admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-12-11 19:00:59 +00:00
parent d7d4f0bbc0
commit 6d46350578
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 387 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2013/3xxx/CVE-2013-3542.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3542",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account \"!#/\" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2013/Jun/84",
"url": "http://seclists.org/fulldisclosure/2013/Jun/84"
},
{
"refsource": "MISC",
"name": "https://www.youtube.com/watch?v=XkCBs4lenhI",
"url": "https://www.youtube.com/watch?v=XkCBs4lenhI"
}
]
}

53
2013/3xxx/CVE-2013-3691.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3691",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2013/Jun/84",
"url": "http://seclists.org/fulldisclosure/2013/Jun/84"
},
{
"refsource": "MISC",
"name": "https://www.youtube.com/watch?v=2UCAHSVqfuE",
"url": "https://www.youtube.com/watch?v=2UCAHSVqfuE"
}
]
}

76
2013/4xxx/CVE-2013-4303.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4303",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,77 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of \".\" (period) characters in a string, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the siprop parameter in a query action to wiki/api.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Wikimedia Foundation",
"product": {
"product_data": [
{
"product_name": "MediaWiki",
"version": {
"version_data": [
{
"version_value": "1.19.x before 1.19.8"
},
{
"version_value": "1.20.x before 1.20.7"
},
{
"version_value": "and 1.21.x before 1.21.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-September/000133.html",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-September/000133.html"
},
{
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q3/553",
"url": "http://seclists.org/oss-sec/2013/q3/553"
},
{
"refsource": "MISC",
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=52746",
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=52746"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62194",
"url": "http://www.securityfocus.com/bid/62194"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86897",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86897"
}
]
}

63
2013/5xxx/CVE-2013-5743.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5743",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://admin.fedoraproject.org/updates/zabbix-1.8.18-1.el6",
"url": "https://admin.fedoraproject.org/updates/zabbix-1.8.18-1.el6"
},
{
"refsource": "CONFIRM",
"name": "https://admin.fedoraproject.org/updates/zabbix20-2.0.8-3.el6",
"url": "https://admin.fedoraproject.org/updates/zabbix20-2.0.8-3.el6"
},
{
"refsource": "CONFIRM",
"name": "https://admin.fedoraproject.org/updates/zabbix20-2.0.9-1.el5",
"url": "https://admin.fedoraproject.org/updates/zabbix20-2.0.9-1.el5"
},
{
"refsource": "CONFIRM",
"name": "https://support.zabbix.com/browse/ZBX-7091",
"url": "https://support.zabbix.com/browse/ZBX-7091"
}
]
}

78
2013/5xxx/CVE-2013-5978.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5978",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,81 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php. NOTE: This issue may only cross privilege boundaries if used in combination with CVE-2013-5977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/123587/WordPress-Cart66-1.5.1.14-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/123587/WordPress-Cart66-1.5.1.14-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0048.html",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0048.html"
},
{
"refsource": "MISC",
"name": "http://seclists.org/bugtraq/2013/Oct/52",
"url": "http://seclists.org/bugtraq/2013/Oct/52"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/28959",
"url": "http://www.exploit-db.com/exploits/28959"
},
{
"refsource": "MISC",
"name": "http://wordpress.org/plugins/cart66-lite/changelog",
"url": "http://wordpress.org/plugins/cart66-lite/changelog"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62977",
"url": "http://www.securityfocus.com/bid/62977"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87873",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87873"
}
]
}

55
2014/7xxx/CVE-2014-7257.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7257",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in DBD::PgPP 0.05 and earlier"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "DBD::PgPP",
"product": {
"product_data": [
{
"product_name": "DBD::PgPP",
"version": {
"version_data": [
{
"version_value": "0.05 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN70490316/index.html",
"url": "http://jvn.jp/en/jp/JVN70490316/index.html"
},
{
"refsource": "MISC",
"name": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000142.html",
"url": "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000142.html"
}
]
}

5
2019/19xxx/CVE-2019-19687.json
View File

@ -76,6 +76,11 @@
"refsource": "CONFIRM",
"name": "https://security.openstack.org/ossa/OSSA-2019-006.html",
"url": "https://security.openstack.org/ossa/OSSA-2019-006.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191211 [OSSA-2019-006] Keystone: Credentials API allows listing and retrieving of all users credentials (CVE-2019-19687)",
"url": "http://www.openwall.com/lists/oss-security/2019/12/11/8"
}
]
}

18
2019/19xxx/CVE-2019-19726.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19726",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}