admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-27 17:00:45 +00:00
parent 812d72fcdd
commit 8cdeae38b6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
21 changed files with 702 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2016/6xxx/CVE-2016-6827.json
View File

@ -61,11 +61,6 @@
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-en"
},
{
"refsource": "CONFIRM",
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-EN",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-EN"
}
]
}

76
2017/18xxx/CVE-2017-18364.json Normal file
View File

@ -0,0 +1,76 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.netsparker.com/web-applications-advisories/ns-17-030-multiple-reflected-xss-vulnerabilities-in-phpfkl-lite/",
"refsource": "MISC",
"name": "https://www.netsparker.com/web-applications-advisories/ns-17-030-multiple-reflected-xss-vulnerabilities-in-phpfkl-lite/"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:R",
"version": "3.0"
}
}
}

76
2017/2xxx/CVE-2017-2748.json
View File

@ -1,17 +1,79 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2748",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-2748",
"ASSIGNER": "hp-security-alert@hp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Isaac Mizrahi",
"product": {
"product_data": [
{
"product_name": "Isaac Mizrahi Smartwatch Mobile App",
"version": {
"version_data": [
{
"version_value": "Isaac Mizrahi iOS app versions 1.0.2.10"
},
{
"version_value": "1.2.2.12"
},
{
"version_value": "1.3.7"
},
{
"version_value": "and 1.4.8. Isaac Mizrahi Android app versions 1.0.201601214"
},
{
"version_value": "1.2.2016040820"
},
{
"version_value": "1.3.2016052319"
},
{
"version_value": "1.4.2016072601"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure HTTP during login."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.hp.com/us-en/document/c05976868",
"url": "https://support.hp.com/us-en/document/c05976868"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue."
}
]
}

67
2017/2xxx/CVE-2017-2752.json
View File

@ -1,17 +1,70 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-2752",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-2752",
"ASSIGNER": "hp-security-alert@hp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tommy Hilfiger",
"product": {
"product_data": [
{
"product_name": "Tommy Hilfiger TH24/7 Android app",
"version": {
"version_data": [
{
"version_value": "Tommy Hilfiger TH24/7 Android app versions 2.0.0.11"
},
{
"version_value": "2.0.1.14"
},
{
"version_value": "2.1.0.16"
},
{
"version_value": "and 2.2.0.19."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information exposure of application configuration"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.hp.com/us-en/document/c05904705",
"url": "https://support.hp.com/us-en/document/c05904705"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue."
}
]
}

5
2017/9xxx/CVE-2017-9233.json
View File

@ -101,6 +101,11 @@
"name": "[oss-security] 20170618 Expat 2.2.1 security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/06/17/7"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K03244804",
"url": "https://support.f5.com/csp/article/K03244804"
}
]
}

58
2018/19xxx/CVE-2018-19466.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19466",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/portainer/portainer/pull/2488",
"refsource": "MISC",
"name": "https://github.com/portainer/portainer/pull/2488"
},
{
"refsource": "MISC",
"name": "https://github.com/portainer/portainer/releases",
"url": "https://github.com/portainer/portainer/releases"
},
{
"refsource": "MISC",
"name": "https://github.com/MauroEldritch/lempo",
"url": "https://github.com/MauroEldritch/lempo"
}
]
}

100
2018/19xxx/CVE-2018-19641.json
View File

@ -1,18 +1,104 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19641",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.5"
},
"CVE_data_meta": {
"ID": "CVE-2018-19641",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
"TITLE": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [],
"advisory": "",
"discovery": "EXTERNAL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Micro Focus",
"product": {
"product_data": [
{
"product_name": "Solutions Business Manager (SBM)",
"version": {
"version_data": [
{
"version_value": "< 11.5"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
"name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.0",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
}
},
"exploit": [],
"work_around": [],
"solution": [
{
"lang": "eng",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"credit": [
{
"lang": "eng",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE. \n\n"
}
]
}

86
2018/19xxx/CVE-2018-19642.json
View File

@ -1,9 +1,40 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
"ID": "CVE-2018-19642",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Micro Focus",
"product": {
"product_data": [
{
"product_name": "Solutions Business Manager (SBM)",
"version": {
"version_data": [
{
"version_value": "< 11.5"
}
]
}
}
]
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE. \n\n"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
@ -11,8 +42,57 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.5"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
"refsource": "CONFIRM",
"url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
}
],
"source": {
"discovery": "EXTERNAL"
}
}

5
2018/1xxx/CVE-2018-1060.json
View File

@ -135,6 +135,11 @@
"name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-6e1938a3c5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"
}
]
}

5
2018/1xxx/CVE-2018-1061.json
View File

@ -135,6 +135,11 @@
"name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-6e1938a3c5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"
}
]
}

5
2018/20xxx/CVE-2018-20406.json
View File

@ -66,6 +66,11 @@
"name": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd",
"refsource": "MISC",
"url": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-6e1938a3c5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"
}
]
}

67
2019/10xxx/CVE-2019-10231.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/glpi-project/glpi/pull/5520",
"refsource": "MISC",
"name": "https://github.com/glpi-project/glpi/pull/5520"
},
{
"url": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1",
"refsource": "MISC",
"name": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1"
}
]
}
}

62
2019/10xxx/CVE-2019-10232.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teclib GLPI through 9.3.3 has SQL injection via the \"cycle\" parameter in /scripts/unlock_tasks.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c",
"refsource": "MISC",
"name": "https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c"
}
]
}
}

67
2019/10xxx/CVE-2019-10233.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1",
"refsource": "MISC",
"name": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1"
},
{
"url": "https://github.com/glpi-project/glpi/pull/5562",
"refsource": "MISC",
"name": "https://github.com/glpi-project/glpi/pull/5562"
}
]
}
}

18
2019/10xxx/CVE-2019-10234.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10234",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2019/3xxx/CVE-2019-3871.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-b85d4171d4",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-9993d32c48",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/"
}
]
},

5
2019/9xxx/CVE-2019-9636.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-243442e600",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-6e1938a3c5",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"
}
]
}

5
2019/9xxx/CVE-2019-9894.json
View File

@ -56,6 +56,11 @@
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"refsource": "MISC",
"name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-5776dfe300",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"
}
]
}

5
2019/9xxx/CVE-2019-9895.json
View File

@ -56,6 +56,11 @@
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"refsource": "MISC",
"name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-5776dfe300",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"
}
]
}

5
2019/9xxx/CVE-2019-9897.json
View File

@ -56,6 +56,11 @@
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"refsource": "MISC",
"name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-5776dfe300",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"
}
]
}

5
2019/9xxx/CVE-2019-9898.json
View File

@ -61,6 +61,11 @@
"refsource": "BID",
"name": "107523",
"url": "http://www.securityfocus.com/bid/107523"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-5776dfe300",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"
}
]
}