admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-16 13:00:48 +00:00
parent df3f6ded33
commit cb73f2ee06
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 350 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2014/0xxx/CVE-2014-0114.json
View File

@ -506,6 +506,11 @@
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/869c08899f34c1a70c9fb42f92ac0d043c98781317e0c19d7ba3f5e3@%3Cissues.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/869c08899f34c1a70c9fb42f92ac0d043c98781317e0c19d7ba3f5e3@%3Cissues.commons.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/084ae814e69178d2ce174cfdf149bc6e46d7524f3308c08d3adb43cb@%3Cissues.commons.apache.org%3E",
"url": "https://lists.apache.org/thread.html/084ae814e69178d2ce174cfdf149bc6e46d7524f3308c08d3adb43cb@%3Cissues.commons.apache.org%3E"
}
]
}

69
2019/1010xxx/CVE-2019-1010018.json
View File

@ -1,17 +1,74 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010018",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zammad GmbH",
"product": {
"product_data": [
{
"product_name": "Zammad",
"version": {
"version_data": [
{
"version_value": "\u2264 2.3.0 [fixed: 2.3.1"
},
{
"version_value": "2.2.2 and 2.1.3]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) - CWE-80"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/zammad/zammad/compare/ea50d0c...238784d",
"url": "https://github.com/zammad/zammad/compare/ea50d0c...238784d"
},
{
"refsource": "MISC",
"name": "https://github.com/zammad/zammad/compare/5c983f6...1a9af7d",
"url": "https://github.com/zammad/zammad/compare/5c983f6...1a9af7d"
},
{
"refsource": "MISC",
"name": "https://github.com/zammad/zammad/issues/1869",
"url": "https://github.com/zammad/zammad/issues/1869"
}
]
}

56
2019/1010xxx/CVE-2019-1010057.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010057",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nfdump",
"product": {
"product_data": [
{
"product_name": "nfdump",
"version": {
"version_data": [
{
"version_value": "\u2264 1.6.16 [fixed: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdump must read and process a specially crafted file. The fixed version is: after commit 9f0fe9563366f62a71d34c92229da3432ec5cf0e."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/phaag/nfdump/issues/104",
"refsource": "MISC",
"name": "https://github.com/phaag/nfdump/issues/104"
}
]
}

66
2019/1010xxx/CVE-2019-1010060.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010060",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NASA",
"product": {
"product_data": [
{
"product_name": "CFITSIO",
"version": {
"version_data": [
{
"version_value": "< 3.43 [fixed: 3.43]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt",
"refsource": "MISC",
"name": "https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt"
},
{
"url": "https://github.com/astropy/astropy/pull/7274",
"refsource": "MISC",
"name": "https://github.com/astropy/astropy/pull/7274"
},
{
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458",
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458"
}
]
}

61
2019/1010xxx/CVE-2019-1010061.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010061",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BigTree-CMS",
"version": {
"version_data": [
{
"version_value": "commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6 and earlier [fixed: after commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6]"
}
]
}
}
]
},
"vendor_name": "BigTree-CMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "BigTree-CMS commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6 and earlier is affected by: Improper Neutralization of Script-Related HTML Tags in a Web Page. The impact is: Any Javascript code can be executed. The component is: users management page. The attack vector is: Insert payload into users' profile and wait for administrators to visit the users management page. The fixed version is: after commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Script-Related HTML Tags in a Web Page"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/bigtreecms/BigTree-CMS/issues/332",
"refsource": "MISC",
"name": "https://github.com/bigtreecms/BigTree-CMS/issues/332"
},
{
"url": "https://github.com/bigtreecms/BigTree-CMS/commit/b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6",
"refsource": "MISC",
"name": "https://github.com/bigtreecms/BigTree-CMS/commit/b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6"
}
]
}

61
2019/1010xxx/CVE-2019-1010062.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010062",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pluck-cms",
"product": {
"product_data": [
{
"product_name": "PluckCMS",
"version": {
"version_data": [
{
"version_value": "\u2264 4.7.4 [fixed: after commit 09f0ab871bf633973cfd9fc4fe59d4a912397cf8]"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The component is: data/inc/images.php line36. The attack vector is: modify the MIME TYPE on HTTP request to upload a php file. The fixed version is: after commit 09f0ab871bf633973cfd9fc4fe59d4a912397cf8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/pluck-cms/pluck/commit/09f0ab871bf633973cfd9fc4fe59d4a912397cf8",
"refsource": "MISC",
"name": "https://github.com/pluck-cms/pluck/commit/09f0ab871bf633973cfd9fc4fe59d4a912397cf8"
},
{
"refsource": "MISC",
"name": "https://github.com/pluck-cms/pluck/issues/44",
"url": "https://github.com/pluck-cms/pluck/issues/44"
}
]
}

62
2019/13xxx/CVE-2019-13612.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MDaemon Email Server 19 skips SpamAssassin checks by default for e-mail messages larger than 2 MB (and limits checks to 10 MB even with special configuration), which is arguably inconsistent with currently popular message sizes. This might interfere with risk management for malicious e-mail, if a customer deploys a server with sufficient resources to scan large messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://lists.altn.com/WebX/.59862f3c",
"refsource": "MISC",
"name": "http://lists.altn.com/WebX/.59862f3c"
}
]
}
}