admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-21 20:02:03 +00:00
parent 11378853d3
commit bd2985e808
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
12 changed files with 446 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2013/3xxx/CVE-2013-3311.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3311",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/27878",
"url": "http://www.exploit-db.com/exploits/27878"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61970",
"url": "http://www.securityfocus.com/bid/61970"
}
]
}

53
2013/3xxx/CVE-2013-3312.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3312",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/27878",
"url": "https://www.exploit-db.com/exploits/27878"
}
]
}

58
2013/3xxx/CVE-2013-3313.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3313",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61971",
"url": "http://www.securityfocus.com/bid/61971"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/27878",
"url": "https://www.exploit-db.com/exploits/27878"
}
]
}

58
2013/3xxx/CVE-2013-3314.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3314",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to get_realip.cgi or (2) firmware versions (ui and system), timestamp, serial number, p2p port number, and wifi status via a request to get_status.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/vulnerability-who-is-watching-your-ip-camera"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/27878",
"url": "http://www.exploit-db.com/exploits/27878"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61969",
"url": "http://www.securityfocus.com/bid/61969"
}
]
}

90
2015/2xxx/CVE-2015-2793.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-2793",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,91 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ikiwiki",
"product": {
"product_data": [
{
"product_name": "ikiwiki",
"version": {
"version_data": [
{
"version_value": "before 3.20150329"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157025.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157025.html"
},
{
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157001.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157001.html"
},
{
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157023.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157023.html"
},
{
"refsource": "MISC",
"name": "https://ikiwiki.info/bugs/XSS_Alert...__33____33____33__/",
"url": "https://ikiwiki.info/bugs/XSS_Alert...__33____33____33__/"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1207210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207210"
},
{
"refsource": "MISC",
"name": "http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77",
"url": "http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781483",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781483"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2015/03/30/5",
"url": "http://openwall.com/lists/oss-security/2015/03/30/5"
},
{
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2015/03/31/1",
"url": "http://openwall.com/lists/oss-security/2015/03/31/1"
}
]
}

10
2019/19xxx/CVE-2019-19033.json
View File

@ -52,16 +52,6 @@
},
"references": {
"reference_data": [
{
"url": "https://twitter.com/ricardojoserf",
"refsource": "MISC",
"name": "https://twitter.com/ricardojoserf"
},
{
"url": "https://github.com/ricardojoserf",
"refsource": "MISC",
"name": "https://github.com/ricardojoserf"
},
{
"url": "https://community.jalios.com/jcms/frt_74021/en/blog-jalios-community",
"refsource": "MISC",

18
2019/19xxx/CVE-2019-19198.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/19xxx/CVE-2019-19199.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/19xxx/CVE-2019-19200.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/19xxx/CVE-2019-19201.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-19201",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2019/19xxx/CVE-2019-19202.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://code.vtiger.com/vtiger/vtigercrm/issues/1126",
"refsource": "MISC",
"name": "https://code.vtiger.com/vtiger/vtigercrm/issues/1126"
}
]
}
}

12
2019/5xxx/CVE-2019-5637.json
View File

@ -93,15 +93,15 @@
},
"references": {
"reference_data": [
{
"name": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf",
"refsource": "CONFIRM",
"url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf"
},
{
"name": "https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/",
"refsource": "MISC",
"url": "https://blog.rapid7.com/2019/10/08/r7-2019-32-denial-of-service-vulnerabilities-in-beckhoff-twincat-plc-environment-fixed/"
},
{
"name": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf",
"refsource": "CONFIRM",
"url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2019-007.pdf"
}
]
},
@ -109,4 +109,4 @@
"advisory": "R7-2019-32",
"discovery": "EXTERNAL"
}
}
}