admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into march

Browse Source
This commit is contained in:
jwhitmore-mitre 2020-03-23 11:22:06 -04:00 committed by GitHub
commit b40dcb0030
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
552 changed files with 12334 additions and 299 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2009/2xxx/CVE-2009-2625.json
View File

@ -366,6 +366,11 @@
"name": "RHSA-2009:1650",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1650.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2012/0xxx/CVE-2012-0881.json
View File

@ -91,6 +91,11 @@
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2012/2xxx/CVE-2012-2098.json
View File

@ -126,6 +126,11 @@
"name": "FEDORA-2013-5546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105049.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2013/4xxx/CVE-2013-4002.json
View File

@ -286,6 +286,11 @@
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

56
2013/7xxx/CVE-2013-7487.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2013-7487",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2013-7487",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to \u201csystem\u201d, which allows remote attackers to execute arbitrary code via TCP port 9000."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html",
"refsource": "MISC",
"name": "http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html"
}
]
}

5
2014/0xxx/CVE-2014-0114.json
View File

@ -631,6 +631,11 @@
"refsource": "MLIST",
"name": "[activemq-issues] 20200109 [jira] [Resolved] (ARTEMIS-2470) Update Apache BeanUtils to Address CVE-2014-0114",
"url": "https://lists.apache.org/thread.html/r75d67108e557bb5d4c4318435067714a0180de525314b7e8dab9d04e@%3Cissues.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2015/1xxx/CVE-2015-1832.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

72
2016/11xxx/CVE-2016-11022.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-11022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/",
"refsource": "MISC",
"name": "https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/"
},
{
"url": "http://firmware.re/vulns/acsa-2015-002.php",
"refsource": "MISC",
"name": "http://firmware.re/vulns/acsa-2015-002.php"
},
{
"url": "https://github.com/threat9/routersploit/blob/master/routersploit/modules/exploits/routers/netgear/prosafe_rce.py",
"refsource": "MISC",
"name": "https://github.com/threat9/routersploit/blob/master/routersploit/modules/exploits/routers/netgear/prosafe_rce.py"
}
]
}
}

5
2017/1000xxx/CVE-2017-1000190.json
View File

@ -68,6 +68,11 @@
"refsource": "MLIST",
"name": "[lucene-dev] 20190723 [jira] [Updated] (SOLR-13648) vulnerable simple-xml-2.7.1.jar",
"url": "https://lists.apache.org/thread.html/8c4ef27e2c0218f29e785990dc919266855aea137c958f10d242cb36@%3Cdev.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2017/5xxx/CVE-2017-5715.json
View File

@ -512,6 +512,11 @@
"name": "https://security.paloaltonetworks.com/CVE-2017-5715",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2017-5715"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200320 [SECURITY] [DLA 2148-1] amd64-microcode security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
}
]
}

5
2018/11xxx/CVE-2018-11354.json
View File

@ -76,6 +76,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11355.json
View File

@ -76,6 +76,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11356.json
View File

@ -81,6 +81,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11357.json
View File

@ -81,6 +81,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11358.json
View File

@ -86,6 +86,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11359.json
View File

@ -81,6 +81,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11360.json
View File

@ -81,6 +81,11 @@
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14688"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11361.json
View File

@ -76,6 +76,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/11xxx/CVE-2018-11362.json
View File

@ -86,6 +86,11 @@
"name": "1041036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041036"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/12xxx/CVE-2018-12086.json
View File

@ -71,6 +71,11 @@
"name": "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf",
"refsource": "CONFIRM",
"url": "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12086.pdf"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/12xxx/CVE-2018-12115.json
View File

@ -87,6 +87,11 @@
"name": "RHSA-2018:2949",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2949"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/12xxx/CVE-2018-12116.json
View File

@ -61,6 +61,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/12xxx/CVE-2018-12121.json
View File

@ -76,6 +76,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3497",
"url": "https://access.redhat.com/errata/RHSA-2019:3497"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/12xxx/CVE-2018-12122.json
View File

@ -66,6 +66,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/12xxx/CVE-2018-12123.json
View File

@ -61,6 +61,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1821",
"url": "https://access.redhat.com/errata/RHSA-2019:1821"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/14xxx/CVE-2018-14339.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14340.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14341.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14342.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14343.json
View File

@ -81,6 +81,11 @@
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14682"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14344.json
View File

@ -76,6 +76,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14367.json
View File

