admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-12-13 22:00:59 +00:00
parent c64b6d3483
commit 1b7d4df04f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 380 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2019/19xxx/CVE-2019-19603.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "SQLite 3.30.1, during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name, as demonstrated by the sqlite_ substring."
"value": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash."
}
]
},
@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.sqlite.org/",
"url": "https://www.sqlite.org/"
},
{
"refsource": "MISC",
"name": "https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13",

5
2019/19xxx/CVE-2019-19646.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.sqlite.org/",
"url": "https://www.sqlite.org/"
},
{
"refsource": "MISC",
"name": "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd",

77
2019/19xxx/CVE-2019-19794.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/miekg/dns/issues/1043",
"refsource": "MISC",
"name": "https://github.com/miekg/dns/issues/1043"
},
{
"url": "https://github.com/coredns/coredns/issues/3519",
"refsource": "MISC",
"name": "https://github.com/coredns/coredns/issues/3519"
},
{
"url": "https://github.com/miekg/dns/pull/1044",
"refsource": "MISC",
"name": "https://github.com/miekg/dns/pull/1044"
},
{
"url": "https://github.com/miekg/dns/compare/v1.1.24...v1.1.25",
"refsource": "MISC",
"name": "https://github.com/miekg/dns/compare/v1.1.24...v1.1.25"
}
]
}
}

62
2019/19xxx/CVE-2019-19795.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19795",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/michaelforney/samurai/issues/29",
"refsource": "MISC",
"name": "https://github.com/michaelforney/samurai/issues/29"
}
]
}
}

62
2019/19xxx/CVE-2019-19796.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/marcIhm/yabasic/issues/37",
"refsource": "MISC",
"name": "https://github.com/marcIhm/yabasic/issues/37"
}
]
}
}

58
2019/5xxx/CVE-2019-5253.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5253",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5253",
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "E5572-855",
"version": {
"version_data": [
{
"version_value": "Versions earlier than 8.0.1.3(H335SP1C233)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-04-dos-en",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-04-dos-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle attack."
}
]
}

73
2019/5xxx/CVE-2019-5260.json
View File

@ -1,17 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5260",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5260",
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "HUAWEI Y9 2019;Honor View 20",
"version": {
"version_data": [
{
"version_value": "8.2.0.160(C185R2P2)"
},
{
"version_value": "8.2.0.162(C605)"
},
{
"version_value": "8.2.0.163(C605)"
},
{
"version_value": "9.0.1.169(C636E1R4P1)"
},
{
"version_value": "9.0.1.170(C185E2R3P1)"
},
{
"version_value": "9.0.1.170(C432E1R3P1)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-mobile-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190911-01-mobile-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot."
}
]
}

58
2019/5xxx/CVE-2019-5278.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5278",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5278",
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CampusInsight",
"version": {
"version_data": [
{
"version_value": "V100R019C00"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-gauss100-en",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-gauss100-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database in CampusInsight before V100R019C00SPC200. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database to crash."
}
]
}