From 0f995940a49c77f15e16e6bdf2c486ceea1e7975 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 2 Aug 2019 14:00:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/18xxx/CVE-2017-18392.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18393.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18394.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18395.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18396.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18397.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18398.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18399.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18400.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18401.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18402.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18403.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18404.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18405.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18406.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18407.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18408.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18409.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18410.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18411.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18412.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18413.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18414.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18415.json | 62 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18416.json | 62 ++++++++++++++++++++++++++++++++++ 2019/10xxx/CVE-2019-10171.json | 5 +-- 2019/10xxx/CVE-2019-10938.json | 38 +++++++++++---------- 2019/14xxx/CVE-2019-14528.json | 62 ++++++++++++++++++++++++++++++++++ 2019/14xxx/CVE-2019-14529.json | 62 ++++++++++++++++++++++++++++++++++ 29 files changed, 1697 insertions(+), 20 deletions(-) create mode 100644 2017/18xxx/CVE-2017-18392.json create mode 100644 2017/18xxx/CVE-2017-18393.json create mode 100644 2017/18xxx/CVE-2017-18394.json create mode 100644 2017/18xxx/CVE-2017-18395.json create mode 100644 2017/18xxx/CVE-2017-18396.json create mode 100644 2017/18xxx/CVE-2017-18397.json create mode 100644 2017/18xxx/CVE-2017-18398.json create mode 100644 2017/18xxx/CVE-2017-18399.json create mode 100644 2017/18xxx/CVE-2017-18400.json create mode 100644 2017/18xxx/CVE-2017-18401.json create mode 100644 2017/18xxx/CVE-2017-18402.json create mode 100644 2017/18xxx/CVE-2017-18403.json create mode 100644 2017/18xxx/CVE-2017-18404.json create mode 100644 2017/18xxx/CVE-2017-18405.json create mode 100644 2017/18xxx/CVE-2017-18406.json create mode 100644 2017/18xxx/CVE-2017-18407.json create mode 100644 2017/18xxx/CVE-2017-18408.json create mode 100644 2017/18xxx/CVE-2017-18409.json create mode 100644 2017/18xxx/CVE-2017-18410.json create mode 100644 2017/18xxx/CVE-2017-18411.json create mode 100644 2017/18xxx/CVE-2017-18412.json create mode 100644 2017/18xxx/CVE-2017-18413.json create mode 100644 2017/18xxx/CVE-2017-18414.json create mode 100644 2017/18xxx/CVE-2017-18415.json create mode 100644 2017/18xxx/CVE-2017-18416.json create mode 100644 2019/14xxx/CVE-2019-14528.json create mode 100644 2019/14xxx/CVE-2019-14529.json diff --git a/2017/18xxx/CVE-2017-18392.json b/2017/18xxx/CVE-2017-18392.json new file mode 100644 index 00000000000..5d3f2a82342 --- /dev/null +++ b/2017/18xxx/CVE-2017-18392.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18392", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts (SEC-325)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18393.json b/2017/18xxx/CVE-2017-18393.json new file mode 100644 index 00000000000..3b2119eff14 --- /dev/null +++ b/2017/18xxx/CVE-2017-18393.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 does not block a username of postmaster, which might allow reception of private e-mail (SEC-326)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18394.json b/2017/18xxx/CVE-2017-18394.json new file mode 100644 index 00000000000..641186d0185 --- /dev/null +++ b/2017/18xxx/CVE-2017-18394.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 does not have a sufficient list of reserved usernames (SEC-327)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18395.json b/2017/18xxx/CVE-2017-18395.json new file mode 100644 index 00000000000..1668f8a4c23 --- /dev/null +++ b/2017/18xxx/CVE-2017-18395.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18395", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 does not block a username of ssl (SEC-328)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18396.json b/2017/18xxx/CVE-2017-18396.json new file mode 100644 index 00000000000..452a9316f76 --- /dev/null +++ b/2017/18xxx/CVE-2017-18396.