admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-10-09 12:01:23 +00:00
parent eb685eeb6a
commit 8d1e8417a6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 355 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
2019/13xxx/CVE-2019-13051.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pi-Hole 4.3 allows Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pi-hole.net/blog/",
"refsource": "MISC",
"name": "https://pi-hole.net/blog/"
},
{
"url": "https://github.com/pi-hole/pi-hole/commits/master",
"refsource": "MISC",
"name": "https://github.com/pi-hole/pi-hole/commits/master"
},
{
"refsource": "MISC",
"name": "https://pi-hole.net/2019/09/21/pi-hole-4-3-2-release-notes/",
"url": "https://pi-hole.net/2019/09/21/pi-hole-4-3-2-release-notes/"
},
{
"refsource": "MISC",
"name": "https://github.com/pi-hole/AdminLTE/pull/974",
"url": "https://github.com/pi-hole/AdminLTE/pull/974"
}
]
}
}

72
2019/15xxx/CVE-2019-15719.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.pbspro.org/",
"refsource": "MISC",
"name": "https://www.pbspro.org/"
},
{
"url": "https://www.hpcsec.com",
"refsource": "MISC",
"name": "https://www.hpcsec.com"
},
{
"refsource": "MISC",
"name": "https://www.hpcsec.com/2019/10/08/cve-2019-15719/",
"url": "https://www.hpcsec.com/2019/10/08/cve-2019-15719/"
}
]
}
}

77
2019/17xxx/CVE-2019-17353.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf",
"refsource": "MISC",
"name": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf"
},
{
"url": "https://us.dlink.com/en/security-advisory",
"refsource": "MISC",
"name": "https://us.dlink.com/en/security-advisory"
},
{
"url": "https://www.dlink.com/en/security-bulletin",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin"
},
{
"refsource": "MISC",
"name": "https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353",
"url": "https://github.com/d0x0/D-Link-DIR-615/blob/master/CVE-2019-17353"
}
]
}
}

67
2019/17xxx/CVE-2019-17354.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17354",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C0 can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify data fields of the page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.zyxel.com/us/en/",
"refsource": "MISC",
"name": "https://www.zyxel.com/us/en/"
},
{
"refsource": "MISC",
"name": "https://github.com/d0x0/Zyxel-NBG-418N-v2/blob/master/CVE-2019-17354",
"url": "https://github.com/d0x0/Zyxel-NBG-418N-v2/blob/master/CVE-2019-17354"
}
]
}
}

62
2019/17xxx/CVE-2019-17370.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks \"into outfile\" in a SELECT statement, but does not block the \"into/**/outfile\" manipulation. Therefore, the attacker can create a .php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Gitaddy/vluns/blob/master/Otcms-getshell.md",
"refsource": "MISC",
"name": "https://github.com/Gitaddy/vluns/blob/master/Otcms-getshell.md"
}
]
}
}