admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 22:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-03-12 17:40:02 -04:00
parent 7289e5e5ab
commit 1aa3929c0e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 641 additions and 534 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
2019/5xxx/CVE-2019-5917.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5917", "ID" : "CVE-2019-5917",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "Microsoft",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://github.com/Azure/azure-umqtt-c",
"refsource" : "MISC",
"url" : "https://github.com/Azure/azure-umqtt-c" "url" : "https://github.com/Azure/azure-umqtt-c"
}, },
{ {
"name" : "JVN#05875753",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN05875753/index.html" "url" : "http://jvn.jp/en/jp/JVN05875753/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5918.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5918", "ID" : "CVE-2019-5918",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "TIS Inc.",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "TIS Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295",
"refsource" : "MISC",
"url" : "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295" "url" : "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
}, },
{ {
"name" : "JVN#56542712",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN56542712/index.html" "url" : "http://jvn.jp/en/jp/JVN56542712/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5919.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5919", "ID" : "CVE-2019-5919",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "TIS Inc.",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "TIS Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://nablarch.atlassian.net/browse/NAB-313",
"refsource" : "MISC",
"url" : "https://nablarch.atlassian.net/browse/NAB-313" "url" : "https://nablarch.atlassian.net/browse/NAB-313"
}, },
{ {
"name" : "JVN#56542712",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN56542712/index.html" "url" : "http://jvn.jp/en/jp/JVN56542712/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5920.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5920", "ID" : "CVE-2019-5920",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "nCrafts",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "nCrafts"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://wordpress.org/plugins/formcraft-form-builder/#developers",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/formcraft-form-builder/#developers" "url" : "https://wordpress.org/plugins/formcraft-form-builder/#developers"
}, },
{ {
"name" : "JVN#83501605",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN83501605/index.html" "url" : "http://jvn.jp/en/jp/JVN83501605/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
} }
} }

34
2019/5xxx/CVE-2019-5921.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5921", "ID" : "CVE-2019-5921",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "Microsoft",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,10 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"url": "https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/" "name" : "JVN#69181574",
}, "refsource" : "JVN",
{
"url" : "http://jvn.jp/en/jp/JVN69181574/index.html" "url" : "http://jvn.jp/en/jp/JVN69181574/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
} }
} }

34
2019/5xxx/CVE-2019-5922.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5922", "ID" : "CVE-2019-5922",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "Microsoft",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,10 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"url": "https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/" "name" : "JVN#79543573",
}, "refsource" : "JVN",
{
"url" : "http://jvn.jp/en/jp/JVN79543573/index.html" "url" : "http://jvn.jp/en/jp/JVN79543573/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5923.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5923", "ID" : "CVE-2019-5923",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "iChain, Inc.",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "iChain, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://www.ichain.co.jp/security20190311.html",
"refsource" : "MISC",
"url" : "https://www.ichain.co.jp/security20190311.html" "url" : "https://www.ichain.co.jp/security20190311.html"
}, },
{ {
"name" : "JVN#11622218",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN11622218/index.html" "url" : "http://jvn.jp/en/jp/JVN11622218/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5924.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5924", "ID" : "CVE-2019-5924",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "RedNao",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "RedNao"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://wordpress.org/plugins/smart-forms/#developers",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/smart-forms/#developers" "url" : "https://wordpress.org/plugins/smart-forms/#developers"
}, },
{ {
"name" : "JVN#97656108",
"refsource" : "JVN",
"url" : "http://jvn.jp/jp/JVN97656108/index.html" "url" : "http://jvn.jp/jp/JVN97656108/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
} }
} }

33
2019/5xxx/CVE-2019-5925.json
View File

@ -1,16 +1,13 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5925", "ID" : "CVE-2019-5925",
"ASSIGNER": "vultures@jpcert.or.jp" "STATE" : "PUBLIC"
}, },
"affects" : { "affects" : {
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "Security Roots Ltd",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -24,11 +21,23 @@
} }
} }
] ]
} },
"vendor_name" : "Security Roots Ltd"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : { "problemtype" : {
"problemtype_data" : [ "problemtype_data" : [
{ {
@ -44,19 +53,15 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://dradisframework.com/ce/security_reports.html#fixed-3.11.1",
"refsource" : "MISC",
"url" : "https://dradisframework.com/ce/security_reports.html#fixed-3.11.1" "url" : "https://dradisframework.com/ce/security_reports.html#fixed-3.11.1"
}, },
{ {
"name" : "JVN#40288903",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN40288903/index.html" "url" : "http://jvn.jp/en/jp/JVN40288903/index.html"
} }
] ]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
} }
} }

18
2019/9xxx/CVE-2019-9726.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9726",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9727.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9727",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9728.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9728",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9729.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9729",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}