admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #192 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2019-10-28 19:33:11 -04:00 committed by GitHub
commit 663709f6a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
289 changed files with 7722 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2002/2xxx/CVE-2002-2444.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2444",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Snoopy 2.0.0-1 has a security hole in exec cURL"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/18/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://security-tracker.debian.org/tracker/CVE-2002-2444"
},
{
"refsource": "MISC",
"name": "https://sourceforge.net/p/snoopy/bugs/13/",
"url": "https://sourceforge.net/p/snoopy/bugs/13/"
}
]
}

55
2005/2xxx/CVE-2005-2349.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-2349",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoo",
"product": {
"product_data": [
{
"product_name": "Zoo",
"version": {
"version_data": [
{
"version_value": "2.10-27"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zoo 2.10-27 has Directory traversal"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "traversal in zoo"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2005-2349",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2005-2349"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/03/1"
}
]
}

60
2009/4xxx/CVE-2009-4899.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4899",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pixelpost",
"product": {
"product_data": [
{
"product_name": "pixelpost",
"version": {
"version_data": [
{
"version_value": "1.7.1-5"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "pixelpost 1.7.1-5 has SQL injection"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2009-4899",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2009-4899"
},
{
"url": "https://access.redhat.com/security/cve/cve-2009-4899",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2009-4899"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597224"
}
]
}

60
2009/4xxx/CVE-2009-4900.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2009-4900",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pixelpost",
"product": {
"product_data": [
{
"product_name": "pixelpost",
"version": {
"version_data": [
{
"version_value": "1.7.1-5"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "pixelpost 1.7.1-5 has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2009-4900",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2009-4900"
},
{
"url": "https://access.redhat.com/security/cve/cve-2009-4900",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2009-4900"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=597224"
}
]
}

65
2010/3xxx/CVE-2010-3293.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3293",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mailscanner",
"product": {
"product_data": [
{
"product_name": "mailscanner",
"version": {
"version_data": [
{
"version_value": "4.79.11-2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "mailscanner can allow local users to prevent virus signatures from being updated"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "virus updates DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-3293",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-3293"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-3293",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-3293"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596397"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2010/09/13/9",
"url": "https://www.openwall.com/lists/oss-security/2010/09/13/9"
}
]
}

65
2010/4xxx/CVE-2010-4239.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4239",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tiki Wiki",
"product": {
"product_data": [
{
"product_name": "CMS Groupware",
"version": {
"version_data": [
{
"version_value": "5.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki Wiki CMS Groupware 5.2 has Local File Inclusion"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNKNOWN_TYPE"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4239",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4239"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4239",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-4239"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2010/11/22/9",
"url": "https://www.openwall.com/lists/oss-security/2010/11/22/9"
},
{
"refsource": "MISC",
"name": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-lfi.txt",
"url": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-lfi.txt"
}
]
}

65
2010/4xxx/CVE-2010-4240.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4240",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tiki Wiki",
"product": {
"product_data": [
{
"product_name": "CMS Groupware",
"version": {
"version_data": [
{
"version_value": "5.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki Wiki CMS Groupware 5.2 has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNKNOWN_TYPE"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4240",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4240"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4240",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-4240"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2010/11/22/9",
"url": "https://www.openwall.com/lists/oss-security/2010/11/22/9"
},
{
"refsource": "MISC",
"name": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-xss.txt",
"url": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-xss.txt"
}
]
}

65
2010/4xxx/CVE-2010-4241.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4241",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tiki Wiki",
"product": {
"product_data": [
{
"product_name": "CMS Groupware",
"version": {
"version_data": [
{
"version_value": "5.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tiki Wiki CMS Groupware 5.2 has CSRF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNKNOWN_TYPE"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4241",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4241"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4241",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-4241"
},
{
"refsource": "MISC",
"name": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-xsrf.txt",
"url": "https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-xsrf.txt"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2010/11/22/9",
"url": "https://www.openwall.com/lists/oss-security/2010/11/22/9"
}
]
}

65
2010/4xxx/CVE-2010-4245.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4245",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pootle",
"product": {
"product_data": [
{
"product_name": "pootle",
"version": {
"version_data": [
{
"version_value": "2.0.5-0.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "pootle 2.0.5-0.2 has XSS via 'match_names' parameter"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS via 'match_names' parameter on translate.html page"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4245",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4245"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4245",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4245"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4245",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-4245"
},
{
"refsource": "DEBIAN",
"name": "debian",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604060"
}
]
}

