admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-12-19 22:01:00 +00:00
parent 4511955561
commit 9d83f0e543
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
17 changed files with 151 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/0xxx/CVE-2019-0201.json
View File

@ -121,6 +121,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3892",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},

5
2019/10xxx/CVE-2019-10173.json
View File

@ -58,6 +58,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3892",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},

5
2019/12xxx/CVE-2019-12384.json
View File

@ -251,6 +251,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3901",
"url": "https://access.redhat.com/errata/RHSA-2019:3901"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
}

9
2019/13xxx/CVE-2019-13942.json
View File

@ -92,10 +92,15 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-418979.pdf"
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-344-07",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-07"
}
]
}

2
2019/16xxx/CVE-2019-16386.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account."
"value": "** DISPUTED ** PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random_harness_id request to get database schema information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect."
}
]
},

2
2019/16xxx/CVE-2019-16387.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. (This can perform actions and retrieve data that only an administrator should have access to.)"
"value": "** DISPUTED ** PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. (This can perform actions and retrieve data that only an administrator should have access to.) NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect."
}
]
},

2
2019/16xxx/CVE-2019-16388.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account."
"value": "** DISPUTED ** PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/!STANDARD?pyStream=MyAlerts request to get Audit Log information while using a low-privilege account. NOTE: The vendor states that this vulnerability was discovered using an administrator account and they are normal administrator functions. Therefore, the claim that the CVE was done with a low privilege account is incorrect."
}
]
},

5
2019/18xxx/CVE-2019-18397.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-7075bc4ff8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4326",
"url": "https://access.redhat.com/errata/RHSA-2019:4326"
}
]
}

5
2019/19xxx/CVE-2019-19649.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://www.manageengine.com/products/applications_manager/release-notes.html",
"url": "https://www.manageengine.com/products/applications_manager/release-notes.html"
},
{
"refsource": "MISC",
"name": "https://gitlab.com/eLeN3Re/CVE-2019-19649",
"url": "https://gitlab.com/eLeN3Re/CVE-2019-19649"
}
]
}

5
2019/19xxx/CVE-2019-19650.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://www.manageengine.com/products/applications_manager/release-notes.html",
"url": "https://www.manageengine.com/products/applications_manager/release-notes.html"
},
{
"refsource": "MISC",
"name": "https://gitlab.com/eLeN3Re/CVE-2019-19650",
"url": "https://gitlab.com/eLeN3Re/CVE-2019-19650"
}
]
}

81
2019/19xxx/CVE-2019-19915.json Normal file
View File

@ -0,0 +1,81 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"301 Redirects - Easy Redirect Manager\" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. This could result in a loss of site availability, malicious redirects, and user infections. This could also be exploited via CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/9979",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9979"
},
{
"url": "https://www.wordfence.com/blog/2019/12/critical-vulnerability-patched-in-301-redirects-easy-redirect-manager/",
"refsource": "MISC",
"name": "https://www.wordfence.com/blog/2019/12/critical-vulnerability-patched-in-301-redirects-easy-redirect-manager/"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:R",
"version": "3.0"
}
}
}

5
2019/1xxx/CVE-2019-1387.json
View File

@ -78,6 +78,11 @@
"refsource": "CONFIRM",
"name": "https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u",
"url": "https://lore.kernel.org/git/xmqqr21cqcn9.fsf@gitster-ct.c.googlers.com/T/#u"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4356",
"url": "https://access.redhat.com/errata/RHSA-2019:4356"
}
]
},

5
2019/2xxx/CVE-2019-2904.json
View File

@ -65,6 +65,11 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-1024/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-1024/"
}
]
}

5
2019/9xxx/CVE-2019-9512.json
View File

@ -378,6 +378,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:4273",
"url": "https://access.redhat.com/errata/RHSA-2019:4273"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},

5
2019/9xxx/CVE-2019-9514.json
View File

@ -378,6 +378,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:4273",
"url": "https://access.redhat.com/errata/RHSA-2019:4273"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},

5
2019/9xxx/CVE-2019-9515.json
View File

@ -253,6 +253,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:4041",
"url": "https://access.redhat.com/errata/RHSA-2019:4041"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},

5
2019/9xxx/CVE-2019-9518.json
View File

@ -193,6 +193,11 @@
"refsource": "MLIST",
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:4352",
"url": "https://access.redhat.com/errata/RHSA-2019:4352"
}
]
},