diff --git a/2018/16xxx/CVE-2018-16249.json b/2018/16xxx/CVE-2018-16249.json index 093a1db6d81..fe59a4306df 100644 --- a/2018/16xxx/CVE-2018-16249.json +++ b/2018/16xxx/CVE-2018-16249.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16249", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Symphony before 3.3.0, there is XSS in the Title under Post. The ID \"articleTitle\" of this is stored in the \"articleTitle\" JSON field, and executes a payload when accessing the /member/test/points URI, allowing remote attacks. Any Web script or HTML can be inserted by an admin-authenticated user via a crafted web site name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/b3log/symphony/issues/729", + "refsource": "MISC", + "name": "https://github.com/b3log/symphony/issues/729" } ] } diff --git a/2018/16xxx/CVE-2018-16250.json b/2018/16xxx/CVE-2018-16250.json index 36ae6df13db..a1384cd4b4a 100644 --- a/2018/16xxx/CVE-2018-16250.json +++ b/2018/16xxx/CVE-2018-16250.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16250", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The \"utilisateur\" menu in Creatiwity wityCMS 0.6.2 modifies the presence of XSS at two input points for user information, with the \"first name\" and \"last name\" parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Creatiwity/wityCMS/issues/156", + "refsource": "MISC", + "name": "https://github.com/Creatiwity/wityCMS/issues/156" } ] } diff --git a/2018/16xxx/CVE-2018-16251.json b/2018/16xxx/CVE-2018-16251.json index d8c36212c97..c08002b360e 100644 --- a/2018/16xxx/CVE-2018-16251.json +++ b/2018/16xxx/CVE-2018-16251.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16251", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A \"search for user discovery\" injection issue exists in Creatiwity wityCMS 0.6.2 via the \"Utilisateur\" menu. No input parameters are filtered, e.g., the /admin/user/users Nickname, email, firstname, lastname, and groupe parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Creatiwity/wityCMS/issues/157", + "refsource": "MISC", + "name": "https://github.com/Creatiwity/wityCMS/issues/157" } ] } diff --git a/2018/16xxx/CVE-2018-16514.json b/2018/16xxx/CVE-2018-16514.json index a4d82750ff3..4af2aaf9283 100644 --- a/2018/16xxx/CVE-2018-16514.json +++ b/2018/16xxx/CVE-2018-16514.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16514", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability in the View Filters page (view_filters_page.php) and Edit Filter page (manage_filter_edit_page.php) in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code (if CSP settings permit it) through a crafted PATH_INFO. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-13055." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://mantisbt.org/bugs/view.php?id=24731", + "refsource": "MISC", + "name": "https://mantisbt.org/bugs/view.php?id=24731" } ] } diff --git a/2018/16xxx/CVE-2018-16553.json b/2018/16xxx/CVE-2018-16553.json index c2132aa338c..94de8885d84 100644 --- a/2018/16xxx/CVE-2018-16553.json +++ b/2018/16xxx/CVE-2018-16553.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16553", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gitee.com/jspxcms/Jspxcms/releases", + "refsource": "MISC", + "name": "https://gitee.com/jspxcms/Jspxcms/releases" + }, + { + "refsource": "MISC", + "name": "http://www.jspxcms.com/jspbb/question/770", + "url": "http://www.jspxcms.com/jspbb/question/770" } ] } diff --git a/2019/11xxx/CVE-2019-11236.json b/2019/11xxx/CVE-2019-11236.json index 966d086e36c..351b2961a75 100644 --- a/2019/11xxx/CVE-2019-11236.json +++ b/2019/11xxx/CVE-2019-11236.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-fbda9f1e49", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190620 [SECURITY] [DLA 1828-1] python-urllib3 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html" } ] } diff --git a/2019/6xxx/CVE-2019-6961.json b/2019/6xxx/CVE-2019-6961.json index 449c170aaf0..5b3cf223581 100644 --- a/2019/6xxx/CVE-2019-6961.json +++ b/2019/6xxx/CVE-2019-6961.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6961", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the page filtering for non-superuser (in header.php) is done only for GET requests and not for direct AJAX calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open", + "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open" } ] } diff --git a/2019/6xxx/CVE-2019-6962.json b/2019/6xxx/CVE-2019-6962.json index 6614efa8a19..0bc1c34cbd1 100644 --- a/2019/6xxx/CVE-2019-6962.json +++ b/2019/6xxx/CVE-2019-6962.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6962", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process (running as root) if the platform was compiled with the ENABLE_FEATURE_MESHWIFI macro. The attack is conducted by changing the Wi-Fi network password to include crafted escape characters. This is related to the WebUI module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open", + "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open" } ] } diff --git a/2019/6xxx/CVE-2019-6963.json b/2019/6xxx/CVE-2019-6963.json index 57259be78e7..c774a9deca9 100644 --- a/2019/6xxx/CVE-2019-6963.json +++ b/2019/6xxx/CVE-2019-6963.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6963", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the \"Comment\" field of an IP reservation form in the admin panel. This is related to the CcspCommonLibrary module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open", + "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open" } ] } diff --git a/2019/6xxx/CVE-2019-6964.json b/2019/6xxx/CVE-2019-6964.json index 3c07d932784..bee615791bd 100644 --- a/2019/6xxx/CVE-2019-6964.json +++ b/2019/6xxx/CVE-2019-6964.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6964", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap-based buffer over-read in Service_SetParamStringValue in cosa_x_cisco_com_ddns_dml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an exactly 64-byte username, password, or domain, for which the buffer size is insufficient for the final '\\0' character. This is related to the CcspCommonLibrary and WebUI modules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open", + "url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/the-gateway-is-wide-open" } ] }