@ -76,6 +76,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14368.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14369.json
View File

@ -81,6 +81,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/14xxx/CVE-2018-14370.json
View File

@ -76,6 +76,11 @@
"name": "104847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104847"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/16xxx/CVE-2018-16056.json
View File

@ -81,6 +81,11 @@
"name": "https://www.wireshark.org/security/wnpa-sec-2018-45.html",
"refsource": "MISC",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-45.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/16xxx/CVE-2018-16057.json
View File

@ -86,6 +86,11 @@
"name": "https://www.wireshark.org/security/wnpa-sec-2018-46.html",
"refsource": "MISC",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-46.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/16xxx/CVE-2018-16058.json
View File

@ -86,6 +86,11 @@
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884",
"refsource": "MISC",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14884"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/17xxx/CVE-2018-17197.json
View File

@ -66,6 +66,11 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2018/18xxx/CVE-2018-18225.json
View File

@ -81,6 +81,11 @@
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172",
"refsource": "MISC",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15172"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/18xxx/CVE-2018-18226.json
View File

@ -81,6 +81,11 @@
"name": "https://www.wireshark.org/security/wnpa-sec-2018-48.html",
"refsource": "MISC",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-48.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/18xxx/CVE-2018-18227.json
View File

@ -81,6 +81,11 @@
"name": "DSA-4359",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4359"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19622.json
View File

@ -81,6 +81,11 @@
"name": "DSA-4359",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4359"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19623.json
View File

@ -81,6 +81,11 @@
"name": "DSA-4359",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4359"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19624.json
View File

@ -81,6 +81,11 @@
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e319db1107b08fc3be804b6d449143ec9aa0dec",
"refsource": "MISC",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e319db1107b08fc3be804b6d449143ec9aa0dec"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19625.json
View File

@ -81,6 +81,11 @@
"name": "DSA-4359",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4359"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19626.json
View File

@ -81,6 +81,11 @@
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5a65115ebab55cfd5ce0a855c2256e01cab6449",
"refsource": "MISC",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c5a65115ebab55cfd5ce0a855c2256e01cab6449"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19627.json
View File

@ -81,6 +81,11 @@
"name": "https://www.wireshark.org/security/wnpa-sec-2018-55.html",
"refsource": "MISC",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-55.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2018/19xxx/CVE-2018-19628.json
View File

@ -76,6 +76,11 @@
"name": "DSA-4359",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4359"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

48
2018/20xxx/CVE-2018-20333.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20333",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can request /update_applist.asp to see if a USB device is attached to the router and if there are apps installed on the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://starlabs.sg/advisories/18-20333/",
"url": "https://starlabs.sg/advisories/18-20333/"
}
]
}

48
2018/20xxx/CVE-2018-20334.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20334",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://starlabs.sg/advisories/18-20334/",
"url": "https://starlabs.sg/advisories/18-20334/"
}
]
}

48
2018/20xxx/CVE-2018-20335.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20335",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://starlabs.sg/advisories/18-20335/",
"url": "https://starlabs.sg/advisories/18-20335/"
}
]
}

5
2018/7xxx/CVE-2018-7161.json
View File

@ -68,6 +68,11 @@
"name": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/7xxx/CVE-2018-7162.json
View File

@ -65,6 +65,11 @@
"name": "104468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104468"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/7xxx/CVE-2018-7164.json
View File

@ -65,6 +65,11 @@
"name": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/7xxx/CVE-2018-7167.json
View File

@ -71,6 +71,11 @@
"name": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
}

5
2018/8xxx/CVE-2018-8010.json
View File

@ -62,6 +62,11 @@
"name": "104239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104239"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2019/0xxx/CVE-2019-0154.json
View File

@ -73,6 +73,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0204",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0004/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0004/"
}
]
},

5
2019/0xxx/CVE-2019-0155.json
View File

@ -93,6 +93,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0204",
"url": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/10xxx/CVE-2019-10088.json
View File

@ -73,6 +73,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
},

5
2019/10xxx/CVE-2019-10093.json
View File

@ -73,6 +73,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
},

5
2019/10xxx/CVE-2019-10094.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
},

60
2019/10xxx/CVE-2019-10179.json
View File

@ -4,15 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10179",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "pki-core/pki-kra",
"version": {
"version_data": [
{
"version_value": "all pki-core 10.x.x versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
]
]
}
}