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows arbitrary file-read operations via Exim vdomainaliases (SEC-329)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18397.json b/2017/18xxx/CVE-2017-18397.json new file mode 100644 index 00000000000..4541d7322e6 --- /dev/null +++ b/2017/18xxx/CVE-2017-18397.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 does not preserve permissions for local backup transport (SEC-330)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18398.json b/2017/18xxx/CVE-2017-18398.json new file mode 100644 index 00000000000..f9becf45fb0 --- /dev/null +++ b/2017/18xxx/CVE-2017-18398.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DnsUtils in cPanel before 68.0.15 allows zone creation for hostname and account subdomains (SEC-331)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18399.json b/2017/18xxx/CVE-2017-18399.json new file mode 100644 index 00000000000..adf802f031e --- /dev/null +++ b/2017/18xxx/CVE-2017-18399.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18399", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer (SEC-332)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18400.json b/2017/18xxx/CVE-2017-18400.json new file mode 100644 index 00000000000..e938622d223 --- /dev/null +++ b/2017/18xxx/CVE-2017-18400.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18401.json b/2017/18xxx/CVE-2017-18401.json new file mode 100644 index 00000000000..dcab090a830 --- /dev/null +++ b/2017/18xxx/CVE-2017-18401.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats (SEC-334)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18402.json b/2017/18xxx/CVE-2017-18402.json new file mode 100644 index 00000000000..215521f25ab --- /dev/null +++ b/2017/18xxx/CVE-2017-18402.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows stored XSS during a cpaddons moderated upgrade (SEC-336)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18403.json b/2017/18xxx/CVE-2017-18403.json new file mode 100644 index 00000000000..67f65e038f0 --- /dev/null +++ b/2017/18xxx/CVE-2017-18403.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows code execution in the context of the nobody account via Mailman archives (SEC-337)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18404.json b/2017/18xxx/CVE-2017-18404.json new file mode 100644 index 00000000000..26c88cc2008 --- /dev/null +++ b/2017/18xxx/CVE-2017-18404.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD (SEC-341)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18405.json b/2017/18xxx/CVE-2017-18405.json new file mode 100644 index 00000000000..aa519721031 --- /dev/null +++ b/2017/18xxx/CVE-2017-18405.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 68.0.15 allows arbitrary file-read operations because of the backup .htaccess modification logic (SEC-345)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18406.json b/2017/18xxx/CVE-2017-18406.json new file mode 100644 index 00000000000..f3c0c624efb --- /dev/null +++ b/2017/18xxx/CVE-2017-18406.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows SQL injection during eximstats processing (SEC-276)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18407.json b/2017/18xxx/CVE-2017-18407.json new file mode 100644 index 00000000000..7d8c7395052 --- /dev/null +++ b/2017/18xxx/CVE-2017-18407.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 does not enforce SSL hostname verification for the support-agreement download (SEC-279)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18408.json b/2017/18xxx/CVE-2017-18408.json new file mode 100644 index 00000000000..ddf28b1cd6a --- /dev/null +++ b/2017/18xxx/CVE-2017-18408.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows stored XSS in WHM MySQL Password Change interfaces (SEC-282)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18409.json b/2017/18xxx/CVE-2017-18409.json new file mode 100644 index 00000000000..be9b344e3f1 --- /dev/null +++ b/2017/18xxx/CVE-2017-18409.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases (SEC-283)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18410.json b/2017/18xxx/CVE-2017-18410.json new file mode 100644 index 00000000000..3811a391a8c --- /dev/null +++ b/2017/18xxx/CVE-2017-18410.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In cPanel before 67.9999.103, a user account's backup archive could contain all MySQL databases on the server (SEC-284)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18411.json b/2017/18xxx/CVE-2017-18411.json new file mode 100644 index 00000000000..04eb040e414 --- /dev/null +++ b/2017/18xxx/CVE-2017-18411.