admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-14 00:01:41 +00:00
parent 75ba30bc1c
commit a47dcd69e6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 154 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2011/0xxx/CVE-2011-0544.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0544",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "phpbb3",
"product": {
"product_data": [
{
"product_name": "phpbb3",
"version": {
"version_data": [
{
"version_value": "3.0.x-3.0.6"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-0544",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2011-0544"
},
{
"url": "https://access.redhat.com/security/cve/cve-2011-0544",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2011-0544"
}
]
}

5
2019/10xxx/CVE-2019-10215.json
View File

@ -48,6 +48,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10215",
"refsource": "CONFIRM"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3771",
"url": "https://access.redhat.com/errata/RHSA-2019:3771"
}
]
},

5
2019/10xxx/CVE-2019-10744.json
View File

@ -58,6 +58,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3024",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K47105354?utm_source=f5support&utm_medium=RSS"
}
]
},

67
2019/18xxx/CVE-2019-18954.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious attacker can manipulate internal attributes by adding additional attributes to user input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/cl0udz/vulnerabilities/tree/master/pomelo-critical-state-manipulation",
"refsource": "MISC",
"name": "https://github.com/cl0udz/vulnerabilities/tree/master/pomelo-critical-state-manipulation"
},
{
"url": "https://github.com/NetEase/pomelo/issues/1149",
"refsource": "MISC",
"name": "https://github.com/NetEase/pomelo/issues/1149"
}
]
}
}

9
2019/3xxx/CVE-2019-3660.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.\n\n\n\n\n"
"value": "Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests."
}
]
},
@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
}
]
},
@ -83,4 +84,4 @@
"advisory": "SB10304",
"discovery": "EXTERNAL"
}
}
}

9
2019/3xxx/CVE-2019-3661.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.\n\n\n\n\n\n"
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads."
}
]
},
@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
}
]
},
@ -83,4 +84,4 @@
"advisory": "SB10304",
"discovery": "EXTERNAL"
}
}
}

9
2019/3xxx/CVE-2019-3662.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.\n\n\n\n\n\n\n"
"value": "Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests."
}
]
},
@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
}
]
},
@ -83,4 +84,4 @@
"advisory": "SB10304",
"discovery": "EXTERNAL"
}
}
}

9
2019/3xxx/CVE-2019-3663.json
View File

@ -36,7 +36,7 @@
"description_data": [
{
"lang": "eng",
"value": "Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system.\n\n\n\n\n\n\n\n"
"value": "Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system."
}
]
},
@ -74,8 +74,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304"
}
]
},
@ -83,4 +84,4 @@
"advisory": "SB10304",
"discovery": "EXTERNAL"
}
}
}

5
2019/3xxx/CVE-2019-3889.json
View File

@ -53,6 +53,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3722",
"url": "https://access.redhat.com/errata/RHSA-2019:3722"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3770",
"url": "https://access.redhat.com/errata/RHSA-2019:3770"
}
]
},