admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-15 15:00:47 +00:00
parent 4d6808d4dc
commit a9ffd6fb02
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
43 changed files with 734 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2018/19xxx/CVE-2018-19857.json
View File

@ -81,6 +81,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
}

5
2019/1010xxx/CVE-2019-1010006.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1882-1] atril security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00014.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1908",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00046.html"
}
]
}

5
2019/10xxx/CVE-2019-10160.json
View File

@ -118,6 +118,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2437",
"url": "https://access.redhat.com/errata/RHSA-2019:2437"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1906",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html"
}
]
},

5
2019/10xxx/CVE-2019-10162.json
View File

@ -61,6 +61,11 @@
"url": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-04.html",
"refsource": "MISC",
"name": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-04.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1904",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html"
}
]
},

5
2019/10xxx/CVE-2019-10163.json
View File

@ -61,6 +61,11 @@
"url": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html",
"refsource": "MISC",
"name": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1904",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html"
}
]
},

5
2019/10xxx/CVE-2019-10181.json
View File

@ -58,6 +58,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10181",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10181",
"refsource": "CONFIRM"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1911",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html"
}
]
},

5
2019/10xxx/CVE-2019-10182.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327",
"name": "https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327",
"refsource": "CONFIRM"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1911",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html"
}
]
},

5
2019/10xxx/CVE-2019-10185.json
View File

@ -58,6 +58,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185",
"refsource": "CONFIRM"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1911",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html"
}
]
},

5
2019/12xxx/CVE-2019-12594.json
View File

@ -86,6 +86,11 @@
"refsource": "BUGTRAQ",
"name": "20190712 [SECURITY] [DSA 4478-1] dosbox security update",
"url": "https://seclists.org/bugtraq/2019/Jul/14"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1905",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00047.html"
}
]
}

10
2019/12xxx/CVE-2019-12874.json
View File

@ -71,6 +71,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
}

5
2019/12xxx/CVE-2019-12900.json
View File

@ -106,6 +106,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html",
"url": "http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1918",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html"
}
]
}

5
2019/13xxx/CVE-2019-13050.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-28a3675529",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1917",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html"
}
]
}

5
2019/13xxx/CVE-2019-13173.json
View File

@ -66,6 +66,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1846",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00010.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1907",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00052.html"
}
]
}

10
2019/13xxx/CVE-2019-13602.json
View File

@ -76,6 +76,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
}

10
2019/13xxx/CVE-2019-13962.json
View File

@ -71,6 +71,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
}

5
2019/14xxx/CVE-2019-14216.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://zeroauth.ltd/blog/2019/08/09/cve-2019-14216-svg-vector-icon-plugin-wordpress-plugin-vulnerable-to-csrf-and-arbitrary-file-upload-leading-to-remote-code-execution/",
"url": "https://zeroauth.ltd/blog/2019/08/09/cve-2019-14216-svg-vector-icon-plugin-wordpress-plugin-vulnerable-to-csrf-and-arbitrary-file-upload-leading-to-remote-code-execution/"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9510",
"url": "https://wpvulndb.com/vulnerabilities/9510"
}
]
}

5
2019/14xxx/CVE-2019-14744.json
View File

@ -101,6 +101,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-a746ac9c89",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IRIKH7ZWXELIQT6WSLV7EG3VTFWKZPD/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1898",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00034.html"
}
]
}

72
2019/14xxx/CVE-2019-14755.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://leaftecnologia.com.br/",
"refsource": "MISC",
"name": "http://leaftecnologia.com.br/"
},
{
"url": "http://intruderlabs.com.br/",
"refsource": "MISC",
"name": "http://intruderlabs.com.br/"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/alacerda/8fd4557e585a8707e9d3b798968e24c1",
"url": "https://gist.github.com/alacerda/8fd4557e585a8707e9d3b798968e24c1"
}
]
}
}

67
2019/14xxx/CVE-2019-14790.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS via the wp-admin/admin-ajax.php?action=grsGalleryAjax&grsAction=shortcode task parameter,"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/limb-gallery/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/limb-gallery/#developers"
},
{
"url": "https://www.pluginvulnerabilities.com/2019/06/26/what-would-hackers-be-interested-in-the-wordpress-plugin-limb-gallery-for/",
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2019/06/26/what-would-hackers-be-interested-in-the-wordpress-plugin-limb-gallery-for/"
}
]
}
}

67
2019/14xxx/CVE-2019-14795.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14795",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The toggle-the-title (aka Toggle The Title) plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=update_title_options isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/toggle-the-title/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/toggle-the-title/#developers"
},
{
"url": "https://www.pluginvulnerabilities.com/2019/05/16/is-this-authenticated-persistent-cross-site-scripting-xss-vulnerability-what-hackers-would-be-interested-in-toggle-the-title-for/",
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2019/05/16/is-this-authenticated-persistent-cross-site-scripting-xss-vulnerability-what-hackers-would-be-interested-in-toggle-the-title-for/"
}
]
}
}