70
2012/5xxx/CVE-2012-5577.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5577",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Python keyring lib",
"product": {
"product_data": [
{
"product_name": "Python keyring lib",
"version": {
"version_data": [
{
"version_value": "0.10"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Python keyring lib before 0.10 created keyring files with world-readable permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5577",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-5577"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/27/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/27/3"
},
{
"refsource": "CONFIRM",
"name": "https://bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1",
"url": "https://bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1"
},
{
"refsource": "MISC",
"name": "https://bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg",
"url": "https://bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg"
}
]
}

58
2013/4xxx/CVE-2013-4658.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4658",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"url": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"name": "https://www.ise.io/soho_service_hacks/"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf",
"url": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf"
}
]
}

68
2013/4xxx/CVE-2013-4848.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4848",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"url": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"name": "https://www.ise.io/soho_service_hacks/"
},
{
"refsource": "MISC",
"name": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf",
"url": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/62884/info",
"url": "https://www.securityfocus.com/bid/62884/info"
},
{
"refsource": "MISC",
"name": "https://vuldb.com/?id.10495",
"url": "https://vuldb.com/?id.10495"
}
]
}

48
2017/14xxx/CVE-2017-14742.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14742",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "43236",
"url": "https://www.exploit-db.com/exploits/43236/"
}
]
}

48
2017/15xxx/CVE-2017-15725.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15725",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An XML External Entity Injection vulnerability exists in Dzone AnswerHub."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://il.linkedin.com/in/nivlevy",
"url": "https://il.linkedin.com/in/nivlevy"
}
]
}

10
2017/16xxx/CVE-2017-16808.json
View File

@ -91,6 +91,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2348",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

14
2017/5xxx/CVE-2017-5731.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5731",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5731",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}

14
2017/5xxx/CVE-2017-5732.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5732",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5732",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

14
2017/5xxx/CVE-2017-5733.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5733",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5733",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

14
2017/5xxx/CVE-2017-5734.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5734",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5734",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}

14
2017/5xxx/CVE-2017-5735.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5735",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-5735",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

15
2017/6xxx/CVE-2017-6059.json
View File

@ -81,6 +81,21 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2112",
"url": "https://access.redhat.com/errata/RHSA-2019:2112"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-7b06f18a10",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJXBG3DG2FUYFGTUTSJFMPIINVFKKB4Z/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-23638d42f3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2V3HIGXMUKJGOBMAQAQPGC7G5YYWSUVA/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a25d5df3b4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTWUMQ46GZY3O4WU4JCF333LN53R2XQH/"
}
]
}

15
2017/6xxx/CVE-2017-6062.json
View File

@ -66,6 +66,21 @@
"name": "https://github.com/pingidentity/mod_auth_openidc/issues/222",
"refsource": "CONFIRM",
"url": "https://github.com/pingidentity/mod_auth_openidc/issues/222"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-7b06f18a10",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJXBG3DG2FUYFGTUTSJFMPIINVFKKB4Z/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-23638d42f3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2V3HIGXMUKJGOBMAQAQPGC7G5YYWSUVA/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a25d5df3b4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTWUMQ46GZY3O4WU4JCF333LN53R2XQH/"
}
]
}

15
2017/6xxx/CVE-2017-6413.json
View File

@ -76,6 +76,21 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2112",
"url": "https://access.redhat.com/errata/RHSA-2019:2112"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-7b06f18a10",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EJXBG3DG2FUYFGTUTSJFMPIINVFKKB4Z/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-23638d42f3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2V3HIGXMUKJGOBMAQAQPGC7G5YYWSUVA/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a25d5df3b4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTWUMQ46GZY3O4WU4JCF333LN53R2XQH/"
}
]
}

5
2017/7xxx/CVE-2017-7655.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191026 [SECURITY] [DLA 1972-1] mosquitto security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00035.html"
}
]
}

10
2018/10xxx/CVE-2018-10103.json
View File

@ -81,6 +81,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/10xxx/CVE-2018-10105.json
View File

@ -81,6 +81,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

5
2018/12xxx/CVE-2018-12550.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=541870",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=541870"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191026 [SECURITY] [DLA 1972-1] mosquitto security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00035.html"
}
]
}

5
2018/12xxx/CVE-2018-12551.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=543401",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=543401"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191026 [SECURITY] [DLA 1972-1] mosquitto security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00035.html"
}
]
}

10
2018/14xxx/CVE-2018-14461.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14462.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14463.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14464.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14465.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14466.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14467.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14468.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14469.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14470.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14879.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

15
2018/14xxx/CVE-2018-14880.json
View File

@ -86,6 +86,21 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K56551263?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K56551263?utm_source=f5support&utm_medium=RSS"
}
]
}

