admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-23 19:00:48 +00:00
parent 307e309828
commit 6912c6fc5c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 532 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2016/7xxx/CVE-2016-7550.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7550",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://downloads.asterisk.org/pub/security/AST-2016-006.html",
"refsource": "MISC",
"name": "http://downloads.asterisk.org/pub/security/AST-2016-006.html"
}
]
}

53
2016/8xxx/CVE-2016-8897.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8897",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2016/09/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/09/30/5"
},
{
"url": "https://github.com/exponentcms/exponent-cms/commit/fdafb5ec97838e4edbd685f587f28d3174ebb3db",
"refsource": "MISC",
"name": "https://github.com/exponentcms/exponent-cms/commit/fdafb5ec97838e4edbd685f587f28d3174ebb3db"
}
]
}

53
2016/8xxx/CVE-2016-8899.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8899",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2016/09/30/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/09/30/5"
},
{
"url": "https://github.com/exponentcms/exponent-cms/commit/fdafb5ec97838e4edbd685f587f28d3174ebb3db",
"refsource": "MISC",
"name": "https://github.com/exponentcms/exponent-cms/commit/fdafb5ec97838e4edbd685f587f28d3174ebb3db"
}
]
}

10
2018/18xxx/CVE-2018-18511.json
View File

@ -36,6 +36,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1265",
"url": "https://access.redhat.com/errata/RHSA-2019:1265"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1267",
"url": "https://access.redhat.com/errata/RHSA-2019:1267"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1269",
"url": "https://access.redhat.com/errata/RHSA-2019:1269"
}
]
},

10
2019/10xxx/CVE-2019-10132.json
View File

@ -53,6 +53,16 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132",
"refsource": "CONFIRM"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1264",
"url": "https://access.redhat.com/errata/RHSA-2019:1264"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1268",
"url": "https://access.redhat.com/errata/RHSA-2019:1268"
}
]
},

61
2019/10xxx/CVE-2019-10851.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10851",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Computrols CBAS 18.0.0 has hard-coded encryption keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"name": "https://applied-risk.com/labs/advisories"
},
{
"refsource": "MISC",
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}

61
2019/10xxx/CVE-2019-10852.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10852",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"name": "https://applied-risk.com/labs/advisories"
},
{
"refsource": "MISC",
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}

61
2019/10xxx/CVE-2019-10853.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10853",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Computrols CBAS 18.0.0 allows Authentication Bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"name": "https://applied-risk.com/labs/advisories"
},
{
"refsource": "MISC",
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}

61
2019/10xxx/CVE-2019-10854.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10854",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Computrols CBAS 18.0.0 allows Authenticated Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"name": "https://applied-risk.com/labs/advisories"
},
{
"refsource": "MISC",
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}

61
2019/10xxx/CVE-2019-10855.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10855",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://applied-risk.com/labs/advisories",
"refsource": "MISC",
"name": "https://applied-risk.com/labs/advisories"
},
{
"refsource": "MISC",
"name": "https://applied-risk.com/index.php/download_file/view/196/165",
"url": "https://applied-risk.com/index.php/download_file/view/196/165"
}
]
}

61
2019/10xxx/CVE-2019-10866.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10866",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/form-maker/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/form-maker/#developers"
},
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2019/May/8",
"url": "http://seclists.org/fulldisclosure/2019/May/8"
}
]
}

18
2019/12xxx/CVE-2019-12308.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12308",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2019/7xxx/CVE-2019-7317.json
View File

@ -116,6 +116,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1265",
"url": "https://access.redhat.com/errata/RHSA-2019:1265"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1267",
"url": "https://access.redhat.com/errata/RHSA-2019:1267"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1269",
"url": "https://access.redhat.com/errata/RHSA-2019:1269"
}
]
}

2
2019/8xxx/CVE-2019-8339.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Sysdig through 0.24.2, as used in Falco through 0.14.0 and other products. A bypass allows local users to run malicious code without being detected because record_event_consumer in driver/main.c in sysdig-probe.ko (and falco-probe.ko) mishandles a free space calculation."
"value": "An issue was discovered in Falco through 0.14.0. A missing indicator for insufficient resources allows local users to bypass the detection engine."
}
]
},

5
2019/9xxx/CVE-2019-9797.json
View File

@ -36,6 +36,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1265",
"url": "https://access.redhat.com/errata/RHSA-2019:1265"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1267",
"url": "https://access.redhat.com/errata/RHSA-2019:1267"
}
]
},