diff --git a/2018/4xxx/CVE-2018-4032.json b/2018/4xxx/CVE-2018-4032.json index d0faff6cd17..0ae8b76ec71 100644 --- a/2018/4xxx/CVE-2018-4032.json +++ b/2018/4xxx/CVE-2018-4032.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4032", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software improperly validates inputs. An attacker with local access could use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0705" } ] } diff --git a/2018/4xxx/CVE-2018-4033.json b/2018/4xxx/CVE-2018-4033.json index e9f6e445ec9..e925de5cb7c 100644 --- a/2018/4xxx/CVE-2018-4033.json +++ b/2018/4xxx/CVE-2018-4033.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4033", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0706" } ] } diff --git a/2018/4xxx/CVE-2018-4034.json b/2018/4xxx/CVE-2018-4034.json index 8ca4c8b1a32..34d8f4419c7 100644 --- a/2018/4xxx/CVE-2018-4034.json +++ b/2018/4xxx/CVE-2018-4034.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4034", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0707" } ] } diff --git a/2018/4xxx/CVE-2018-4035.json b/2018/4xxx/CVE-2018-4035.json index 64a22b86944..62709fce367 100644 --- a/2018/4xxx/CVE-2018-4035.json +++ b/2018/4xxx/CVE-2018-4035.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4035", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0708" } ] } diff --git a/2018/4xxx/CVE-2018-4036.json b/2018/4xxx/CVE-2018-4036.json index 21708b2bf44..47daf5db132 100644 --- a/2018/4xxx/CVE-2018-4036.json +++ b/2018/4xxx/CVE-2018-4036.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4036", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the running kernel extensions on the system." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0709" } ] } diff --git a/2018/4xxx/CVE-2018-4037.json b/2018/4xxx/CVE-2018-4037.json index 6ee66fd00c0..62d3b86a664 100644 --- a/2018/4xxx/CVE-2018-4037.json +++ b/2018/4xxx/CVE-2018-4037.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4037", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access can use this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0710" } ] } diff --git a/2018/4xxx/CVE-2018-4041.json b/2018/4xxx/CVE-2018-4041.json index ca9c2ae8901..344983b4101 100644 --- a/2018/4xxx/CVE-2018-4041.json +++ b/2018/4xxx/CVE-2018-4041.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4041", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0715" } ] } diff --git a/2018/4xxx/CVE-2018-4042.json b/2018/4xxx/CVE-2018-4042.json index 14bd8321697..cb529825c0e 100644 --- a/2018/4xxx/CVE-2018-4042.json +++ b/2018/4xxx/CVE-2018-4042.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4042", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0716" } ] } diff --git a/2018/4xxx/CVE-2018-4043.json b/2018/4xxx/CVE-2018-4043.json index c1f791041ee..5ed84f85a56 100644 --- a/2018/4xxx/CVE-2018-4043.json +++ b/2018/4xxx/CVE-2018-4043.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4043", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0717" } ] } diff --git a/2018/4xxx/CVE-2018-4044.json b/2018/4xxx/CVE-2018-4044.json index eb60ed24bc5..07d4dd039dd 100644 --- a/2018/4xxx/CVE-2018-4044.json +++ b/2018/4xxx/CVE-2018-4044.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4044", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0718" } ] } diff --git a/2018/4xxx/CVE-2018-4045.json b/2018/4xxx/CVE-2018-4045.json index 0993c8c8e31..65102249ab9 100644 --- a/2018/4xxx/CVE-2018-4045.json +++ b/2018/4xxx/CVE-2018-4045.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4045", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0719" } ] } diff --git a/2018/4xxx/CVE-2018-4046.json b/2018/4xxx/CVE-2018-4046.json index 6ba47638648..91440af6f0b 100644 --- a/2018/4xxx/CVE-2018-4046.json +++ b/2018/4xxx/CVE-2018-4046.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4046", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a successful exploit." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0720" } ] } diff --git a/2018/4xxx/CVE-2018-4047.json b/2018/4xxx/CVE-2018-4047.json index 8210cb397c8..442fd63e2be 100644 --- a/2018/4xxx/CVE-2018-4047.json +++ b/2018/4xxx/CVE-2018-4047.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", "ID" : "CVE-2018-4047", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Clean My Mac", + "version" : { + "version_data" : [ + { + "version_value" : "Clean My Mac X 4.04" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Improper Input Validation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0721" } ] }