67
2019/14xxx/CVE-2019-14800.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress allows guests to obtain the email subscription list in CSV format via the wp-admin/admin-post.php?page=fvplayer&fv-email-export=1 URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/fv-wordpress-flowplayer/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/fv-wordpress-flowplayer/#developers"
},
{
"url": "https://www.pluginvulnerabilities.com/2019/05/15/information-disclosure-vulnerability-in-fv-player-fv-flowplayer-video-player/",
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2019/05/15/information-disclosure-vulnerability-in-fv-player-fv-flowplayer-video-player/"
}
]
}
}

62
2019/15xxx/CVE-2019-15081.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenCart 3.x, when the attacker has login access to the admin panel, allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS/blob/master/README.md",
"refsource": "MISC",
"name": "https://github.com/nipunsomani/Opencart-3.x.x-Authenticated-Stored-XSS/blob/master/README.md"
}
]
}
}

10
2019/2xxx/CVE-2019-2614.json
View File

@ -100,6 +100,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2484",
"url": "https://access.redhat.com/errata/RHSA-2019:2484"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1913",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1915",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html"
}
]
}

10
2019/2xxx/CVE-2019-2627.json
View File

@ -100,6 +100,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2484",
"url": "https://access.redhat.com/errata/RHSA-2019:2484"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1913",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1915",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html"
}
]
}

10
2019/2xxx/CVE-2019-2628.json
View File

@ -81,6 +81,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2484",
"url": "https://access.redhat.com/errata/RHSA-2019:2484"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1913",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00035.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1915",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00032.html"
}
]
}

10
2019/2xxx/CVE-2019-2745.json
View File

@ -62,6 +62,16 @@
"refsource": "UBUNTU",
"name": "USN-4080-1",
"url": "https://usn.ubuntu.com/4080-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

10
2019/2xxx/CVE-2019-2762.json
View File

@ -81,6 +81,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2495",
"url": "https://access.redhat.com/errata/RHSA-2019:2495"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

10
2019/2xxx/CVE-2019-2766.json
View File

@ -61,6 +61,16 @@
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

10
2019/2xxx/CVE-2019-2769.json
View File

@ -81,6 +81,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2495",
"url": "https://access.redhat.com/errata/RHSA-2019:2495"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

10
2019/2xxx/CVE-2019-2786.json
View File

@ -71,6 +71,16 @@
"refsource": "UBUNTU",
"name": "USN-4083-1",
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

10
2019/2xxx/CVE-2019-2816.json
View File

@ -81,6 +81,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2495",
"url": "https://access.redhat.com/errata/RHSA-2019:2495"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

5
2019/2xxx/CVE-2019-2818.json
View File

@ -62,6 +62,11 @@
"refsource": "UBUNTU",
"name": "USN-4083-1",
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
}
]
}

5
2019/2xxx/CVE-2019-2821.json
View File

@ -62,6 +62,11 @@
"refsource": "UBUNTU",
"name": "USN-4083-1",
"url": "https://usn.ubuntu.com/4083-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
}
]
}

5
2019/2xxx/CVE-2019-2842.json
View File

@ -62,6 +62,11 @@
"refsource": "UBUNTU",
"name": "USN-4080-1",
"url": "https://usn.ubuntu.com/4080-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

70
2019/3xxx/CVE-2019-3417.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3417",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZXHN F670",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "V1.1.10P3T18"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by command injection vulnerability. Due to insufficient parameter validation check, an authorized user can exploit this vulnerability to take control of user router system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

70
2019/3xxx/CVE-2019-3418.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3418",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZXHN F670",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "V1.1.10P3T18"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by cross-site scripting vulnerability (XSS). Due to incomplete input validation, an authorized user can exploit this vulnerability to execute malicious scripts."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010163"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

10
2019/5xxx/CVE-2019-5439.json
View File

@ -63,6 +63,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
},

10
2019/5xxx/CVE-2019-5459.json
View File

@ -53,6 +53,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
},

10
2019/5xxx/CVE-2019-5460.json
View File

@ -53,6 +53,16 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1840",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1909",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
}
]
},

5
2019/6xxx/CVE-2019-6133.json
View File

@ -156,6 +156,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1914",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00049.html"
}
]
}

5
2019/7xxx/CVE-2019-7165.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20190712 [SECURITY] [DSA 4478-1] dosbox security update",
"url": "https://seclists.org/bugtraq/2019/Jul/14"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1905",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00047.html"
}
]
}

10
2019/7xxx/CVE-2019-7317.json
View File

@ -216,6 +216,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2495",
"url": "https://access.redhat.com/errata/RHSA-2019:2495"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1916",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1912",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"
}
]
}

5
2019/9xxx/CVE-2019-9636.json
View File

@ -231,6 +231,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-60a1defcd1",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1906",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html"
}
]
}