admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-25 23:00:53 +00:00
parent 1f09b2827e
commit 503e2b4507
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
4 changed files with 151 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
2017/18xxx/CVE-2017-18635.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/novnc/noVNC/issues/748",
"refsource": "MISC",
"name": "https://github.com/novnc/noVNC/issues/748"
},
{
"url": "https://github.com/novnc/noVNC/releases/tag/v0.6.2",
"refsource": "MISC",
"name": "https://github.com/novnc/noVNC/releases/tag/v0.6.2"
},
{
"url": "https://bugs.launchpad.net/horizon/+bug/1656435",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/horizon/+bug/1656435"
},
{
"url": "https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534",
"refsource": "MISC",
"name": "https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534"
}
]
}
}

63
2018/17xxx/CVE-2018-17793.json
View File

@ -1,66 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-17793",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Virtualenv 16.0.0 allows a sandbox escape via \"python $(bash >&2)\" and \"python $(rbash >&2)\" commands. NOTE: the software maintainer disputes this because the Python interpreter in a virtualenv is supposed to be able to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pypa/virtualenv/issues/1207",
"refsource": "MISC",
"url": "https://github.com/pypa/virtualenv/issues/1207"
},
{
"name": "45528",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45528/"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

5
2019/15xxx/CVE-2019-15292.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K27112954",
"url": "https://support.f5.com/csp/article/K27112954"
}
]
}

62
2019/16xxx/CVE-2019-16253.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154614/Samsung-Mobile-Android-SamsungTTS-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/154614/Samsung-Mobile-Android-SamsungTTS-Privilege-Escalation.html"
}
]
}
}