admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-25 17:00:45 +00:00
parent f1321c45dd
commit 9f004eb983
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
17 changed files with 585 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2009/5xxx/CVE-2009-5155.json
View File

@ -91,6 +91,11 @@
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K64119434",
"url": "https://support.f5.com/csp/article/K64119434"
}
]
}

78
2015/3xxx/CVE-2015-3953.json
View File

@ -1,17 +1,81 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3953",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-3953",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hospira",
"product": {
"product_data": [
{
"product_name": "Plum A+ Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 13.4"
}
]
}
},
{
"product_name": "Plum A+3 Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 13.6"
}
]
}
},
{
"product_name": "Symbiq Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 3.13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of hard-coded password CWE-259"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-161-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-161-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue."
}
]
}

78
2015/3xxx/CVE-2015-3954.json
View File

@ -1,17 +1,81 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3954",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-3954",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hospira",
"product": {
"product_data": [
{
"product_name": "Plum A+ Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 13.4"
}
]
}
},
{
"product_name": "Plum A+3 Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 13.6"
}
]
}
},
{
"product_name": "Symbiq Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 3.13"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper authorization CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-161-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-161-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pump. Hospira recommends that customers close Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue."
}
]
}

5
2018/17xxx/CVE-2018-17057.json
View File

@ -61,6 +61,11 @@
"refsource": "FULLDISC",
"name": "20190322 CVE-2018-17057: phar deserialization in TCPDF might lead to RCE",
"url": "http://seclists.org/fulldisclosure/2019/Mar/36"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152200/TCPDF-6.2.19-Deserialization-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152200/TCPDF-6.2.19-Deserialization-Remote-Code-Execution.html"
}
]
}

5
2019/10xxx/CVE-2019-10017.json
View File

@ -56,6 +56,11 @@
"url": "http://dev.cmsmadesimple.org/bug/view/12001",
"refsource": "MISC",
"name": "http://dev.cmsmadesimple.org/bug/view/12001"
},
{
"refsource": "MISC",
"name": "https://ctrsec.io/index.php/2019/03/24/cmsmadesimple-xss-filepicker/",
"url": "https://ctrsec.io/index.php/2019/03/24/cmsmadesimple-xss-filepicker/"
}
]
}

58
2019/3xxx/CVE-2019-3476.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3476",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3476",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Micro Focus Data Protector",
"version": {
"version_data": [
{
"version_value": "10.03"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03337614",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03337614"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution."
}
]
}

58
2019/3xxx/CVE-2019-3479.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3479",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3479",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7."
}
]
}

58
2019/3xxx/CVE-2019-3480.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3480",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3480",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "stored/reflected XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a stored/reflected XSS issue in ArcSight Logger versions prior to 6.7."
}
]
}

58
2019/3xxx/CVE-2019-3481.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3481",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3481",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML External Entity Parsing"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a XML External Entity Parsing issue in ArcSight Logger versions prior to 6.7."
}
]
}

58
2019/3xxx/CVE-2019-3482.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3482",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3482",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a directory traversal issue in ArcSight Logger versions prior to 6.7."
}
]
}

58
2019/3xxx/CVE-2019-3483.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3483",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3483",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7."
}
]
}

58
2019/3xxx/CVE-2019-3484.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3484",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3484",
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ArcSight Logger",
"version": {
"version_data": [
{
"version_value": "Versions prior to 6.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03355866",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03355866"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7."
}
]
}

53
2019/6xxx/CVE-2019-6240.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6240",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/16/critical-security-release-gitlab-11-dot-6-dot-4-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/16/critical-security-release-gitlab-11-dot-6-dot-4-released/"
}
]
}

5
2019/8xxx/CVE-2019-8904.json
View File

@ -61,6 +61,11 @@
"name": "107130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107130"
},
{
"refsource": "UBUNTU",
"name": "USN-3911-1",
"url": "https://usn.ubuntu.com/3911-1/"
}
]
}

5
2019/8xxx/CVE-2019-8905.json
View File

@ -71,6 +71,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:0345",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3911-1",
"url": "https://usn.ubuntu.com/3911-1/"
}
]
}

5
2019/8xxx/CVE-2019-8906.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:0345",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3911-1",
"url": "https://usn.ubuntu.com/3911-1/"
}
]
}

5
2019/8xxx/CVE-2019-8907.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:0345",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3911-1",
"url": "https://usn.ubuntu.com/3911-1/"
}
]
}