR" : "N",
"UI" : "N",
"AC" : "L",
"I" : "N",
"SCORE" : "5.300",
"A" : "L",
"S" : "U"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871.",
"lang" : "eng"
}
]
"DATE_PUBLIC" : "2018-11-08T00:00:00",
"ID" : "CVE-2018-1786",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
@ -59,15 +31,44 @@
]
}
},
"data_type" : "CVE",
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID: 148871."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "N",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
@ -76,18 +77,15 @@
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738765",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 738765 (Spectrum Protect)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738765",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738765"
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738765"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148871",
"name" : "ibm-tivoli-cve20181786-dos (148871)",
"name" : "ibm-tivoli-cve20181786-dos(148871)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/148871"
}
]
},
"data_version" : "4.0"
}
}

114
2018/1xxx/CVE-2018-1798.json
View File

@ -1,52 +1,10 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 149428.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
},
"BM" : {
"PR" : "N",
"AV" : "N",
"C" : "L",
"S" : "C",
"SCORE" : "6.100",
"A" : "N",
"I" : "L",
"UI" : "R",
"AC" : "L"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-11-08T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-11-08T00:00:00",
"ID" : "CVE-2018-1798",
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
@ -54,6 +12,7 @@
"product" : {
"product_data" : [
{
"product_name" : "WebSphere Application Server",
"version" : {
"version_data" : [
{
@ -69,8 +28,7 @@
"version_value" : "9.0"
}
]
},
"product_name" : "WebSphere Application Server"
}
}
]
},
@ -79,21 +37,61 @@
]
}
},
"references" : {
"reference_data" : [
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 730703 (WebSphere Application Server)",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10730703",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10730703"
},
{
"name" : "ibm-websphere-cve20181798-xss (149428)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/149428",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
"lang" : "eng",
"value" : "IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 149428."
}
]
},
"data_version" : "4.0"
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "N",
"S" : "C",
"SCORE" : "6.100",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10730703",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10730703"
},
{
"name" : "ibm-websphere-cve20181798-xss(149428)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/149428"
}
]
}
}

102
2018/1xxx/CVE-2018-1884.json
View File

@ -1,60 +1,14 @@
{
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10737897",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10737897",
"title" : "IBM Security Bulletin 737897 (Case Manager)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-case-cve20181884-code-exec (151970)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151970",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2018-11-08T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-11-08T00:00:00",
"ID" : "CVE-2018-1884",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AC" : "L",
"UI" : "R",
"S" : "U",
"A" : "L",
"SCORE" : "4.800",
"I" : "L",
"C" : "L",
"AV" : "L",
"PR" : "L"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerabile to a \"zip slip\" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
@ -83,23 +37,67 @@
}
}
]
}
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerabile to a \"zip slip\" vulnerability which could allow a remote attacker to execute code using directory traversal techniques. IBM X-Force ID: 151970."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "L",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "U",
"SCORE" : "4.800",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE"
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10737897",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10737897"
},
{
"name" : "ibm-case-cve20181884-code-exec(151970)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151970"
}
]
}
}