admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-22 19:01:16 +00:00
parent 3fad671656
commit 401445b8b5
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
19 changed files with 381 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2012/4xxx/CVE-2012-4919.json
View File

@ -1,8 +1,31 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-4919", "ID": "CVE-2012-4919",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Gallery Plugin authors",
"product": {
"product_data": [
{
"product_name": "Gallery",
"version": {
"version_data": [
{
"version_value": "1.4"
}
]
}
}
]
}
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote File Include"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/57650",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57650"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713"
} }
] ]
} }

55
2016/4xxx/CVE-2016-4761.json
View File

@ -1,8 +1,31 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4761", "ID": "CVE-2016-4761",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebKitGTK+",
"version": {
"version_data": [
{
"version_value": "before 2.14.0"
}
]
}
}
]
},
"vendor_name": "WebKitGTK+"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2016/11/04/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/11/04/14"
},
{
"url": "http://www.ubuntu.com/usn/USN-3166-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-3166-1"
} }
] ]
} }

5
2018/10xxx/CVE-2018-10653.json
View File

@ -56,6 +56,11 @@
"name": "https://support.citrix.com/article/CTX234879", "name": "https://support.citrix.com/article/CTX234879",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX234879" "url": "https://support.citrix.com/article/CTX234879"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156037/Citrix-XenMobile-Server-10.8-XML-Injection.html",
"url": "http://packetstormsecurity.com/files/156037/Citrix-XenMobile-Server-10.8-XML-Injection.html"
} }
] ]
} }

5
2018/5xxx/CVE-2018-5333.json
View File

@ -121,6 +121,11 @@
"name": "USN-3619-1", "name": "USN-3619-1",
"refsource": "UBUNTU", "refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-1/" "url": "https://usn.ubuntu.com/3619-1/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"
} }
] ]
} }

12
2019/16xxx/CVE-2019-16792.json
View File

@ -37,7 +37,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining.\n\nThis issue is fixed in Waitress 1.4.0." "value": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0."
} }
] ]
}, },
@ -71,16 +71,16 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"name": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6",
"refsource": "CONFIRM",
"url": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6"
},
{ {
"name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes", "name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes",
"refsource": "MISC", "refsource": "MISC",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes" "url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
}, },
{
"name": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6",
"refsource": "CONFIRM",
"url": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6"
},
{ {
"name": "https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65", "name": "https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65",
"refsource": "MISC", "refsource": "MISC",

5
2019/17xxx/CVE-2019-17015.json
View File

@ -83,6 +83,11 @@
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2020:0060", "name": "openSUSE-SU-2020:0060",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17016.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17017.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17021.json
View File

@ -83,6 +83,11 @@
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2020:0060", "name": "openSUSE-SU-2020:0060",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17022.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17024.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0094",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html"
} }
] ]
}, },

5
2019/17xxx/CVE-2019-17621.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", "name": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9",
"url": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9" "url": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html"
} }
] ]
} }

72
2019/19xxx/CVE-2019-19834.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-19834",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-19834",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"refsource": "MISC",
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"refsource": "MISC",
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
} }
] ]
} }

72
2019/19xxx/CVE-2019-19836.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-19836",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-19836",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"refsource": "MISC",
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"refsource": "MISC",
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
} }
] ]
} }

72
2019/19xxx/CVE-2019-19843.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-19843",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-19843",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html",
"refsource": "MISC",
"name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html"
},
{
"refsource": "MISC",
"name": "https://www.ruckuswireless.com/security/299/view/txt",
"url": "https://www.ruckuswireless.com/security/299/view/txt"
},
{
"refsource": "MISC",
"name": "https://alephsecurity.com/2020/01/14/ruckus-wireless",
"url": "https://alephsecurity.com/2020/01/14/ruckus-wireless"
} }
] ]
} }

30
2019/20xxx/CVE-2019-20330.json
View File

@ -106,6 +106,36 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[zookeeper-issues] 20200118 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330", "name": "[zookeeper-issues] 20200118 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E" "url": "https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200122 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200122 Re: 3.5.7",
"url": "https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200122 [jira] [Assigned] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt commented on issue #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200122 [jira] [Updated] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt opened a new pull request #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330",
"url": "https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0@%3Cnotifications.zookeeper.apache.org%3E"
} }
] ]
} }

5
2019/6xxx/CVE-2019-6205.json
View File

@ -99,6 +99,11 @@
"name": "https://support.apple.com/HT209447", "name": "https://support.apple.com/HT209447",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://support.apple.com/HT209447" "url": "https://support.apple.com/HT209447"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156051/XNU-vm_map_copy-Insufficient-Fix.html",
"url": "http://packetstormsecurity.com/files/156051/XNU-vm_map_copy-Insufficient-Fix.html"
} }
] ]
} }

5
2019/9xxx/CVE-2019-9213.json
View File

@ -176,6 +176,11 @@
"refsource": "REDHAT", "refsource": "REDHAT",
"name": "RHSA-2019:1480", "name": "RHSA-2019:1480",
"url": "https://access.redhat.com/errata/RHSA-2019:1480" "url": "https://access.redhat.com/errata/RHSA-2019:1480"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"
} }
] ]
} }

5
2020/7xxx/CVE-2020-7228.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://spider-security.co.uk/blog-cve-2020-7228", "name": "https://spider-security.co.uk/blog-cve-2020-7228",
"url": "https://spider-security.co.uk/blog-cve-2020-7228" "url": "https://spider-security.co.uk/blog-cve-2020-7228"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/10043",
"url": "https://wpvulndb.com/vulnerabilities/10043"
} }
] ]
} }