admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-28 22:00:45 +00:00
parent 8c2c04502c
commit 6c00bfe139
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
18 changed files with 353 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/17xxx/CVE-2018-17057.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152200/TCPDF-6.2.19-Deserialization-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152200/TCPDF-6.2.19-Deserialization-Remote-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "https://github.com/LimeSurvey/LimeSurvey/commit/1cdd78d27697b3150bb44aaa7af1a81062a591a5",
"url": "https://github.com/LimeSurvey/LimeSurvey/commit/1cdd78d27697b3150bb44aaa7af1a81062a591a5"
}
]
}

66
2019/0xxx/CVE-2019-0212.json
View File

@ -1,17 +1,69 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0212",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0212",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache HBase",
"version": {
"version_data": [
{
"version_value": "Apache HBase 2.0.0-2.0.4"
},
{
"version_value": "2.1.0-2.1.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190327 [CVE-2019-0212] Apache HBase REST Server incorrect user authorization",
"url": "http://www.openwall.com/lists/oss-security/2019/03/27/3"
},
{
"refsource": "CONFIRM",
"name": "https://lists.apache.org/thread.html/66535e15007cda8f9308eec10e12ffe349e0b8b55e56ec6ee02b71d2@%3Cdev.hbase.apache.org%3E",
"url": "https://lists.apache.org/thread.html/66535e15007cda8f9308eec10e12ffe349e0b8b55e56ec6ee02b71d2@%3Cdev.hbase.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Requests sent to the HBase REST server were executed with the permissions of the REST server itself, not with the permissions of the end-user. This issue is only relevant when HBase is configured with Kerberos authentication, HBase authorization is enabled, and the REST server is configured with SPNEGO authentication. This issue does not extend beyond the HBase REST server."
}
]
}

98
2019/0xxx/CVE-2019-0222.json
View File

@ -1,17 +1,101 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0222",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0222",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache ActiveMQ",
"version": {
"version_data": [
{
"version_value": "Apache ActiveMQ 5.0.0 - 5.15.8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories",
"url": "https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-users] 20190327 CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown",
"url": "https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-commits] 20190327 svn commit: r1042603 - /websites/production/activemq/content/security-advisories.data/CVE-2019-0222-announcement.txt",
"url": "https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-dev] 20190327 CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown",
"url": "https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190327 [ANNOUNCE] CVE-2019-0222 - Apache ActiveMQ: Corrupt MQTT frame can cause broker shutdown",
"url": "http://www.openwall.com/lists/oss-security/2019/03/27/2"
},
{
"refsource": "MLIST",
"name": "[activemq-dev] 20190327 Re: Website",
"url": "https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/",
"url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-dev] 20190328 Re: Website",
"url": "https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive."
}
]
}

5
2019/0xxx/CVE-2019-0224.json
View File

@ -44,6 +44,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[jspwiki-dev] 20190326 [CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability",
"url": "https://lists.apache.org/thread.html/b4b4992a93d899050c1117a07c3c7fc9a175ec0672ab97065228de67@%3Cdev.jspwiki.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0224",

78
2019/0xxx/CVE-2019-0225.json
View File

@ -1,17 +1,81 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0225",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0225",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache JSPWiki",
"version": {
"version_data": [
{
"version_value": "Apache JSPWiki 2.9.0 to 2.11.0.M2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[jspwiki-user] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure",
"url": "https://lists.apache.org/thread.html/4f19fdbd8b9c4caf6137a459d723f4ec60379b033ed69277eb4e0af9@%3Cuser.jspwiki.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jspwiki-dev] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure",
"url": "https://lists.apache.org/thread.html/6251c06cb11e0b495066be73856592dbd7ed712487ef283d10972831@%3Cdev.jspwiki.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure",
"url": "http://www.openwall.com/lists/oss-security/2019/03/26/2"
},
{
"refsource": "MLIST",
"name": "[announce] 20190326 [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure",
"url": "https://lists.apache.org/thread.html/03ddbcb1d6322e04734e65805a147a32bcfdb71b8fc5821fb046ba8d@%3Cannounce.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225",
"url": "https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtain registered users' details."
}
]
}

62
2019/10xxx/CVE-2019-10262.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_id is spliced directly in uploads/admin/ad.php in the admin folder, and is not wrapped in single quotes, resulting in injection around the escape of magic quotes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/8test/pentest/issues/2",
"refsource": "MISC",
"name": "https://github.com/8test/pentest/issues/2"
}
]
}
}

5
2019/1xxx/CVE-2019-1559.json
View File

@ -121,6 +121,11 @@
"refsource": "CONFIRM",
"name": "https://www.tenable.com/security/tns-2019-02",
"url": "https://www.tenable.com/security/tns-2019-02"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1076",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"
}
]
}

5
2019/3xxx/CVE-2019-3855.json
View File

@ -106,6 +106,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0679",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3856.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0679",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3857.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0679",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3858.json
View File

@ -93,6 +93,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3859.json
View File

@ -93,6 +93,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3860.json
View File

@ -63,6 +63,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3861.json
View File

@ -63,6 +63,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3862.json
View File

@ -93,6 +93,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/3xxx/CVE-2019-3863.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0679",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
}
]
},

5
2019/5xxx/CVE-2019-5737.json
View File

@ -57,6 +57,11 @@
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1076",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"
}
]
},

5
2019/5xxx/CVE-2019-5739.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1076",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"
}
]
},