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"addon domain conversion\" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account (SEC-285)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18412.json b/2017/18xxx/CVE-2017-18412.json new file mode 100644 index 00000000000..7149eab51f2 --- /dev/null +++ b/2017/18xxx/CVE-2017-18412.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename (SEC-296)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18413.json b/2017/18xxx/CVE-2017-18413.json new file mode 100644 index 00000000000..b482d35d9b1 --- /dev/null +++ b/2017/18xxx/CVE-2017-18413.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In cPanel before 67.9999.103, the backup system overwrites root's home directory when a mount disappears (SEC-299)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18414.json b/2017/18xxx/CVE-2017-18414.json new file mode 100644 index 00000000000..a7e6b92e14d --- /dev/null +++ b/2017/18xxx/CVE-2017-18414.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18415.json b/2017/18xxx/CVE-2017-18415.json new file mode 100644 index 00000000000..e486c8889bc --- /dev/null +++ b/2017/18xxx/CVE-2017-18415.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows code execution in the context of the mailman account because of incorrect environment-variable filtering (SEC-302)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18416.json b/2017/18xxx/CVE-2017-18416.json new file mode 100644 index 00000000000..6898e8525ed --- /dev/null +++ b/2017/18xxx/CVE-2017-18416.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update (SEC-303)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/68+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/68+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10171.json b/2019/10xxx/CVE-2019-10171.json index 88881248ca5..235a769091b 100644 --- a/2019/10xxx/CVE-2019-10171.json +++ b/2019/10xxx/CVE-2019-10171.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10171", - "ASSIGNER": "mrehak@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -68,4 +69,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10938.json b/2019/10xxx/CVE-2019-10938.json index 8029098923c..5c619e6218b 100644 --- a/2019/10xxx/CVE-2019-10938.json +++ b/2019/10xxx/CVE-2019-10938.json @@ -8,32 +8,33 @@ "data_type": "CVE", "data_version": "4.0", "affects": { - "vendor" : { - "vendor_data" : [ + "vendor": { + "vendor_data": [ { "vendor_name": "Siemens AG", - "product" : { - "product_data" : [ - { + "product": { + "product_data": [ + { "product_name": "Ethernet plug-in communication modules for SIPROTEC 5 devices with CPU variants CP200", - "version" : { - "version_data" : [ + "version": { + "version_data": [ { - "version_value" : "All versions" + "version_value": "All versions" } ] } }, - { + { "product_name": "SIPROTEC 5 devices with CPU variants CP300", - "version" : { - "version_data" : [ + "version": { + "version_data": [ { - "version_value" : "All versions" + "version_value": "All versions" } ] } - } ] + } + ] } } ] @@ -52,10 +53,11 @@ ] }, "references": { - "reference_data": [ + "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf" } ] }, @@ -63,8 +65,8 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Ethernet plug-in communication modules for SIPROTEC 5 devices with CPU variants CP200 (All versions), SIPROTEC 5 devices with CPU variants CP300 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device.\n\nAt the time of advisory publication no public exploitation of this security vulnerability was known." + "value": "A vulnerability has been identified in Ethernet plug-in communication modules for SIPROTEC 5 devices with CPU variants CP200 (All versions), SIPROTEC 5 devices with CPU variants CP300 (All versions). An unauthenticated attacker with network access to the device could potentially insert arbitrary code which is executed before firmware verification in the device." } ] } -} +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14528.json b/2019/14xxx/CVE-2019-14528.json new file mode 100644 index 00000000000..612d53e1951 --- /dev/null +++ b/2019/14xxx/CVE-2019-14528.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/scanner.l via crafted COBOL source code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/p/open-cobol/bugs/583/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/open-cobol/bugs/583/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14529.json b/2019/14xxx/CVE-2019-14529.json new file mode 100644 index 00000000000..d39049c9947 --- /dev/null +++ b/2019/14xxx/CVE-2019-14529.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openemr/openemr/pull/2592", + "refsource": "MISC", + "name": "https://github.com/openemr/openemr/pull/2592" + } + ] + } +} \ No newline at end of file