From b3676c8daf4477fcb5120f01ee9db81bde4eed77 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 15 Oct 2019 21:01:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/10xxx/CVE-2016-10906.json | 5 +++ 2018/20xxx/CVE-2018-20856.json | 5 +++ 2019/17xxx/CVE-2019-17355.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17356.json | 67 ++++++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17394.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17396.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17398.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17601.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17602.json | 62 +++++++++++++++++++++++++++++++ 9 files changed, 449 insertions(+) create mode 100644 2019/17xxx/CVE-2019-17355.json create mode 100644 2019/17xxx/CVE-2019-17356.json create mode 100644 2019/17xxx/CVE-2019-17394.json create mode 100644 2019/17xxx/CVE-2019-17396.json create mode 100644 2019/17xxx/CVE-2019-17398.json create mode 100644 2019/17xxx/CVE-2019-17601.json create mode 100644 2019/17xxx/CVE-2019-17602.json diff --git a/2016/10xxx/CVE-2016-10906.json b/2016/10xxx/CVE-2016-10906.json index dafd4f7a425..7026de8961d 100644 --- a/2016/10xxx/CVE-2016-10906.json +++ b/2016/10xxx/CVE-2016-10906.json @@ -56,6 +56,11 @@ "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c278c253f3d992c6994d08aa0efb2b6806ca396f", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c278c253f3d992c6994d08aa0efb2b6806ca396f" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K01993501?utm_source=f5support&utm_medium=RSS", + "url": "https://support.f5.com/csp/article/K01993501?utm_source=f5support&utm_medium=RSS" } ] } diff --git a/2018/20xxx/CVE-2018-20856.json b/2018/20xxx/CVE-2018-20856.json index cb6c9d2bc01..22ad8b4c9a5 100644 --- a/2018/20xxx/CVE-2018-20856.json +++ b/2018/20xxx/CVE-2018-20856.json @@ -116,6 +116,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html", "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K14673240?utm_source=f5support&utm_medium=RSS", + "url": "https://support.f5.com/csp/article/K14673240?utm_source=f5support&utm_medium=RSS" } ] } diff --git a/2019/17xxx/CVE-2019-17355.json b/2019/17xxx/CVE-2019-17355.json new file mode 100644 index 00000000000..350f815ce48 --- /dev/null +++ b/2019/17xxx/CVE-2019-17355.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pastebin.com/GgpFz3ZW", + "refsource": "MISC", + "name": "https://pastebin.com/GgpFz3ZW" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17356.json b/2019/17xxx/CVE-2019-17356.json new file mode 100644 index 00000000000..4cfccc17e3b --- /dev/null +++ b/2019/17xxx/CVE-2019-17356.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bit.ly/2kfL7xE", + "refsource": "MISC", + "name": "https://bit.ly/2kfL7xE" + }, + { + "refsource": "MISC", + "name": "https://pastebin.com/yUFxs2J7", + "url": "https://pastebin.com/yUFxs2J7" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17394.json b/2019/17xxx/CVE-2019-17394.json new file mode 100644 index 00000000000..b243ea3dd80 --- /dev/null +++ b/2019/17xxx/CVE-2019-17394.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pastebin.com/h8v0qxZH", + "refsource": "MISC", + "name": "https://pastebin.com/h8v0qxZH" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17396.json b/2019/17xxx/CVE-2019-17396.json new file mode 100644 index 00000000000..af839c46ab9 --- /dev/null +++ b/2019/17xxx/CVE-2019-17396.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pastebin.com/9VBiRpAR", + "refsource": "MISC", + "name": "https://pastebin.com/9VBiRpAR" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17398.json b/2019/17xxx/CVE-2019-17398.json new file mode 100644 index 00000000000..d267cc49b42 --- /dev/null +++ b/2019/17xxx/CVE-2019-17398.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via logcat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pastebin.com/5ZDDCqgL", + "refsource": "MISC", + "name": "https://pastebin.com/5ZDDCqgL" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17601.json b/2019/17xxx/CVE-2019-17601.json new file mode 100644 index 00000000000..443c8c3d760 --- /dev/null +++ b/2019/17xxx/CVE-2019-17601.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-19861. NOTE: this product is discontinued." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/154819/MiniShare-1.4.1-CONNECT-Remote-Buffer-Overflow.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/154819/MiniShare-1.4.1-CONNECT-Remote-Buffer-Overflow.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17602.json b/2019/17xxx/CVE-2019-17602.json new file mode 100644 index 00000000000..b6cd19a92ff --- /dev/null +++ b/2019/17xxx/CVE-2019-17602.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17602", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html", + "refsource": "MISC", + "name": "https://www.manageengine.com/network-monitoring/help/read-me-complete.html" + } + ] + } +} \ No newline at end of file