admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-22 16:00:50 +00:00
parent 8dd4df954a
commit 5dc45bef06
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
20 changed files with 446 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/12xxx/CVE-2018-12116.json
View File

@ -56,6 +56,11 @@
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
}

5
2018/12xxx/CVE-2018-12121.json
View File

@ -61,6 +61,11 @@
"name": "106043",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106043"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
}

5
2018/12xxx/CVE-2018-12122.json
View File

@ -61,6 +61,11 @@
"name": "106043",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106043"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
}

5
2018/12xxx/CVE-2018-12123.json
View File

@ -56,6 +56,11 @@
"name": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
}

5
2018/20xxx/CVE-2018-20834.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/npm/node-tar/compare/58a8d43...a5f7779",
"refsource": "MISC",
"name": "https://github.com/npm/node-tar/compare/58a8d43...a5f7779"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
}

59
2019/1010xxx/CVE-2019-1010232.json
View File

@ -1,17 +1,64 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010232",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Juniper",
"product": {
"product_data": [
{
"product_name": "juniper/libslax",
"version": {
"version_data": [
{
"version_value": "libslax (commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1"
},
{
"version_value": "2018)"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649175",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1649175"
}
]
}

5
2019/1010xxx/CVE-2019-1010305.json
View File

@ -66,6 +66,11 @@
"refsource": "UBUNTU",
"name": "USN-4066-1",
"url": "https://usn.ubuntu.com/4066-1/"
},
{
"refsource": "UBUNTU",
"name": "USN-4066-2",
"url": "https://usn.ubuntu.com/4066-2/"
}
]
}

5
2019/10xxx/CVE-2019-10192.json
View File

@ -89,6 +89,11 @@
"refsource": "BID",
"name": "109290",
"url": "http://www.securityfocus.com/bid/109290"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1819",
"url": "https://access.redhat.com/errata/RHSA-2019:1819"
}
]
},

5
2019/10xxx/CVE-2019-10193.json
View File

@ -89,6 +89,11 @@
"refsource": "BID",
"name": "109290",
"url": "http://www.securityfocus.com/bid/109290"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1819",
"url": "https://access.redhat.com/errata/RHSA-2019:1819"
}
]
},

70
2019/12xxx/CVE-2019-12324.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12324",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A command injection (missing input validation) issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters in a POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdf",
"refsource": "MISC",
"name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdf"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N",
"version": "3.0"
}
}
}

70
2019/12xxx/CVE-2019-12325.json
View File

@ -1,18 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12325",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12325",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device (DoS) without authentication or execute code (authenticated as a user) to spawn a remote shell as a root user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Htek_UC902.pdf",
"refsource": "MISC",
"name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Htek_UC902.pdf"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:L/I:L/PR:L/S:C/UI:N",
"version": "3.0"
}
}
}

5
2019/12xxx/CVE-2019-12384.json
View File

@ -76,6 +76,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190703-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190703-0002/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1820",
"url": "https://access.redhat.com/errata/RHSA-2019:1820"
}
]
}

7
2019/12xxx/CVE-2019-12457.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "FileRun 2019.05.21 allows images/extjs Directory Listing."
"value": "FileRun 2019.05.21 allows images/extjs Directory Listing. This issue has been fixed in FileRun 2019.06.01."
}
]
},
@ -66,6 +66,11 @@
"url": "https://filerun.com/changelog",
"refsource": "MISC",
"name": "https://filerun.com/changelog"
},
{
"refsource": "MISC",
"name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3",
"url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3"
}
]
}

7
2019/12xxx/CVE-2019-12458.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "FileRun 2019.05.21 allows css/ext-ux Directory Listing."
"value": "FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01."
}
]
},
@ -66,6 +66,11 @@
"url": "https://emreovunc.com/blog/en/FileRun-DirectoryListing-2.png",
"refsource": "MISC",
"name": "https://emreovunc.com/blog/en/FileRun-DirectoryListing-2.png"
},
{
"refsource": "MISC",
"name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3",
"url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3"
}
]
}

7
2019/12xxx/CVE-2019-12459.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing."
"value": "FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing. This issue has been fixed in FileRun 2019.06.01."
}
]
},
@ -66,6 +66,11 @@
"url": "https://emreovunc.com/blog/en/FileRun-DirectoryListing-3.png",
"refsource": "MISC",
"name": "https://emreovunc.com/blog/en/FileRun-DirectoryListing-3.png"
},
{
"refsource": "MISC",
"name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3",
"url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3"
}
]
}

7
2019/12xxx/CVE-2019-12905.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI."
"value": "FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman&section=do&page=up URI. This issue has been fixed in FileRun 2019.06.01."
}
]
},
@ -56,6 +56,11 @@
"url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/",
"refsource": "MISC",
"name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/"
},
{
"refsource": "MISC",
"name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3",
"url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3"
}
]
}

67
2019/13xxx/CVE-2019-13098.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when the class CreateWalletTwoActivity is called. Other authenticated users can read it in the log later. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pastebin.com/a5VhaxYn",
"refsource": "MISC",
"name": "https://pastebin.com/a5VhaxYn"
},
{
"url": "https://pastebin.com/raw/rVGbwSw0",
"refsource": "MISC",
"name": "https://pastebin.com/raw/rVGbwSw0"
}
]
}
}

62
2019/13xxx/CVE-2019-13099.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user and a user's access token via Logcat."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pastebin.com/SgVPb7Lb",
"refsource": "MISC",
"name": "https://pastebin.com/SgVPb7Lb"
}
]
}
}

62
2019/13xxx/CVE-2019-13100.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pastebin.com/Gdd0Shgr",
"refsource": "MISC",
"name": "https://pastebin.com/Gdd0Shgr"
}
]
}
}

5
2019/5xxx/CVE-2019-5737.json
View File

@ -77,6 +77,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190502-0008/",
"url": "https://security.netapp.com/advisory/ntap-20190502-0008/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
}
]
},