admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-18 19:01:52 +00:00
parent 5d617e0cd7
commit 4824889e77
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
14 changed files with 353 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/20xxx/CVE-2018-20687.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20687",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway 5.4.0 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155359/Raritan-CommandCenter-Secure-Gateway-XML-Injection.html",
"url": "http://packetstormsecurity.com/files/155359/Raritan-CommandCenter-Secure-Gateway-XML-Injection.html"
}
]
}

5
2019/11xxx/CVE-2019-11755.json
View File

@ -74,6 +74,11 @@
"refsource": "DEBIAN",
"name": "DSA-4571",
"url": "https://www.debian.org/security/2019/dsa-4571"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html"
}
]
},

61
2019/12xxx/CVE-2019-12271.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12271",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding \".jpg\" to any uploaded filename is not enforced on the server side."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155355/Centraleyezer-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/155355/Centraleyezer-Shell-Upload.html"
},
{
"refsource": "MISC",
"name": "https://link.medium.com/Y2S4ZJbMy1",
"url": "https://link.medium.com/Y2S4ZJbMy1"
}
]
}

61
2019/12xxx/CVE-2019-12299.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12299",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sandline Centraleyezer (On Premises) allows Stored XSS using HTML entities in the name field of the Category section."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2019/Nov/8",
"url": "http://seclists.org/fulldisclosure/2019/Nov/8"
},
{
"refsource": "MISC",
"name": "https://medium.com/insidersec0x42/centraleyezer-stored-xss-using-html-entities-cve-2019-12299-5c295ae54ef",
"url": "https://medium.com/insidersec0x42/centraleyezer-stored-xss-using-html-entities-cve-2019-12299-5c295ae54ef"
}
]
}

61
2019/12xxx/CVE-2019-12311.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12311",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sandline Centraleyezer (On Premises) allows Unrestricted File Upload leading to Stored XSS. An HTML page running a script could be uploaded to the server. When a victim tries to download a CISO Report template, the script is loaded."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2019/Nov/9",
"url": "http://seclists.org/fulldisclosure/2019/Nov/9"
},
{
"refsource": "MISC",
"name": "https://medium.com/insidersec0x42/centraleyezer-unrestricted-file-upload-cve-2019-12311-7cad12e95165",
"url": "https://medium.com/insidersec0x42/centraleyezer-unrestricted-file-upload-cve-2019-12311-7cad12e95165"
}
]
}

5
2019/12xxx/CVE-2019-12384.json
View File

@ -246,6 +246,11 @@
"refsource": "MLIST",
"name": "[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html",
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3901",
"url": "https://access.redhat.com/errata/RHSA-2019:3901"
}
]
}

5
2019/14xxx/CVE-2019-14379.json
View File

@ -291,6 +291,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3297",
"url": "https://access.redhat.com/errata/RHSA-2019:3297"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3901",
"url": "https://access.redhat.com/errata/RHSA-2019:3901"
}
]
}

5
2019/15xxx/CVE-2019-15903.json
View File

@ -231,6 +231,11 @@
"refsource": "DEBIAN",
"name": "DSA-4571",
"url": "https://www.debian.org/security/2019/dsa-4571"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html"
}
]
}

5
2019/16xxx/CVE-2019-16869.json
View File

@ -181,6 +181,11 @@
"refsource": "MLIST",
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3901",
"url": "https://access.redhat.com/errata/RHSA-2019:3901"
}
]
}

5
2019/16xxx/CVE-2019-16942.json
View File

@ -121,6 +121,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-cf87377f5f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3901",
"url": "https://access.redhat.com/errata/RHSA-2019:3901"
}
]
}

58
2019/3xxx/CVE-2019-3423.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3423",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3423",
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ZTE Corporation",
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permission and Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "permission and access control vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can construct a URL for directory traversal and access to other unauthorized files or resources."
}
]
}

58
2019/3xxx/CVE-2019-3424.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3424",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3424",
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ZTE Corporation",
"product": {
"product_data": [
{
"product_name": "C520V21",
"version": {
"version_data": [
{
"version_value": "All versions up to V2.1.14"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011842"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations."
}
]
}

5
2019/5xxx/CVE-2019-5694.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4907",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4907"
},
{
"refsource": "MISC",
"name": "https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695",
"url": "https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695"
}
]
},

5
2019/5xxx/CVE-2019-5695.json
View File

@ -63,6 +63,11 @@
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4860",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4860"
},
{
"refsource": "MISC",
"name": "https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695",
"url": "https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695"
}
]
},