60
2019/10xxx/CVE-2019-10221.json
View File

@ -4,15 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10221",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "pki-core",
"version": {
"version_data": [
{
"version_value": "all pki-core 10.x.x versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
]
]
}
}

5
2019/10xxx/CVE-2019-10894.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10895.json
View File

@ -111,6 +111,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10896.json
View File

@ -96,6 +96,11 @@
"refsource": "UBUNTU",
"name": "USN-3986-1",
"url": "https://usn.ubuntu.com/3986-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10897.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-77b2d840ef",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10898.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-77b2d840ef",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10899.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10900.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-77b2d840ef",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10901.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10902.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-77b2d840ef",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4LYIOOQIMFQ3PA7AFBK4DNXHISTEYUC5/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/10xxx/CVE-2019-10903.json
View File

@ -101,6 +101,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190525 [SECURITY] [DLA 1802-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/11xxx/CVE-2019-11089.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/11xxx/CVE-2019-11111.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/11xxx/CVE-2019-11112.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/11xxx/CVE-2019-11113.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

61
2019/11xxx/CVE-2019-11574.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11574",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-11574",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.simplemachines.org/community/index.php?board=1.0",
"refsource": "MISC",
"name": "https://www.simplemachines.org/community/index.php?board=1.0"
},
{
"url": "https://pastebin.com/raw/prE3iiLm",
"refsource": "MISC",
"name": "https://pastebin.com/raw/prE3iiLm"
}
]
}

5
2019/12xxx/CVE-2019-12086.json
View File

@ -221,6 +221,11 @@
"refsource": "MLIST",
"name": "[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html",
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2019/12xxx/CVE-2019-12402.json
View File

@ -133,6 +133,11 @@
"refsource": "MLIST",
"name": "[flink-issues] 20200313 [GitHub] [flink] GJL closed pull request #11333: [FLINK-14121] Update commons-compress because of CVE-2019-12402",
"url": "https://lists.apache.org/thread.html/r4363c994c8bca033569a98da9218cc0c62bb695c1e47a98e5084e5a0@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
},

5
2019/12xxx/CVE-2019-12415.json
View File

@ -68,6 +68,11 @@
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
},

66
2019/12xxx/CVE-2019-12498.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12498",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/wp-live-chat-support/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-live-chat-support/#developers"
},
{
"refsource": "CONFIRM",
"name": "https://plugins.trac.wordpress.org/changeset/2098577/wp-live-chat-support/trunk",
"url": "https://plugins.trac.wordpress.org/changeset/2098577/wp-live-chat-support/trunk"
},
{
"refsource": "CONFIRM",
"name": "https://plugins.trac.wordpress.org/log/wp-live-chat-support/",
"url": "https://plugins.trac.wordpress.org/log/wp-live-chat-support/"
}
]
}

56
2019/12xxx/CVE-2019-12767.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12767",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DAP-1650/REVA/DAP-1650_REVA_RELEASE_NOTES_v1.04B02_J65H.pdf",
"url": "ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DAP-1650/REVA/DAP-1650_REVA_RELEASE_NOTES_v1.04B02_J65H.pdf"
}
]
}

5
2019/12xxx/CVE-2019-12921.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md",
"url": "https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200321 [SECURITY] [DLA 2152-1] graphicsmagick security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00026.html"
}
]
}

62
2019/13xxx/CVE-2019-13389.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as xlink:href validation, the X-XSS-Protection header, and the Content-Security-Policy header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693",
"refsource": "MISC",
"name": "https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693"
}
]
}
}

67
2019/13xxx/CVE-2019-13463.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS vulnerability in qcopd-shortcode-generator.php in the Simple Link Directory plugin before 7.3.5 for WordPress allows remote attackers to inject arbitrary web script or HTML, because esc_html is not called for the \"echo get_the_title()\" or \"echo $term->name\" statement."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fsimple-link-directory&old=2111131&new_path=%2Fsimple-link-directory&new=2111132&sfp_email=&sfph_mail=",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fsimple-link-directory&old=2111131&new_path=%2Fsimple-link-directory&new=2111132&sfp_email=&sfph_mail="
},
{
"url": "https://wordpress.org/plugins/simple-link-directory/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/simple-link-directory/#developers"
}
]
}
}

