From 0d65f26750851ea13ef1200c4d64083dfe7843c6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 1 Aug 2019 13:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/20xxx/CVE-2018-20873.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20874.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20875.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20876.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20877.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20878.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20879.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20880.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20881.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20882.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20883.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20884.json | 62 +++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20885.json | 62 +++++++++++++++++++++++++++++ 2019/10xxx/CVE-2019-10979.json | 5 +++ 2019/13xxx/CVE-2019-13584.json | 5 +++ 2019/13xxx/CVE-2019-13585.json | 5 +++ 2019/14xxx/CVE-2019-14332.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14333.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14334.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14336.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14337.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14338.json | 72 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14468.json | 62 +++++++++++++++++++++++++++++ 23 files changed, 1315 insertions(+) create mode 100644 2018/20xxx/CVE-2018-20873.json create mode 100644 2018/20xxx/CVE-2018-20874.json create mode 100644 2018/20xxx/CVE-2018-20875.json create mode 100644 2018/20xxx/CVE-2018-20876.json create mode 100644 2018/20xxx/CVE-2018-20877.json create mode 100644 2018/20xxx/CVE-2018-20878.json create mode 100644 2018/20xxx/CVE-2018-20879.json create mode 100644 2018/20xxx/CVE-2018-20880.json create mode 100644 2018/20xxx/CVE-2018-20881.json create mode 100644 2018/20xxx/CVE-2018-20882.json create mode 100644 2018/20xxx/CVE-2018-20883.json create mode 100644 2018/20xxx/CVE-2018-20884.json create mode 100644 2018/20xxx/CVE-2018-20885.json create mode 100644 2019/14xxx/CVE-2019-14332.json create mode 100644 2019/14xxx/CVE-2019-14333.json create mode 100644 2019/14xxx/CVE-2019-14334.json create mode 100644 2019/14xxx/CVE-2019-14336.json create mode 100644 2019/14xxx/CVE-2019-14337.json create mode 100644 2019/14xxx/CVE-2019-14338.json create mode 100644 2019/14xxx/CVE-2019-14468.json diff --git a/2018/20xxx/CVE-2018-20873.json b/2018/20xxx/CVE-2018-20873.json new file mode 100644 index 00000000000..19ff99e349d --- /dev/null +++ b/2018/20xxx/CVE-2018-20873.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20873", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20874.json b/2018/20xxx/CVE-2018-20874.json new file mode 100644 index 00000000000..6ad24fe2744 --- /dev/null +++ b/2018/20xxx/CVE-2018-20874.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows self XSS in the WHM \"Create a New Account\" interface (SEC-428)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20875.json b/2018/20xxx/CVE-2018-20875.json new file mode 100644 index 00000000000..a56a22ea5be --- /dev/null +++ b/2018/20xxx/CVE-2018-20875.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows self XSS in the WHM Security Questions interface (SEC-433)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20876.json b/2018/20xxx/CVE-2018-20876.json new file mode 100644 index 00000000000..7b2613d87e6 --- /dev/null +++ b/2018/20xxx/CVE-2018-20876.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows self XSS in the Site Software Moderation interface (SEC-434)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20877.json b/2018/20xxx/CVE-2018-20877.json new file mode 100644 index 00000000000..5934c85c992 --- /dev/null +++ b/2018/20xxx/CVE-2018-20877.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows self XSS in WHM Style Upload interface (SEC-437)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20878.json b/2018/20xxx/CVE-2018-20878.json new file mode 100644 index 00000000000..b2e2b25f0da --- /dev/null +++ b/2018/20xxx/CVE-2018-20878.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows stored XSS in WHM \"File and Directory Restoration\" interface (SEC-441)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20879.json b/2018/20xxx/CVE-2018-20879.json new file mode 100644 index 00000000000..240eba75250 --- /dev/null +++ b/2018/20xxx/CVE-2018-20879.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows demo accounts to execute arbitrary code via the Fileman::viewfile API (SEC-444)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20880.json b/2018/20xxx/CVE-2018-20880.json new file mode 100644 index 00000000000..1bcd3a01209 --- /dev/null +++ b/2018/20xxx/CVE-2018-20880.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20880", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20881.json b/2018/20xxx/CVE-2018-20881.json new file mode 100644 index 00000000000..e99b9c731db --- /dev/null +++ b/2018/20xxx/CVE-2018-20881.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20881", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows self stored XSS on the Security Questions login page (SEC-446)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20882.json b/2018/20xxx/CVE-2018-20882.json new file mode 100644 index 00000000000..87c9d49989d --- /dev/null +++ b/2018/20xxx/CVE-2018-20882.