admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-09 16:04:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-02-19 14:04:58 -05:00
parent 00b26a819c
commit f2aac0cee3
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
31 changed files with 687 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2009/4xxx/CVE-2009-4267.json
View File

@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "The Apache jUDDI console in 3.0.0 did not escape line feeds passed in the numRows parameter. This affected log integrity allowing authenticated users to forge log records. This issue was addressed in jUDDI 3.0.1."
"value" : "The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter."
}
]
},
@ -55,6 +55,9 @@
"reference_data" : [
{
"url" : "http://mail-archives.apache.org/mod_mbox/juddi-user/201802.mbox/raw/%3C0F272EE1-E2B4-4016-8C5D-F76ABDD12D18%40gmail.com%3E"
},
{
"url" : "http://juddi.apache.org/security.html"
}
]
}

49
2010/0xxx/CVE-2010-0109.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0109",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20100420_00"
},
{
"url" : "http://www.securityfocus.com/bid/38410"
}
]
}

49
2011/3xxx/CVE-2011-3477.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3477",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20111109_00"
},
{
"url" : "http://www.securityfocus.com/bid/47822"
}
]
}

2
2012/0xxx/CVE-2012-0759.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
"value" : "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771."
}
]
},

46
2012/0xxx/CVE-2012-0771.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0771",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.adobe.com/support/security/bulletins/apsb12-02.html"
}
]
}

46
2014/3xxx/CVE-2014-3972.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3972",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://fortiguard.com/zeroday/FG-VD-14-004"
}
]
}

49
2015/2xxx/CVE-2015-2324.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2324",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://fortiguard.com/zeroday/FG-VD-15-009"
},
{
"url" : "https://github.com/wp-plugins/photo-gallery/blob/master/readme.txt"
}
]
}

66
2015/9xxx/CVE-2015-9253.json Normal file
View File

@ -0,0 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-9253",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in PHP through 7.2.2. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://bugs.php.net/bug.php?id=70185"
},
{
"url" : "https://bugs.php.net/bug.php?id=75968"
},
{
"url" : "https://www.futureweb.at/Futureweb-OG-php-fpm-master-process-restarts-child-process-in-a_pid,54177,type,firmeninfo.html"
}
]
}
}

9
2016/0xxx/CVE-2016-0420.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/126"
},
{
"url" : "http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html"
},
{
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

9
2016/0xxx/CVE-2016-0421.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/125"
},
{
"url" : "http://packetstormsecurity.com/files/138508/JD-Edwards-9.1-EnterpriseOne-Server-Manager-Shutdown.html"
},
{
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-shutdown"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

9
2016/0xxx/CVE-2016-0422.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/124"
},
{
"url" : "http://packetstormsecurity.com/files/138507/JD-Edwards-9.1-EnterpriseOne-Server-JDENet-Password-Disclosure.html"
},
{
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-password-disclosure"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

9
2016/0xxx/CVE-2016-0423.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/128"
},
{
"url" : "http://packetstormsecurity.com/files/138512/JD-Edwards-9.1-EnterpriseOne-Server-JDENET-Denial-Of-Service.html"
},
{
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-end-file-dos"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

9
2016/0xxx/CVE-2016-0424.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/127"
},
{
"url" : "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html"
},
{
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

6
2016/0xxx/CVE-2016-0425.json
View File

@ -52,6 +52,12 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2016/Aug/129"
},
{
"url" : "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html"
},
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},

3
2016/3xxx/CVE-2016-3436.json
View File

@ -52,6 +52,9 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3436"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},

3
2016/3xxx/CVE-2016-3437.json
View File

@ -52,6 +52,9 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3437"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},

3
2016/3xxx/CVE-2016-3439.json
View File

@ -52,6 +52,9 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://www.onapsis.com/research/security-advisories/oracle-e-business-suite-cross-site-scripting-xss-cve-2016-3439"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},

3
2016/5xxx/CVE-2016-5558.json
View File

@ -55,6 +55,9 @@
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/539731/100/0/threaded"
},
{
"url" : "https://secuniaresearch.flexerasoftware.com/secunia_research/2016-11/"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},

3
2016/5xxx/CVE-2016-5574.json
View File

@ -55,6 +55,9 @@
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/539732/100/0/threaded"
},
{
"url" : "https://secuniaresearch.flexerasoftware.com/secunia_research/2016-12/"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},

3
2016/7xxx/CVE-2016-7210.json
View File

@ -55,6 +55,9 @@
{
"url" : "http://www.securityfocus.com/archive/1/archive/1/539734/100/0/threaded"
},
{
"url" : "https://secuniaresearch.flexerasoftware.com/secunia_research/2016-16/"
},
{
"url" : "http://technet.microsoft.com/security/bulletin/MS16-132"
},

46
2016/9xxx/CVE-2016-9568.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9568",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://labs.nettitude.com/blog/carbon-black-security-advisories-cve-2016-9570-cve-2016-9568-and-cve-2016-9569/"
}
]
}

46
2017/16xxx/CVE-2017-16670.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16670",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://packetstormsecurity.com/files/146339/SoapUI-5.3.0-Code-Execution.html"
}
]
}

46
2017/17xxx/CVE-2017-17101.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-17101",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An issue was discovered in Apexis APM-H803-MPC software, as used with many different models of IP Camera. An unprotected CGI method inside the web application permits an unauthenticated user to bypass the login screen and access the webcam contents including: live video stream, configuration files with all the passwords, system information, and much more. With this vulnerability, anyone can access to a vulnerable webcam with 'super admin' privilege."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://youtu.be/B75C13Zw35Y"
}
]
}

3
2017/3xxx/CVE-2017-3241.json
View File

@ -81,6 +81,9 @@
{
"url" : "https://www.exploit-db.com/exploits/41145/"
},
{
"url" : "https://erpscan.com/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},

3
2017/3xxx/CVE-2017-3300.json
View File

@ -55,6 +55,9 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://erpscan.com/advisories/erpscan-17-005-oracle-peoplesoft-xss-vulnerability/"
},
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},

55
2017/7xxx/CVE-2017-7375.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7375",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,35 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1462203"
},
{
"url" : "https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e"
},
{
"url" : "https://source.android.com/security/bulletin/2017-06-01"
}
]
}

55
2017/7xxx/CVE-2017-7376.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7376",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,35 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://android.googlesource.com/platform/external/libxml2/+/51e0cb2e5ec18eaf6fb331bc573ff27b743898f4"
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1462216"
},
{
"url" : "https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e"
},
{
"url" : "https://source.android.com/security/bulletin/2017-06-01"
}
]
}

9
2018/6xxx/CVE-2018-6461.json
View File

@ -52,6 +52,15 @@
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2018/Feb/24"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/CVS-SUITE-2009R2-INSECURE-LIBRARY-LOADING-CVE-2018-6461.txt"
},
{
"url" : "http://packetstormsecurity.com/files/146267/WINCVS-2009R2-DLL-Hijacking.html"
},
{
"url" : "http://march-hare.com/cvspro/vulnwincvs.htm"
}

46
2018/6xxx/CVE-2018-6592.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6592",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Unisys Stealth Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=45"
}
]
}

3
2018/6xxx/CVE-2018-6892.json
View File

@ -57,6 +57,9 @@
},
{
"url" : "https://blogs.securiteam.com/index.php/archives/3669"
},
{
"url" : "http://hyp3rlinx.altervista.org/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-OVERFLOW.txt"
}
]
}

18
2018/7xxx/CVE-2018-7248.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7248",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}