admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-13 19:01:39 +00:00
parent f68feda664
commit b9c21bc89e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
10 changed files with 272 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2010/4xxx/CVE-2010-4533.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4533",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "offlineimap",
"product": {
"product_data": [
{
"product_name": "offlineimap",
"version": {
"version_data": [
{
"version_value": "before 6.3.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4533",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4533"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4533",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4533"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4533",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-4533"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2010/12/23/2",
"url": "https://www.openwall.com/lists/oss-security/2010/12/23/2"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606962",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606962"
}
]
}

53
2013/3xxx/CVE-2013-3517.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3517",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/",
"refsource": "MISC",
"name": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"url": "https://www.ise.io/soho_service_hacks/",
"refsource": "MISC",
"name": "https://www.ise.io/soho_service_hacks/"
}
]
}

5
2018/14xxx/CVE-2018-14498.json
View File

@ -96,6 +96,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:3705",
"url": "https://access.redhat.com/errata/RHSA-2019:3705"
},
{
"refsource": "UBUNTU",
"name": "USN-4190-1",
"url": "https://usn.ubuntu.com/4190-1/"
}
]
}

5
2018/19xxx/CVE-2018-19664.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305",
"refsource": "MISC",
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305"
},
{
"refsource": "UBUNTU",
"name": "USN-4190-1",
"url": "https://usn.ubuntu.com/4190-1/"
}
]
}

5
2018/20xxx/CVE-2018-20330.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304",
"refsource": "MISC",
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/304"
},
{
"refsource": "UBUNTU",
"name": "USN-4190-1",
"url": "https://usn.ubuntu.com/4190-1/"
}
]
}

62
2019/16xxx/CVE-2019-16950.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://mjlanders.com/2019/11/07/multiple-vulnerabilities-found-in-enghouse-zeacom-web-chat/",
"url": "https://mjlanders.com/2019/11/07/multiple-vulnerabilities-found-in-enghouse-zeacom-web-chat/"
}
]
}
}

62
2019/16xxx/CVE-2019-16951.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote file include (RFI) issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker's data and displays it. Also worth mentioning is the amount of information sent in the request from this product to the attacker: it reveals information the public should not have. This includes pathnames and internal ip addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://mjlanders.com/2019/11/07/multiple-vulnerabilities-found-in-enghouse-zeacom-web-chat/",
"url": "https://mjlanders.com/2019/11/07/multiple-vulnerabilities-found-in-enghouse-zeacom-web-chat/"
}
]
}
}

5
2019/18xxx/CVE-2019-18396.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://medium.com/@c4pt41nnn/cve-2019-18396-command-injection-in-technicolor-router-da5dd2134052",
"url": "https://medium.com/@c4pt41nnn/cve-2019-18396-command-injection-in-technicolor-router-da5dd2134052"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155296/Technicolor-TD5130.2-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/155296/Technicolor-TD5130.2-Remote-Command-Execution.html"
}
]
}

5
2019/2xxx/CVE-2019-2201.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2019-11-01",
"url": "https://source.android.com/security/bulletin/2019-11-01"
},
{
"refsource": "UBUNTU",
"name": "USN-4190-1",
"url": "https://usn.ubuntu.com/4190-1/"
}
]
},

5
2019/9xxx/CVE-2019-9055.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg",
"url": "https://newsletter.cmsmadesimple.org/w/89247Qog4jCRCuRinvhsofwg"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155322/CMS-Made-Simple-2.2.8-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/155322/CMS-Made-Simple-2.2.8-Remote-Code-Execution.html"
}
]
}