admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-03-15 16:05:00 -04:00
parent 1743ccd744
commit 13c7fee2d7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 379 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2018/12xxx/CVE-2018-12100.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Sonatype Nexus Repository Manager before 3.12.0 has XSS in multiple areas in the Administration UI."
"value" : "Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI."
}
]
},
@ -66,6 +66,11 @@
"name" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001",
"refsource" : "CONFIRM",
"url" : "https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001"
},
{
"name" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018",
"refsource" : "CONFIRM",
"url" : "https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018"
}
]
}

53
2018/17xxx/CVE-2018-17882.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17882",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code",
"refsource" : "MISC",
"url" : "https://etherscan.io/address/0x4daa9dc438a77bd59e8a43c6d46cbfe84cd04255#code"
},
{
"name" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md",
"refsource" : "MISC",
"url" : "https://github.com/GreenFoxy/Smart-contract-Vulnerabilities/blob/master/BattleToken.md"
}
]
}

53
2018/18xxx/CVE-2018-18205.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18205",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a direct request for /WebContent/startup.tar.gz with userName=admin in a cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.cnvd.org.cn/flaw/show/1420913",
"refsource" : "MISC",
"url" : "http://www.cnvd.org.cn/flaw/show/1420913"
},
{
"name" : "https://github.com/pudding2/CC8800-CMTS",
"refsource" : "MISC",
"url" : "https://github.com/pudding2/CC8800-CMTS"
}
]
}

5
2018/19xxx/CVE-2018-19595.json
View File

@ -56,6 +56,11 @@
"name" : "http://www.ttk7.cn/post-107.html",
"refsource" : "MISC",
"url" : "http://www.ttk7.cn/post-107.html"
},
{
"name" : "https://www.pbootcms.com/changelog.html",
"refsource" : "CONFIRM",
"url" : "https://www.pbootcms.com/changelog.html"
}
]
}

5
2018/20xxx/CVE-2018-20250.json
View File

@ -63,6 +63,11 @@
"refsource" : "MISC",
"url" : "https://research.checkpoint.com/extracting-code-execution-from-winrar/"
},
{
"name" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE",
"refsource" : "MISC",
"url" : "https://github.com/blau72/CVE-2018-20250-WinRAR-ACE"
},
{
"name" : "106948",
"refsource" : "BID",

2
2018/20xxx/CVE-2018-20322.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "LimeSurvey contains an XSS vulnerability while uploading a ZIP file, resulting in JavaScript code execution against LimeSurvey admins."
"value" : "LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6."
}
]
},

5
2018/20xxx/CVE-2018-20342.json
View File

@ -56,6 +56,11 @@
"name" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/",
"refsource" : "MISC",
"url" : "http://neolex-security.fr/article/obtenir-un-shell-root-par-les-ports-uart-sur-une-camera-ip-floureon/"
},
{
"name" : "https://neolex-security.fr/blog/8/",
"refsource" : "MISC",
"url" : "https://neolex-security.fr/blog/8/"
}
]
}

5
2018/20xxx/CVE-2018-20418.json
View File

@ -66,6 +66,11 @@
"name" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting",
"refsource" : "MISC",
"url" : "https://github.com/rdincel1/Craft-CMS-3.0.25---Cross-Site-Scripting"
},
{
"name" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html",
"refsource" : "MISC",
"url" : "https://www.raifberkaydincel.com/craft-cms-3-0-25-cross-site-scripting-vulnerability.html"
}
]
}

18
2018/20xxx/CVE-2018-20806.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20806",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2019/1xxx/CVE-2019-1653.json
View File

@ -72,6 +72,16 @@
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46262/"
},
{
"name" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/",
"refsource" : "MISC",
"url" : "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
},
{
"name" : "https://www.youtube.com/watch?v=bx0RQJDlGbY",
"refsource" : "MISC",
"url" : "https://www.youtube.com/watch?v=bx0RQJDlGbY"
},
{
"name" : "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
"refsource" : "CISCO",

59
2019/5xxx/CVE-2019-5616.json
View File

@ -1,35 +1,11 @@
{
"CVE_data_meta" : {
"ASSIGNER": "cve@rapid7.com",
"ASSIGNER" : "cve@mitre.org",
"DATE_PUBLIC" : "2019-03-12T15:00:00.000Z",
"ID" : "CVE-2019-5616",
"STATE": "PUBLIC",
"STATE" : "RESERVED",
"TITLE" : "CircuitWerkes Sicon-8 Client-Side Authentication Read-Only Bypass"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sicon-8",
"version": {
"version_data": [
{
"version_name": "1.72",
"version_value": "1.72"
}
]
}
}
]
},
"vendor_name": "CircuitWerkes, Inc."
}
]
}
},
"credit" : [
{
"lang" : "eng",
@ -43,7 +19,7 @@
"description_data" : [
{
"lang" : "eng",
"value": "CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser."
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
},
@ -69,35 +45,6 @@
"version" : "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-603"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Use of Client-Side Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/"
}
]
},
"source" : {
"defect" : [
"R7-2019-01"

18
2019/9xxx/CVE-2019-9840.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9840",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}