From 7d0e9852eb848f74e219cdfe2cc7dbf04232e527 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 30 Sep 2019 13:00:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/18xxx/CVE-2017-18636.json | 62 +++++++++++++++++++++++++++++ 2018/11xxx/CVE-2018-11771.json | 10 +++++ 2019/14xxx/CVE-2019-14752.json | 62 +++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16414.json | 72 ++++++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16743.json | 67 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16744.json | 67 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16745.json | 67 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16994.json | 67 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16995.json | 72 ++++++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16996.json | 62 +++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16997.json | 62 +++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16999.json | 62 +++++++++++++++++++++++++++++ 12 files changed, 732 insertions(+) create mode 100644 2017/18xxx/CVE-2017-18636.json create mode 100644 2019/14xxx/CVE-2019-14752.json create mode 100644 2019/16xxx/CVE-2019-16414.json create mode 100644 2019/16xxx/CVE-2019-16743.json create mode 100644 2019/16xxx/CVE-2019-16744.json create mode 100644 2019/16xxx/CVE-2019-16745.json create mode 100644 2019/16xxx/CVE-2019-16994.json create mode 100644 2019/16xxx/CVE-2019-16995.json create mode 100644 2019/16xxx/CVE-2019-16996.json create mode 100644 2019/16xxx/CVE-2019-16997.json create mode 100644 2019/16xxx/CVE-2019-16999.json diff --git a/2017/18xxx/CVE-2017-18636.json b/2017/18xxx/CVE-2017-18636.json new file mode 100644 index 00000000000..e7976e08807 --- /dev/null +++ b/2017/18xxx/CVE-2017-18636.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CDG through 2017-01-01 allows downloadDocument.jsp?command=download&pathAndName= directory traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.warmeng.com/2017/01/01/CDG-filedown/", + "refsource": "MISC", + "name": "http://www.warmeng.com/2017/01/01/CDG-filedown/" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11771.json b/2018/11xxx/CVE-2018-11771.json index d97aa6e899f..6392afa6f4c 100644 --- a/2018/11xxx/CVE-2018-11771.json +++ b/2018/11xxx/CVE-2018-11771.json @@ -122,6 +122,16 @@ "refsource": "MLIST", "name": "[tinkerpop-dev] 20190924 [GitHub] [tinkerpop] justinchuch commented on issue #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771", "url": "https://lists.apache.org/thread.html/eeecc1669242b28a3777ae13c68b376b0148d589d3d8170340d61120@%3Cdev.tinkerpop.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tinkerpop-dev] 20190930 [GitHub] [tinkerpop] spmallette closed pull request #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771", + "url": "https://lists.apache.org/thread.html/0adb631517766e793e18a59723e2df08ced41eb9a57478f14781c9f7@%3Cdev.tinkerpop.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tinkerpop-commits] 20190930 [GitHub] [tinkerpop] spmallette merged pull request #1199: Upgrade commons-compress to version 1.19 due to CVE-2018-11771", + "url": "https://lists.apache.org/thread.html/3565494c263dfeb4dcb2a71cb24d09a1ca285cd6ac74edc025a3af8a@%3Ccommits.tinkerpop.apache.org%3E" } ] } diff --git a/2019/14xxx/CVE-2019-14752.json b/2019/14xxx/CVE-2019-14752.json new file mode 100644 index 00000000000..d23ea67f30d --- /dev/null +++ b/2019/14xxx/CVE-2019-14752.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14752", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SuiteCRM 7.10.x and 7.11.x has XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_8", + "url": "https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_8" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16414.json b/2019/16xxx/CVE-2019-16414.json new file mode 100644 index 00000000000..6df9c10be7c --- /dev/null +++ b/2019/16xxx/CVE-2019-16414.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://twitter.com/haxel0rd/status/1174279811751174144", + "url": "https://twitter.com/haxel0rd/status/1174279811751174144" + }, + { + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2019/Sep/35", + "url": "http://seclists.org/fulldisclosure/2019/Sep/35" + }, + { + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=ZqqR89vzZ_I", + "url": "https://www.youtube.com/watch?v=ZqqR89vzZ_I" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16743.json b/2019/16xxx/CVE-2019-16743.json new file mode 100644 index 00000000000..61b6337d274 --- /dev/null +++ b/2019/16xxx/CVE-2019-16743.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "eBrigade before 5.0 has evenement_ical.php evenement SQL Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/ebrigade/files/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/ebrigade/files/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html", + "url": "http://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16744.json b/2019/16xxx/CVE-2019-16744.json new file mode 100644 index 00000000000..c3c13bae7f2 --- /dev/null +++ b/2019/16xxx/CVE-2019-16744.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16744", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "eBrigade before 5.0 has evenements.php cid SQL Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/ebrigade/files/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/ebrigade/files/" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html", + "url": "https://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16745.json b/2019/16xxx/CVE-2019-16745.json new file mode 100644 index 00000000000..23fdd4362af --- /dev/null +++ b/2019/16xxx/CVE-2019-16745.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16745", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceforge.net/projects/ebrigade/files/", + "refsource": "MISC", + "name": "https://sourceforge.net/projects/ebrigade/files/" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html", + "url": "https://packetstormsecurity.com/files/154624/eBrigade-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16994.json b/2019/16xxx/CVE-2019-16994.json new file mode 100644 index 00000000000..07d94abdbcb --- /dev/null +++ b/2019/16xxx/CVE-2019-16994.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/07f12b26e21ab359261bf75cfcb424fdc7daeb6d", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/07f12b26e21ab359261bf75cfcb424fdc7daeb6d" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07f12b26e21ab359261bf75cfcb424fdc7daeb6d", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=07f12b26e21ab359261bf75cfcb424fdc7daeb6d" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16995.json b/2019/16xxx/CVE-2019-16995.json new file mode 100644 index 00000000000..49acfb03e42 --- /dev/null +++ b/2019/16xxx/CVE-2019-16995.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16995", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/6caabe7f197d3466d238f70915d65301f1716626", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/6caabe7f197d3466d238f70915d65301f1716626" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6caabe7f197d3466d238f70915d65301f1716626", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6caabe7f197d3466d238f70915d65301f1716626" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.3", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.3" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16996.json b/2019/16xxx/CVE-2019-16996.json new file mode 100644 index 00000000000..a21c807a018 --- /dev/null +++ b/2019/16xxx/CVE-2019-16996.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/1", + "refsource": "MISC", + "name": "https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16997.json b/2019/16xxx/CVE-2019-16997.json new file mode 100644 index 00000000000..f8aff5c8709 --- /dev/null +++ b/2019/16xxx/CVE-2019-16997.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2", + "refsource": "MISC", + "name": "https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16999.json b/2019/16xxx/CVE-2019-16999.json new file mode 100644 index 00000000000..fd222e76777 --- /dev/null +++ b/2019/16xxx/CVE-2019-16999.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16999", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the api/osinstall/v1/device/getNumByStatus URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/idcos/Cloudboot/issues/22", + "refsource": "MISC", + "name": "https://github.com/idcos/Cloudboot/issues/22" + } + ] + } +} \ No newline at end of file