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20882", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change (SEC-447)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20883.json b/2018/20xxx/CVE-2018-20883.json new file mode 100644 index 00000000000..2c5ea39b531 --- /dev/null +++ b/2018/20xxx/CVE-2018-20883.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20883", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.8 allows FTP access during account suspension (SEC-449)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20884.json b/2018/20xxx/CVE-2018-20884.json new file mode 100644 index 00000000000..1e33dcee5d7 --- /dev/null +++ b/2018/20xxx/CVE-2018-20884.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface (SEC-367)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20885.json b/2018/20xxx/CVE-2018-20885.json new file mode 100644 index 00000000000..5bd737ec0c5 --- /dev/null +++ b/2018/20xxx/CVE-2018-20885.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation (SEC-416)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/74+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/74+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10979.json b/2019/10xxx/CVE-2019-10979.json index f64b25d8ada..c1626e19df6 100644 --- a/2019/10xxx/CVE-2019-10979.json +++ b/2019/10xxx/CVE-2019-10979.json @@ -53,6 +53,11 @@ "refsource": "MISC", "name": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-04" + }, + { + "refsource": "CONFIRM", + "name": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories", + "url": "https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories" } ] }, diff --git a/2019/13xxx/CVE-2019-13584.json b/2019/13xxx/CVE-2019-13584.json index c7f4d7bb886..c9316ffb202 100644 --- a/2019/13xxx/CVE-2019-13584.json +++ b/2019/13xxx/CVE-2019-13584.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/153672/FANUC-Robotics-Virtual-Robot-Controller-8.23-Path-Traversal.html", "url": "http://packetstormsecurity.com/files/153672/FANUC-Robotics-Virtual-Robot-Controller-8.23-Path-Traversal.html" + }, + { + "refsource": "MISC", + "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-025.txt", + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-025.txt" } ] } diff --git a/2019/13xxx/CVE-2019-13585.json b/2019/13xxx/CVE-2019-13585.json index 324cf6e153c..0cda279196c 100644 --- a/2019/13xxx/CVE-2019-13585.json +++ b/2019/13xxx/CVE-2019-13585.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/153671/FANUC-Robotics-Virtual-Robot-Controller-8.23-Buffer-Overflow.html", "url": "http://packetstormsecurity.com/files/153671/FANUC-Robotics-Virtual-Robot-Controller-8.23-Buffer-Overflow.html" + }, + { + "refsource": "MISC", + "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-024.txt", + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-024.txt" } ] } diff --git a/2019/14xxx/CVE-2019-14332.json b/2019/14xxx/CVE-2019-14332.json new file mode 100644 index 00000000000..985ba6369df --- /dev/null +++ b/2019/14xxx/CVE-2019-14332.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14332", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is use of weak ciphers for SSH such as diffie-hellman-group1-sha1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14333.json b/2019/14xxx/CVE-2019-14333.json new file mode 100644 index 00000000000..8852e567ce3 --- /dev/null +++ b/2019/14xxx/CVE-2019-14333.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a pre-authenticated denial of service attack against the access point via a long action parameter to admin.cgi." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14334.json b/2019/14xxx/CVE-2019-14334.json new file mode 100644 index 00000000000..aa15e37be3e --- /dev/null +++ b/2019/14xxx/CVE-2019-14334.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14334", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14336.json b/2019/14xxx/CVE-2019-14336.json new file mode 100644 index 00000000000..d6043c4652a --- /dev/null +++ b/2019/14xxx/CVE-2019-14336.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated dump of all of the config files through a certain admin.cgi?action= insecure HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14337.json b/2019/14xxx/CVE-2019-14337.json new file mode 100644 index 00000000000..f5fe545ac58 --- /dev/null +++ b/2019/14xxx/CVE-2019-14337.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14337", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the `/bin/sh -c wget` sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14338.json b/2019/14xxx/CVE-2019-14338.json new file mode 100644 index 00000000000..16e49791607 --- /dev/null +++ b/2019/14xxx/CVE-2019-14338.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is a post-authentication admin.cgi?action= XSS vulnerability on the management interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://us.dlink.com/en/security-advisory", + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory" + }, + { + "url": "https://www.dlink.com/en/security-bulletin", + "refsource": "MISC", + "name": "https://www.dlink.com/en/security-bulletin" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153840/D-Link-6600-AP-XSS-DoS-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14468.json b/2019/14xxx/CVE-2019-14468.json new file mode 100644 index 00000000000..5c69c620605 --- /dev/null +++ b/2019/14xxx/CVE-2019-14468.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14468", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/open-cobol/bugs/581/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/open-cobol/bugs/581/" + } + ] + } +} \ No newline at end of file