admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-25 22:00:44 +00:00
parent ec254db6be
commit 716af4e679
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 546 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
2017/7xxx/CVE-2017-7342.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7342",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2017-7342",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Fortinet, Inc.",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiPortal",
"version": {
"version_data": [
{
"version_value": "FortiPortal versions 4.0.0 and below"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/psirt/FG-IR-17-114",
"url": "https://fortiguard.com/psirt/FG-IR-17-114"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button"
}
]
}

5
2018/14xxx/CVE-2018-14522.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/aubio/aubio/issues/188",
"refsource": "MISC",
"url": "https://github.com/aubio/aubio/issues/188"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1049",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00031.html"
}
]
}

5
2018/14xxx/CVE-2018-14523.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/aubio/aubio/issues/189",
"refsource": "MISC",
"url": "https://github.com/aubio/aubio/issues/189"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1049",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00031.html"
}
]
}

7
2018/19xxx/CVE-2018-19859.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "OpenRefine before 3.5 allows directory traversal via a relative pathname in a ZIP archive."
"value": "OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive."
}
]
},
@ -56,6 +56,11 @@
"name": "https://github.com/OpenRefine/OpenRefine/issues/1840",
"refsource": "MISC",
"url": "https://github.com/OpenRefine/OpenRefine/issues/1840"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/OpenRefine/OpenRefine/pull/1901",
"url": "https://github.com/OpenRefine/OpenRefine/pull/1901"
}
]
}

62
2019/0xxx/CVE-2019-0204.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0204",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,63 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain root-level code execution on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Mesos",
"version": {
"version_data": [
{
"version_value": "pre-1.4.x"
},
{
"version_value": "1.4.0 to 1.4.2"
},
{
"version_value": "1.5.0 to 1.5.2"
},
{
"version_value": "1.6.0 to 1.6.1"
},
{
"version_value": "1.7.0 to 1.7.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[mesos-dev] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.",
"url": "https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c@%3Cdev.mesos.apache.org%3E"
}
]
}

387
2019/6xxx/CVE-2019-6538.json
View File

@ -1,17 +1,384 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6538",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-6538",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "MyCareLink Monitor versions 24950 and 24952"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "CareLink Monitor version 2490C"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "CareLink 2090 Programmer"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Amplia CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Claria CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Compia CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Concerto CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Concerto II CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Consulta CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Evera ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Maximo II CRT-D and ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Mirro ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Nayamed ND ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Primo ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Protecta ICD and CRT-D"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Secura ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Virtuoso ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Virtuoso II ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Visia AF ICD"
}
]
}
}
]
}
},
{
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "Viva CRT-D"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device."
}
]
}

48
2019/7xxx/CVE-2019-7642.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7642",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/xw77cve/CVE-2019-7642/blob/master/README.md",
"refsource": "MISC",
"name": "https://github.com/xw77cve/CVE-2019-7642/blob/master/README.md"
}
]
}