10
2018/14xxx/CVE-2018-14881.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/14xxx/CVE-2018-14882.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16227.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16228.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16229.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16230.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16300.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

25
2018/16xxx/CVE-2018-16301.json
View File

@ -81,6 +81,31 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2345",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16451.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16452.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/16xxx/CVE-2018-16548.json
View File

@ -61,6 +61,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2196",
"url": "https://access.redhat.com/errata/RHSA-2019:2196"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2396",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00065.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2394",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00066.html"
}
]
}

10
2018/19xxx/CVE-2018-19519.json
View File

@ -61,6 +61,16 @@
"name": "https://github.com/zyingp/temp/blob/master/tcpdump.md",
"refsource": "MISC",
"url": "https://github.com/zyingp/temp/blob/master/tcpdump.md"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

10
2018/1xxx/CVE-2018-1122.json
View File

@ -116,6 +116,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2189",
"url": "https://access.redhat.com/errata/RHSA-2019:2189"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2376",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2379",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html"
}
]
}

10
2018/1xxx/CVE-2018-1123.json
View File

@ -111,6 +111,16 @@
"name": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2376",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2379",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html"
}
]
}

10
2018/1xxx/CVE-2018-1124.json
View File

@ -169,6 +169,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2401",
"url": "https://access.redhat.com/errata/RHSA-2019:2401"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2376",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2379",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html"
}
]
}

10
2018/1xxx/CVE-2018-1125.json
View File

@ -101,6 +101,16 @@
"name": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2376",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2379",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html"
}
]
}

10
2018/1xxx/CVE-2018-1126.json
View File

@ -141,6 +141,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1944",
"url": "https://access.redhat.com/errata/RHSA-2019:1944"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2376",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00058.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2379",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00059.html"
}
]
}

14
2018/3xxx/CVE-2018-3630.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3630",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-3630",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}

5
2018/5xxx/CVE-2018-5390.json
View File

@ -244,6 +244,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&utm_medium=RSS"
}
]
},

5
2018/7xxx/CVE-2018-7866.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5139453028",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a1b6fc5274",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/"
}
]
}

5
2018/7xxx/CVE-2018-7873.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5139453028",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a1b6fc5274",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/"
}
]
}

5
2018/7xxx/CVE-2018-7876.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5139453028",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a1b6fc5274",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/"
}
]
}

5
2018/9xxx/CVE-2018-9009.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5139453028",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a1b6fc5274",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/"
}
]
}

5
2018/9xxx/CVE-2018-9132.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5139453028",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a1b6fc5274",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/"
}
]
}

10
2019/1010xxx/CVE-2019-1010220.json
View File

@ -81,6 +81,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2348",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

16
2019/10xxx/CVE-2019-10079.json
View File

@ -45,9 +45,19 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E"
"refsource": "MLIST",
"name": "[trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks",
"url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks",
"url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks",
"url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E"
}
]
},

120
2019/11xxx/CVE-2019-11043.json
View File

@ -1,18 +1,124 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@php.net",
"DATE_PUBLIC": "2019-10-22T03:18:00.000Z",
"ID": "CVE-2019-11043",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Underflow in PHP-FPM can lead to RCE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PHP",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.1.x",
"version_value": "7.1.33"
},
{
"version_affected": "<",
"version_name": "7.2.x",
"version_value": "7.2.24"
},
{
"version_affected": "<",
"version_name": "7.3.x",
"version_value": "7.3.11"
}
]
}
}
]
},
"vendor_name": "PHP"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reported by Emil Lerner. "
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Exploit described at https://github.com/neex/phuip-fpizdam"
}
],
"generator": {
"engine": "Vulnogram 0.0.8"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/neex/phuip-fpizdam",
"name": "https://github.com/neex/phuip-fpizdam"
},
{
"refsource": "CONFIRM",
"name": "https://bugs.php.net/bug.php?id=78599",
"url": "https://bugs.php.net/bug.php?id=78599"
}
]
},
"source": {
"defect": [
"https://bugs.php.net/bug.php?id=78599"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening. "
}
]
}

5
2019/11xxx/CVE-2019-11779.json
View File

@ -86,6 +86,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-d99e2329cb",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4WMHIM64Q35NGTR6R3ILZUL4MA4ANB5/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191026 [SECURITY] [DLA 1972-1] mosquitto security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00035.html"
}
]
}