5
2019/13xxx/CVE-2019-13619.json
View File

@ -91,6 +91,11 @@
"refsource": "UBUNTU",
"name": "USN-4133-1",
"url": "https://usn.ubuntu.com/4133-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0362",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html"
}
]
}

5
2019/14xxx/CVE-2019-14262.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/drewnoakes/metadata-extractor-dotnet/pull/190",
"refsource": "MISC",
"name": "https://github.com/drewnoakes/metadata-extractor-dotnet/pull/190"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2019/14xxx/CVE-2019-14574.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/14xxx/CVE-2019-14590.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

5
2019/14xxx/CVE-2019-14591.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200320-0005/",
"url": "https://security.netapp.com/advisory/ntap-20200320-0005/"
}
]
},

87
2019/14xxx/CVE-2019-14855.json Normal file
View File

@ -0,0 +1,87 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14855",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "gnupg2",
"version": {
"version_data": [
{
"version_value": "2.2.18"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://rwc.iacr.org/2020/slides/Leurent.pdf",
"refsource": "MISC",
"name": "https://rwc.iacr.org/2020/slides/Leurent.pdf"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855",
"refsource": "CONFIRM"
},
{
"url": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html",
"name": "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html",
"refsource": "MISC"
},
{
"url": "https://dev.gnupg.org/T4755",
"name": "https://dev.gnupg.org/T4755",
"refsource": "MISC"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
}
}

62
2019/15xxx/CVE-2019-15075.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the r)fddEw232f encryption key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/iNextrix/ASTPP/commit/9877ec62556f0470030acd306b24bc94fdcbe2ae",
"refsource": "MISC",
"name": "https://github.com/iNextrix/ASTPP/commit/9877ec62556f0470030acd306b24bc94fdcbe2ae"
}
]
}
}

67
2019/15xxx/CVE-2019-15510.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 10 allows HTML injection on the user administration page via the description of a role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.manageengine.com/products/desktop-central/download.html",
"refsource": "MISC",
"name": "https://www.manageengine.com/products/desktop-central/download.html"
},
{
"refsource": "MISC",
"name": "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-15510-manageengine-desktopcentral-v-10-vulnerable-to-html-injection/",
"url": "https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-15510-manageengine-desktopcentral-v-10-vulnerable-to-html-injection/"
}
]
}
}

62
2019/15xxx/CVE-2019-15522.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15522",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/LINBIT/csync2/pull/13/commits/0ecfc333da51575f188dd7cf6ac4974d13a800b1",
"refsource": "MISC",
"name": "https://github.com/LINBIT/csync2/pull/13/commits/0ecfc333da51575f188dd7cf6ac4974d13a800b1"
}
]
}
}

5
2019/15xxx/CVE-2019-15604.json
View File

@ -103,6 +103,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0293",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
},

5
2019/15xxx/CVE-2019-15605.json
View File

@ -128,6 +128,11 @@
"refsource": "REDHAT",
"name": "RHSA-2020:0708",
"url": "https://access.redhat.com/errata/RHSA-2020:0708"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
},

5
2019/15xxx/CVE-2019-15606.json
View File

@ -103,6 +103,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0293",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202003-48",
"url": "https://security.gentoo.org/glsa/202003-48"
}
]
},

17
2019/15xxx/CVE-2019-15608.json
View File

@ -19,10 +19,7 @@
"version": {
"version_data": [
{
"version_value": "before 1.19.0"
},
{
"version_value": "fixed in 1.19.0"
"version_value": "Fixed in 1.19.0"
}
]
}
@ -51,6 +48,16 @@
"refsource": "MISC",
"name": "https://hackerone.com/reports/703138",
"url": "https://hackerone.com/reports/703138"
},
{
"refsource": "MISC",
"name": "https://github.com/yarnpkg/yarn/commit/0474b8c66a8ea298f5e4dedc67b2de464297ad1c",
"url": "https://github.com/yarnpkg/yarn/commit/0474b8c66a8ea298f5e4dedc67b2de464297ad1c"
},
{
"refsource": "MISC",
"name": "https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md#1190",
"url": "https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md#1190"
}
]
},
@ -58,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package integrity validation in yarn < 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack. This issue is fixed in 1.19.0."
"value": "The package integrity validation in yarn < 1.19.0 contains a TOCTOU vulnerability where the hash is computed before writing a package to cache. It's not computed again when reading from the cache. This may lead to a cache pollution attack."
}
]
}

Some files were not shown because too many files have changed in this diff Show More