mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-06-19 17:32:41 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
e22b066106
commit
ac62941f00
77
2019/17xxx/CVE-2019-17669.json
Normal file
77
2019/17xxx/CVE-2019-17669.json
Normal file
@ -0,0 +1,77 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17669",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
},
|
||||
{
|
||||
"url": "https://core.trac.wordpress.org/changeset/46475",
|
||||
"refsource": "MISC",
|
||||
"name": "https://core.trac.wordpress.org/changeset/46475"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
77
2019/17xxx/CVE-2019-17670.json
Normal file
77
2019/17xxx/CVE-2019-17670.json
Normal file
@ -0,0 +1,77 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17670",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
},
|
||||
{
|
||||
"url": "https://core.trac.wordpress.org/changeset/46472",
|
||||
"refsource": "MISC",
|
||||
"name": "https://core.trac.wordpress.org/changeset/46472"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
77
2019/17xxx/CVE-2019-17671.json
Normal file
77
2019/17xxx/CVE-2019-17671.json
Normal file
@ -0,0 +1,77 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17671",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
},
|
||||
{
|
||||
"url": "https://core.trac.wordpress.org/changeset/46474",
|
||||
"refsource": "MISC",
|
||||
"name": "https://core.trac.wordpress.org/changeset/46474"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
67
2019/17xxx/CVE-2019-17672.json
Normal file
67
2019/17xxx/CVE-2019-17672.json
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17672",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
77
2019/17xxx/CVE-2019-17673.json
Normal file
77
2019/17xxx/CVE-2019-17673.json
Normal file
@ -0,0 +1,77 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17673",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
},
|
||||
{
|
||||
"url": "https://core.trac.wordpress.org/changeset/46478",
|
||||
"refsource": "MISC",
|
||||
"name": "https://core.trac.wordpress.org/changeset/46478"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
67
2019/17xxx/CVE-2019-17674.json
Normal file
67
2019/17xxx/CVE-2019-17674.json
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17674",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
77
2019/17xxx/CVE-2019-17675.json
Normal file
77
2019/17xxx/CVE-2019-17675.json
Normal file
@ -0,0 +1,77 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17675",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html"
|
||||
},
|
||||
{
|
||||
"url": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/"
|
||||
},
|
||||
{
|
||||
"url": "https://core.trac.wordpress.org/changeset/46477",
|
||||
"refsource": "MISC",
|
||||
"name": "https://core.trac.wordpress.org/changeset/46477"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
62
2019/17xxx/CVE-2019-17676.json
Normal file
62
2019/17xxx/CVE-2019-17676.json
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-17676",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/anx1ang/notes/issues/1",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/anx1ang/notes/issues/1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user