admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'cna/jpcert/20190312' of https://github.com/ikuya/cvelist into ikuya-cna/jpcert/20190312

Browse Source
This commit is contained in:
CVE Team 2019-03-12 16:43:25 -04:00
commit 7289e5e5ab
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 543 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2019/5xxx/CVE-2019-5917.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5917",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5917",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "azure-umqtt-c",
"version": {
"version_data": [
{
"version_value": "azure-umqtt-c that was available through GitHub prior to 2017 October 6."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Azure/azure-umqtt-c"
},
{
"url": "http://jvn.jp/en/jp/JVN05875753/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors."
}
]
}

66
2019/5xxx/CVE-2019-5918.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5918",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5918",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "TIS Inc.",
"product": {
"product_data": [
{
"product_name": "Nablarch 5",
"version": {
"version_data": [
{
"version_value": "Nablarch 5, and 5u1 to 5u13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML external entities (XXE)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nablarch.atlassian.net/projects/NAB/issues/NAB-295"
},
{
"url": "http://jvn.jp/en/jp/JVN56542712/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors."
}
]
}

66
2019/5xxx/CVE-2019-5919.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5919",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5919",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "TIS Inc.",
"product": {
"product_data": [
{
"product_name": "Nablarch 5",
"version": {
"version_data": [
{
"version_value": "Nablarch 5, and 5u1 to 5u13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An incomplete cryptography"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nablarch.atlassian.net/browse/NAB-313"
},
{
"url": "http://jvn.jp/en/jp/JVN56542712/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors."
}
]
}

66
2019/5xxx/CVE-2019-5920.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5920",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5920",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "nCrafts",
"product": {
"product_data": [
{
"product_name": "FormCraft",
"version": {
"version_data": [
{
"version_value": "1.2.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/formcraft-form-builder/#developers"
},
{
"url": "http://jvn.jp/en/jp/JVN83501605/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
}

66
2019/5xxx/CVE-2019-5921.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5921",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5921",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Windows 7",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/"
},
{
"url": "http://jvn.jp/en/jp/JVN69181574/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}

66
2019/5xxx/CVE-2019-5922.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5922",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5922",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "The installer of Microsoft Teams",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/"
},
{
"url": "http://jvn.jp/en/jp/JVN79543573/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
}

66
2019/5xxx/CVE-2019-5923.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5923",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5923",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "iChain, Inc.",
"product": {
"product_data": [
{
"product_name": "iChain Insurance Wallet App for iOS",
"version": {
"version_data": [
{
"version_value": "Version 1.3.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ichain.co.jp/security20190311.html"
},
{
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
}

66
2019/5xxx/CVE-2019-5924.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5924",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5924",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "RedNao",
"product": {
"product_data": [
{
"product_name": "Smart Forms",
"version": {
"version_data": [
{
"version_value": "2.6.15 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/smart-forms/#developers"
},
{
"url": "http://jvn.jp/jp/JVN97656108/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page."
}
]
}

66
2019/5xxx/CVE-2019-5925.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5925",
"STATE" : "RESERVED"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5925",
"ASSIGNER": "vultures@jpcert.or.jp"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Security Roots Ltd",
"product": {
"product_data": [
{
"product_name": "Dradis Community Edition and Dradis Professional Edition",
"version": {
"version_data": [
{
"version_value": "Dradis Community Edition v3.11 and earlier, Dradis Professional Edition v3.1.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://dradisframework.com/ce/security_reports.html#fixed-3.11.1"
},
{
"url": "http://jvn.jp/en/jp/JVN40288903/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Dradis Community Edition Dradis Community Edition v3.11 and earlier and Dradis Professional Edition v3.1.1 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
}