admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-30 15:00:53 +00:00
parent 312110e609
commit 7cabfe343e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 294 additions and 234 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
2014/10xxx/CVE-2014-10060.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10060",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-10060",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2014. Notes: none."
}
]
}

14
2014/10xxx/CVE-2014-10061.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-10061",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-10061",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2014. Notes: none."
}
]
}

14
2014/9xxx/CVE-2014-9982.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9982",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-9982",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2014. Notes: none."
}
]
}

14
2014/9xxx/CVE-2014-9992.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9992",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-9992",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2014. Notes: none."
}
]
}

5
2019/1010xxx/CVE-2019-1010124.json
View File

@ -61,6 +61,11 @@
"url": "https://www.youtube.com/watch?v=T-sqQDFRRBg",
"refsource": "MISC",
"name": "https://www.youtube.com/watch?v=T-sqQDFRRBg"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9856",
"url": "https://wpvulndb.com/vulnerabilities/9856"
}
]
}

67
2019/15xxx/CVE-2019-15026.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/memcached/memcached/wiki/ReleaseNotes1517",
"url": "https://github.com/memcached/memcached/wiki/ReleaseNotes1517"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/memcached/memcached/commit/554b56687a19300a75ec24184746b5512580c819",
"url": "https://github.com/memcached/memcached/commit/554b56687a19300a75ec24184746b5512580c819"
}
]
}
}

200
2019/2xxx/CVE-2019-2389.json
View File

@ -1,106 +1,100 @@
{
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"ID": "CVE-2019-2389",
"STATE": "PUBLIC",
"TITLE": "Process termination via PID file manipulation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MongoDB Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.0",
"version_value": "4.0.11"
},
{
"version_affected": "<",
"version_name": "v3.6",
"version_value": "3.6.14"
},
{
"version_affected": "<",
"version_name": "v3.4",
"version_value": "3.4.22"
}
]
}
}
]
},
"vendor_name": "MongoDB Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Sicheng Liu of Beijing DBSEC Technology Co., Ltd"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.11; v3.6 versions prior to 3.6.14; v3.4 versions prior to 3.4.22."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"ID": "CVE-2019-2389",
"STATE": "PUBLIC",
"TITLE": "Process termination via PID file manipulation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
"product_name": "MongoDB Server",
"version": {
"version_data": [
{
"version_value": "4.0 prior to 4.0.11"
},
{
"version_value": "3.6 prior to 3.6.14"
},
{
"version_value": "3.4 prior to 3.4.22"
}
]
}
}
]
}
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-40563",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-40563"
}
]
},
"source": {
"defect": [
"SECURITY-567"
],
"discovery": "EXTERNAL"
}
}
},
"credit": [
{
"lang": "eng",
"value": "Sicheng Liu of Beijing DBSEC Technology Co., Ltd"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.11; v3.6 versions prior to 3.6.14; v3.4 versions prior to 3.4.22."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-40563",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-40563"
}
]
},
"source": {
"defect": [
"SECURITY-567"
],
"discovery": "EXTERNAL"
}
}

200
2019/2xxx/CVE-2019-2390.json
View File

@ -1,106 +1,100 @@
{
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"ID": "CVE-2019-2390",
"STATE": "PUBLIC",
"TITLE": "Code execution on Windows via OpenSSL engine injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MongoDB Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v4.0",
"version_value": "4.0.11"
},
{
"version_affected": "<",
"version_name": "v3.6",
"version_value": "3.6.14"
},
{
"version_affected": "<",
"version_name": "v3.4",
"version_value": "3.4.22"
}
]
}
}
]
},
"vendor_name": "MongoDB Inc."
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rich Mirch"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utility."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')"
}
"CVE_data_meta": {
"ASSIGNER": "cna@mongodb.com",
"ID": "CVE-2019-2390",
"STATE": "PUBLIC",
"TITLE": "Code execution on Windows via OpenSSL engine injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MongoDB Inc.",
"product": {
"product_data": [
{
"product_name": "MongoDB Server",
"version": {
"version_data": [
{
"version_value": "4.0 prior to 4.0.11"
},
{
"version_value": "3.6 prior to 3.6.14"
},
{
"version_value": "3.4 prior to 3.4.22"
}
]
}
}
]
}
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-42233",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-42233"
}
]
},
"source": {
"defect": [
"SECURITY-588"
],
"discovery": "EXTERNAL"
}
}
},
"credit": [
{
"lang": "eng",
"value": "Rich Mirch"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utility."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jira.mongodb.org/browse/SERVER-42233",
"refsource": "CONFIRM",
"url": "https://jira.mongodb.org/browse/SERVER-42233"
}
]
},
"source": {
"defect": [
"SECURITY-588"
],
"discovery": "EXTERNAL"
}
}