admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-13 16:01:37 +00:00
parent aeae2237a1
commit 223659d4b2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 599 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2012/4xxx/CVE-2012-4384.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4384",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "letodms",
"product": {
"product_data": [
{
"product_name": "letodms",
"version": {
"version_data": [
{
"version_value": "through 3.3.11"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/31/19",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/19"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-4384"
}
]
}

58
2013/4xxx/CVE-2013-4654.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4654",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"url": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"name": "https://www.ise.io/soho_service_hacks/"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf",
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
]
}

58
2013/4xxx/CVE-2013-4655.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4655",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"url": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"name": "https://www.ise.io/soho_service_hacks/"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf",
"url": "https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf"
}
]
}

55
2014/3xxx/CVE-2014-3592.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3592",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenShift Origin",
"version": {
"version_data": [
{
"version_value": "through 2014-08-13"
}
]
}
}
]
},
"vendor_name": "OpenShift Origin"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "OpenShift Origin: Improperly validated team names could allow stored XSS attacks"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS in team name"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3592",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3592"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3592",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3592"
}
]
}

60
2014/3xxx/CVE-2014-3655.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3655",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "JBoss",
"product": {
"product_data": [
{
"product_name": "KeyCloak",
"version": {
"version_data": [
{
"version_value": "Fixed in version 1.1.0-Alpha1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "JBoss KeyCloak is vulnerable to soft token deletion via CSRF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Soft Token deletion via CSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3655",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3655"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3655",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3655"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-30138",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-30138"
}
]
}

67
2019/15xxx/CVE-2019-15948.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices, when LE scan mode is used, allow remote attackers to trigger a buffer overflow via a malformed Bluetooth Low Energy advertising packet, to cause a denial of service or potentially execute arbitrary code. This affects CC256xC-BT-SP 1.2, CC256xB-BT-SP 1.8, and WL18xx-BT-SP 4.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.linkedin.com/in/veronica-kovah-2587185",
"refsource": "MISC",
"name": "https://www.linkedin.com/in/veronica-kovah-2587185"
},
{
"refsource": "MISC",
"name": "https://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/856161",
"url": "https://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/856161"
}
]
}
}

67
2019/18xxx/CVE-2019-18929.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18929/description.txt",
"url": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18929/description.txt"
},
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18929",
"url": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18929"
}
]
}
}

67
2019/18xxx/CVE-2019-18930.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary code via a stack-based buffer overflow. There is no size verification logic in one of functions in libscheddl.so, and download_mgr.cgi makes it possible to enter large-sized f_idx inputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18930/description.txt",
"url": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18930/description.txt"
},
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18930",
"url": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18930"
}
]
}
}

67
2019/18xxx/CVE-2019-18931.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18931",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via crafted GET/POST parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18931",
"url": "https://github.com/DelspoN/CVE/tree/master/CVE-2019-18931"
},
{
"refsource": "MISC",
"name": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18931/description.txt",
"url": "https://github.com/DelspoN/CVE/blob/master/CVE-2019-18931/description.txt"
}
]
}
}

14
2019/4xxx/CVE-2019-4159.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4159",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-4159",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

58
2019/5xxx/CVE-2019-5292.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5292",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5292",
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Honor 10 Lite, Honor 8A, Huawei Y6",
"version": {
"version_data": [
{
"version_value": "The versions before 9.1.0.217(C00E215R3P1), The versions before 9.1.0.205(C00E97R1P9), The versions before 9.1.0.205(C00E97R2P2)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information."
}
]
}