10
2019/12xxx/CVE-2019-12402.json
View File

@ -53,6 +53,16 @@
"refsource": "MLIST",
"name": "[creadur-commits] 20191022 [creadur-rat] branch master updated: RAT-258: Update to latest commons-compress to fix CVE-2019-12402",
"url": "https://lists.apache.org/thread.html/54cc4e9fa6b24520135f6fa4724dfb3465bc14703c7dc7e52353a0ea@%3Ccommits.creadur.apache.org%3E"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-c96a8d12b0",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLJIK2AUOZOWXR3S5XXBUNMOF3RTHTI7/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-da0eac1eb6",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZB3GB7YXIOUKIOQ27VTIP6KKGJJ3CKL/"
}
]
},

15
2019/12xxx/CVE-2019-12493.json
View File

@ -61,6 +61,21 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190930 [SECURITY] [DLA 1939-1] poppler security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/12xxx/CVE-2019-12515.json
View File

@ -56,6 +56,21 @@
"url": "https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-FlateStream__getChar",
"refsource": "MISC",
"name": "https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-FlateStream__getChar"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/12xxx/CVE-2019-12957.json
View File

@ -56,6 +56,21 @@
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41813",
"refsource": "MISC",
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41813"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/12xxx/CVE-2019-12958.json
View File

@ -56,6 +56,21 @@
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41815",
"refsource": "MISC",
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41815"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/13xxx/CVE-2019-13281.json
View File

@ -56,6 +56,21 @@
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41841",
"refsource": "MISC",
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41841"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/13xxx/CVE-2019-13282.json
View File

@ -56,6 +56,21 @@
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41842",
"refsource": "MISC",
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41842"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/13xxx/CVE-2019-13283.json
View File

@ -56,6 +56,21 @@
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41843",
"refsource": "MISC",
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41843"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

15
2019/13xxx/CVE-2019-13286.json
View File

@ -56,6 +56,21 @@
"url": "https://github.com/PanguL4b/pocs/tree/master/xpdf/heap-buffer-overflow_JBIG2Stream__readTextRegionSeg",
"refsource": "MISC",
"name": "https://github.com/PanguL4b/pocs/tree/master/xpdf/heap-buffer-overflow_JBIG2Stream__readTextRegionSeg"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-a457286734",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FWEWFUVITPA3Y6F4A5SJSROKYT7PRH7Q/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-01da705767",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNIJWRYTCLGV35WGIHYTMMOPEEOOTIPT/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-759ba8202b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJJD7X3ES7ZHJUY2R3DAVCJPV23R64VK/"
}
]
}

62
2019/13xxx/CVE-2019-13525.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13525",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Honeywell IP-AK2",
"version": {
"version_data": [
{
"version_value": "IP-AK2 Access Control Panel Version 1.04.07 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-02",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-02"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network."
}
]
}
}

62
2019/13xxx/CVE-2019-13546.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13546",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "IntelliSpace Perinatal",
"version": {
"version_data": [
{
"version_value": "Versions K and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-297-01",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-297-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. Due to potential Windows vulnerabilities, it may be possible for additional attack methods to be used to escalate privileges on the operating system."
}
]
}
}

62
2019/13xxx/CVE-2019-13549.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13549",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Rittal Chiller SK 3232-Series",
"version": {
"version_data": [
{
"version_value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems does not provide a sufficient level of protection against unauthorized configuration changes. Primary operations, namely turning the cooling unit on and off and setting the temperature set point, can be modified without authentication."
}
]
}
}

62
2019/13xxx/CVE-2019-13553.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13553",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Rittal Chiller SK 3232-Series",
"version": {
"version_data": [
{
"version_value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-297-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb firmware A1.5.3 \u2013 B1.2.4. The authentication mechanism on affected systems is configured using hard-coded credentials. These credentials could allow attackers to influence the primary operations of the affected systems, namely turning the cooling unit on and off and setting the temperature set point."
}
]
}
}

10
2019/14xxx/CVE-2019-14379.json
View File

@ -266,6 +266,16 @@
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[iceberg-issues] 20191027 [GitHub] [incubator-iceberg] rdsr commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379",
"url": "https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E"
}
]
}

67
2019/14xxx/CVE-2019-14450.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.repetier-server.com/manuals/0.91/index.html",
"refsource": "MISC",
"name": "https://www.repetier-server.com/manuals/0.91/index.html"
},
{
"refsource": "CONFIRM",
"name": "https://www.repetier-server.com/knowledgebase/security-advisory/",
"url": "https://www.repetier-server.com/knowledgebase/security-advisory/"
}
]
}
}

