Skip to content

Commit

Permalink
- Synchronized data.
Browse files Browse the repository at this point in the history
  • Loading branch information
@cve-team
cve-team committed Dec 14, 2018
1 parent a0b76a3 commit 9fbd19f
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 5 deletions.
2 changes: 1 addition & 1 deletion 2018/15xxx/CVE-2018-15318.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, if an MPTCP connection receives a HUDCTL_ABORT while the initial flow is not the primary flow, the initial flow will remain after the MP_FASTCLOSE procedure is complete. TMM may restart and produce a core file as a result of this condition."
"value" : "In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition."
}
]
},
Expand Down
53 changes: 51 additions & 2 deletions 2018/18xxx/CVE-2018-18006.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18006",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
Expand All @@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20181120 [CVE-2018-18006] Ricoh myPrint - Hardcoded application credentials and information disclosure via WSDL webservices",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/Nov/46"
},
{
"name" : "http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/150399/Ricoh-myPrint-Hardcoded-Credentials-Information-Disclosure.html"
}
]
}
Expand Down
2 changes: 2 additions & 0 deletions 2018/19xxx/CVE-2018-19003.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-04",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-347-04"
}
]
Expand Down
53 changes: 51 additions & 2 deletions 2018/19xxx/CVE-2018-19413.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-19413",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
Expand All @@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A vulnerability in the API of SonarSource SonarQube before 7.4 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application. The vulnerability occurs because of improperly configured access controls that cause the API to return the externalIdentity field to non-administrator users. The attacker could use this information in subsequent attacks against the system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/150496/SonarSource-SonarQube-7.3-Information-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/150496/SonarSource-SonarQube-7.3-Information-Disclosure.html"
},
{
"name" : "https://jira.sonarsource.com/browse/SONAR-11305",
"refsource" : "CONFIRM",
"url" : "https://jira.sonarsource.com/browse/SONAR-11305"
}
]
}
Expand Down

0 comments on commit 9fbd19f

Please sign in to comment.