admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-21 16:01:59 +00:00
parent 3dba91c085
commit cd201fe289
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
18 changed files with 440 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2018/8xxx/CVE-2018-8879.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8879",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters are flag, mac, and cat_id."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS",
"url": "https://www.asus.com/Networking/RTAC66U/HelpDesk_BIOS"
},
{
"refsource": "MISC",
"name": "https://pagedout.institute/download/PagedOut_001_beta1.pdf",
"url": "https://pagedout.institute/download/PagedOut_001_beta1.pdf"
}
]
}

5
2019/16xxx/CVE-2019-16538.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1658",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16539.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16540.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16541.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16542.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1539",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1539",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16543.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1554",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1554",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16544.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-727%20(1)",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-727%20(1)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16545.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-727%20(2)",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-727%20(2)",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16546.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1584",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1584",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16547.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1585",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1585",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

5
2019/16xxx/CVE-2019-16548.json
View File

@ -56,6 +56,11 @@
"name": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1586",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1586",
"refsource": "CONFIRM"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20191121 Multiple vulnerabilities in Jenkins plugins",
"url": "http://www.openwall.com/lists/oss-security/2019/11/21/1"
}
]
}

62
2019/17xxx/CVE-2019-17272.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17272",
"ASSIGNER": "security-alert@netapp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NetApp",
"product": {
"product_data": [
{
"product_name": "ONTAP Select Deploy administration utility",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20191121-0002/",
"url": "https://security.netapp.com/advisory/ntap-20191121-0002/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges."
}
]
}
}

62
2019/17xxx/CVE-2019-17650.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17650",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiClient for Mac OS",
"version": {
"version_data": [
{
"version_value": "FortiClient for Mac OS 6.2.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-210",
"url": "https://fortiguard.com/advisory/FG-IR-19-210"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Neutralization of Special Elements used in a Command vulnerability in one of FortiClient for Mac OS root processes, may allow a local user of the system on which FortiClient is running to execute unauthorized code as root by bypassing a security check."
}
]
}
}

58
2019/5xxx/CVE-2019-5086.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5086",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5086",
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "xcftools",
"version": {
"version_data": [
{
"version_value": "xcftools 1.0.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0878",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0878"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file."
}
]
}

58
2019/5xxx/CVE-2019-5087.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5087",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5087",
"ASSIGNER": "talos-cna@cisco.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "xcftools",
"version": {
"version_data": [
{
"version_value": "xcftools 1.0.7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0879",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0879"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row's allocation size, that could be exploited to corrupt memory and eventually execute arbitrary code. In order to trigger this vulnerability, a victim would need to open a specially crafted XCF file."
}
]
}

58
2019/5xxx/CVE-2019-5509.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5509",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5509",
"ASSIGNER": "security-alert@netapp.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NetApp",
"product": {
"product_data": [
{
"product_name": "ONTAP Select Deploy administration utility",
"version": {
"version_data": [
{
"version_value": "2.11.2 through 2.12.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20191121-0001/",
"url": "https://security.netapp.com/advisory/ntap-20191121-0001/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account."
}
]
}

64
2019/6xxx/CVE-2019-6693.json
View File

@ -1,17 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6693",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-6693",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiGate",
"version": {
"version_data": [
{
"version_value": "5.6.9 and below"
},
{
"version_value": "6.0.5 and below"
},
{
"version_value": "6.2.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-007",
"url": "https://fortiguard.com/advisory/FG-IR-19-007"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set)."
}
]
}