admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-25 23:02:03 +00:00
parent b6dff30508
commit 65ddc318c6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 204 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2011/3xxx/CVE-2011-3355.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3355",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "evolution-data-server3",
"product": {
"product_data": [
{
"product_name": "evolution-data-server3",
"version": {
"version_data": [
{
"version_value": "3.0.3 through 3.2.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMAP does non-SSL connection when storing to Sent folder"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-3355",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2011-3355"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3355",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3355"
},
{
"url": "https://access.redhat.com/security/cve/cve-2011-3355",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2011-3355"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/09/09/1",
"url": "https://www.openwall.com/lists/oss-security/2011/09/09/1"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641052",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641052"
}
]
}

65
2011/3xxx/CVE-2011-3373.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3373",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "drupal6-views_bulk_operations",
"product": {
"product_data": [
{
"product_name": "drupal6-views_bulk_operations",
"version": {
"version_data": [
{
"version_value": "6.x-1.0 through 6.x-1.10"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Drupal Views Builk Operations (VBO) module 6.x-1.0 through 6.x-1.10 does not properly escape the vocabulary help when the vocabulary has had user tagging enabled and the \"Modify node taxonomy terms\" action is used. A remote attacker could provide a specially-crafted URL that could lead to cross-site scripting (XSS) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3373",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3373"
},
{
"url": "https://access.redhat.com/security/cve/cve-2011-3373",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2011-3373"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/09/22/4",
"url": "https://www.openwall.com/lists/oss-security/2011/09/22/4"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/49727",
"url": "https://www.securityfocus.com/bid/49727"
}
]
}

5
2019/10xxx/CVE-2019-10767.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://github.com/ioBroker/ioBroker.js-controller/commit/f6e292c6750a491a5000d0f851b2fede4f9e2fda",
"url": "https://github.com/ioBroker/ioBroker.js-controller/commit/f6e292c6750a491a5000d0f851b2fede4f9e2fda"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-IOBROKERJSCONTROLLER-534881",
"url": "https://snyk.io/vuln/SNYK-JS-IOBROKERJSCONTROLLER-534881"
}
]
},

50
2019/10xxx/CVE-2019-10771.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10771",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "report@snyk.io",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "iobroker.web",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.4.10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-IOBROKERWEB-534971",
"url": "https://snyk.io/vuln/SNYK-JS-IOBROKERWEB-534971"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Characters in the GET url path are not properly escaped and can be reflected in the server response."
}
]
}

5
2019/11xxx/CVE-2019-11037.json
View File

@ -115,6 +115,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5dc1f4100e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FME5ZG7DDYWUPPHTTAFJB5OFFCPXYHPS/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4576",
"url": "https://www.debian.org/security/2019/dsa-4576"
}
]
},

18
2019/19xxx/CVE-2019-19264.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19264",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}