67
2019/14xxx/CVE-2019-14451.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not properly validate the XML data structure provided when uploading a new printer configuration. When this is combined with CVE-2019-14450, an attacker can upload an \"external command\" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.repetier-server.com/manuals/0.91/index.html",
"refsource": "MISC",
"name": "https://www.repetier-server.com/manuals/0.91/index.html"
},
{
"refsource": "CONFIRM",
"name": "https://www.repetier-server.com/knowledgebase/security-advisory/",
"url": "https://www.repetier-server.com/knowledgebase/security-advisory/"
}
]
}
}

5
2019/14xxx/CVE-2019-14540.json
View File

@ -151,6 +151,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3200",
"url": "https://access.redhat.com/errata/RHSA-2019:3200"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-cf87377f5f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/"
}
]
}

15
2019/14xxx/CVE-2019-14823.json
View File

@ -59,6 +59,21 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3067",
"url": "https://access.redhat.com/errata/RHSA-2019:3067"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-68c2fbcf82",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4d33c62860",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-24a0a2f24e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/"
}
]
},

67
2019/14xxx/CVE-2019-14925.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. A world-readable /usr/smartrtu/init/settings.xml configuration file on the file system allows an attacker to read sensitive configuration settings such as usernames, passwords, and other sensitive RTU data due to insecure permission assignment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14926.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard-coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware updates. In other words, these devices use private-key values in /etc/ssh/ssh_host_rsa_key, /etc/ssh/ssh_host_ecdsa_key, and /etc/ssh/ssh_host_dsa_key files that are publicly available from the vendor web sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14927.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14927",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote configuration download vulnerability allows an attacker to download the smartRTU's configuration file (which contains data such as usernames, passwords, and other sensitive RTU data)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14928.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. A number of stored cross-site script (XSS) vulnerabilities allow an attacker to inject malicious code directly into the application. An example input variable vulnerable to stored XSS is SerialInitialModemString in the index.php page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14929.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Stored cleartext passwords could allow an unauthenticated attacker to obtain configured username and password combinations on the RTU due to the weak credentials management on the RTU. An unauthenticated user can obtain the exposed password credentials to gain access to the following services: DDNS service, Mobile Network Provider, and OpenVPN service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14930.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Undocumented hard-coded user passwords for root, ineaadmin, mitsadmin, and maint could allow an attacker to gain unauthorised access to the RTU. (Also, the accounts ineaadmin and mitsadmin are able to escalate privileges to root without supplying a password due to insecure entries in /etc/sudoers on the RTU.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

67
2019/14xxx/CVE-2019-14931.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14931",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote OS Command Injection vulnerability allows an attacker to execute arbitrary commands on the RTU due to the passing of unsafe user supplied data to the RTU's system shell. Functionality in mobile.php provides users with the ability to ping sites or IP addresses via Mobile Connection Test. When the Mobile Connection Test is submitted, action.php is called to execute the test. An attacker can use a shell command separator (;) in the host variable to execute operating system commands upon submitting the test data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mogozobo.com/",
"refsource": "MISC",
"name": "https://www.mogozobo.com/"
},
{
"refsource": "MISC",
"name": "https://www.mogozobo.com/?p=3593",
"url": "https://www.mogozobo.com/?p=3593"
}
]
}
}

15
2019/15xxx/CVE-2019-15161.json
View File

@ -66,6 +66,21 @@
"refsource": "CONFIRM",
"name": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea",
"url": "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
}
]
}

15
2019/15xxx/CVE-2019-15162.json
View File

@ -66,6 +66,21 @@
"refsource": "CONFIRM",
"name": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58",
"url": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
}
]
}

15
2019/15xxx/CVE-2019-15163.json
View File

@ -66,6 +66,21 @@
"refsource": "CONFIRM",
"name": "https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31",
"url": "https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
}
]
}

15
2019/15xxx/CVE-2019-15164.json
View File

@ -66,6 +66,21 @@
"refsource": "CONFIRM",
"name": "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a",
"url": "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
}
]
}

15
2019/15xxx/CVE-2019-15165.json
View File

@ -86,6 +86,21 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20191021 [SECURITY] [DLA 1967-1] libpcap security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00031.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-eaa681d33e",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-4fe461079f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
}
]
}

10
2019/15xxx/CVE-2019-15166.json
View File

@ -86,6 +86,16 @@
"refsource": "DEBIAN",
"name": "DSA-4547",
"url": "https://www.debian.org/security/2019/dsa-4547"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-85d92df70f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-d06bc63433",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/"
}
]
}

5
2019/15xxx/CVE-2019-15587.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://hackerone.com/reports/709009",
"url": "https://hackerone.com/reports/709009"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/flavorjones/loofah/issues/171",
"url": "https://github.com/flavorjones/loofah/issues/171"
}
]
},

Some files were not shown because too many files have changed in this diff Show More