diff --git a/2018/20xxx/CVE-2018-20862.json b/2018/20xxx/CVE-2018-20862.json new file mode 100644 index 00000000000..6b62be9eee5 --- /dev/null +++ b/2018/20xxx/CVE-2018-20862.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20863.json b/2018/20xxx/CVE-2018-20863.json new file mode 100644 index 00000000000..79a5e1d4b3c --- /dev/null +++ b/2018/20xxx/CVE-2018-20863.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20863", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20864.json b/2018/20xxx/CVE-2018-20864.json new file mode 100644 index 00000000000..12e1e0f9632 --- /dev/null +++ b/2018/20xxx/CVE-2018-20864.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20864", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20865.json b/2018/20xxx/CVE-2018-20865.json new file mode 100644 index 00000000000..076e0ae25b2 --- /dev/null +++ b/2018/20xxx/CVE-2018-20865.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20865", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20866.json b/2018/20xxx/CVE-2018-20866.json new file mode 100644 index 00000000000..4ab5542815f --- /dev/null +++ b/2018/20xxx/CVE-2018-20866.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 has Stored XSS in the WHM \"Reset a DNS Zone\" feature (SEC-461)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20868.json b/2018/20xxx/CVE-2018-20868.json new file mode 100644 index 00000000000..0233759799a --- /dev/null +++ b/2018/20xxx/CVE-2018-20868.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20868", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20869.json b/2018/20xxx/CVE-2018-20869.json new file mode 100644 index 00000000000..fe895506956 --- /dev/null +++ b/2018/20xxx/CVE-2018-20869.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20870.json b/2018/20xxx/CVE-2018-20870.json new file mode 100644 index 00000000000..3c219df8909 --- /dev/null +++ b/2018/20xxx/CVE-2018-20870.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20870", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/76+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/76+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14393.json b/2019/14xxx/CVE-2019-14393.json new file mode 100644 index 00000000000..60547005d2c --- /dev/null +++ b/2019/14xxx/CVE-2019-14393.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 80.0.5 allows local code execution in the context of a different cPanel account because of insecure cpphp execution (SEC-486)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14394.json b/2019/14xxx/CVE-2019-14394.json new file mode 100644 index 00000000000..0bc4cd205e2 --- /dev/null +++ b/2019/14xxx/CVE-2019-14394.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 80.0.5 allows unsafe file operations in the context of the root account via the fetch_ssl_certificates_for_fqdns API (SEC-489)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14395.json b/2019/14xxx/CVE-2019-14395.json new file mode 100644 index 00000000000..2345a6d7905 --- /dev/null +++ b/2019/14xxx/CVE-2019-14395.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14395", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14396.json b/2019/14xxx/CVE-2019-14396.json new file mode 100644 index 00000000000..cca7da717d8 --- /dev/null +++ b/2019/14xxx/CVE-2019-14396.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertions of log data (SEC-495)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14397.json b/2019/14xxx/CVE-2019-14397.json new file mode 100644 index 00000000000..1f3cb6b634b --- /dev/null +++ b/2019/14xxx/CVE-2019-14397.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call (SEC-496)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14398.json b/2019/14xxx/CVE-2019-14398.json new file mode 100644 index 00000000000..1dc49ab1404 --- /dev/null +++ b/2019/14xxx/CVE-2019-14398.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 80.0.5 allows demo accounts to execute arbitrary code via ajax_maketext_syntax_util.pl (SEC-498)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/80+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/80+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14399.json b/2019/14xxx/CVE-2019-14399.json new file mode 100644 index 00000000000..c57ba0d7525 --- /dev/null +++ b/2019/14xxx/CVE-2019-14399.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14399", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SSL certificate-storage feature in cPanel before 78.0.18 allows unsafe file operations in the context of the root account (SEC-477)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14400.json b/2019/14xxx/CVE-2019-14400.json new file mode 100644 index 00000000000..dba5e9eae73 --- /dev/null +++ b/2019/14xxx/CVE-2019-14400.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 allows local users to escalate to root access because of userdata cache misparsing (SEC-479)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14401.json b/2019/14xxx/CVE-2019-14401.json new file mode 100644 index 00000000000..e8592f34d99 --- /dev/null +++ b/2019/14xxx/CVE-2019-14401.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 allows code execution via an addforward API1 call (SEC-480)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14402.json b/2019/14xxx/CVE-2019-14402.json new file mode 100644 index 00000000000..c325ae43e67 --- /dev/null +++ b/2019/14xxx/CVE-2019-14402.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 unsafely determines terminal capabilities by using infocmp (SEC-481)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14403.json b/2019/14xxx/CVE-2019-14403.json new file mode 100644 index 00000000000..91bd7049e19 --- /dev/null +++ b/2019/14xxx/CVE-2019-14403.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing (SEC-483)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14404.json b/2019/14xxx/CVE-2019-14404.json new file mode 100644 index 00000000000..16d12704fd3 --- /dev/null +++ b/2019/14xxx/CVE-2019-14404.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 allows certain file-read operations in the context of the root account via the Exim virtual_user_spam router (SEC-484)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14405.json b/2019/14xxx/CVE-2019-14405.json new file mode 100644 index 00000000000..55867a4768d --- /dev/null +++ b/2019/14xxx/CVE-2019-14405.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 allows demo accounts to execute code via securitypolicy.cg (SEC-487)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14406.json b/2019/14xxx/CVE-2019-14406.json new file mode 100644 index 00000000000..b5be5d2026d --- /dev/null +++ b/2019/14xxx/CVE-2019-14406.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14406", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing (SEC-493)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14407.json b/2019/14xxx/CVE-2019-14407.json new file mode 100644 index 00000000000..5c5586e620e --- /dev/null +++ b/2019/14xxx/CVE-2019-14407.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-415)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14408.json b/2019/14xxx/CVE-2019-14408.json new file mode 100644 index 00000000000..3f97fc97aac --- /dev/null +++ b/2019/14xxx/CVE-2019-14408.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.2 allows a demo account to link with an OpenID provider (SEC-460)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14409.json b/2019/14xxx/CVE-2019-14409.json new file mode 100644 index 00000000000..0a8a9adf435 --- /dev/null +++ b/2019/14xxx/CVE-2019-14409.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.2 allows arbitrary file-read operations via Passenger adminbin (SEC-466)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14410.json b/2019/14xxx/CVE-2019-14410.json new file mode 100644 index 00000000000..fd4fbf1bef9 --- /dev/null +++ b/2019/14xxx/CVE-2019-14410.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Maketext in cPanel before 78.0.2 allows format-string injection in the Email store_filter UAPI (SEC-472)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14411.json b/2019/14xxx/CVE-2019-14411.json new file mode 100644 index 00000000000..b26b2b1c66b --- /dev/null +++ b/2019/14xxx/CVE-2019-14411.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.2 does not properly restrict demo accounts from writing to files via the DCV UAPI (SEC-473)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14412.json b/2019/14xxx/CVE-2019-14412.json new file mode 100644 index 00000000000..b4f2a6d6ad3 --- /dev/null +++ b/2019/14xxx/CVE-2019-14412.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Maketext in cPanel before 78.0.2 allows format-string injection in the DCV check_domains_via_dns UAPI (SEC-474)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14413.json b/2019/14xxx/CVE-2019-14413.json new file mode 100644 index 00000000000..b92edd99336 --- /dev/null +++ b/2019/14xxx/CVE-2019-14413.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets (SEC-476)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14414.json b/2019/14xxx/CVE-2019-14414.json new file mode 100644 index 00000000000..4aea4532f46 --- /dev/null +++ b/2019/14xxx/CVE-2019-14414.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In cPanel before 78.0.2, a Userdata cache temporary file can conflict with domains (SEC-478)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://documentation.cpanel.net/display/CL/78+Change+Log", + "url": "https://documentation.cpanel.net/display/CL/78+Change+Log" + } + ] + } +} \ No newline at end of file