admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-29 13:00:50 +00:00
parent 005f04b66a
commit d96c01729a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 593 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
2019/15xxx/CVE-2019-15745.json Normal file
View File

@ -0,0 +1,82 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart plugs in a network, take over control of a device, and perform actions such as turning it on and off."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-one/",
"refsource": "MISC",
"name": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-one/"
},
{
"url": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-two/",
"refsource": "MISC",
"name": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-two/"
},
{
"url": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-three/",
"refsource": "MISC",
"name": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-three/"
},
{
"url": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-four/",
"refsource": "MISC",
"name": "https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-four/"
},
{
"url": "https://github.com/iamckn/eques",
"refsource": "MISC",
"name": "https://github.com/iamckn/eques"
}
]
}
}

67
2019/15xxx/CVE-2019-15771.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15771",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nd-shortcodes plugin before 6.0 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/nd-shortcodes/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/nd-shortcodes/#developers"
},
{
"url": "https://threatpost.com/wordpress-plugins-exploited-in-ongoing-attack-researchers-warn/147671/",
"refsource": "MISC",
"name": "https://threatpost.com/wordpress-plugins-exploited-in-ongoing-attack-researchers-warn/147671/"
}
]
}
}

67
2019/15xxx/CVE-2019-15778.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/woo-variation-gallery/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/woo-variation-gallery/#developers"
},
{
"url": "https://www.pluginvulnerabilities.com/2019/08/20/vulnerablity-details-authenticated-persistent-cross-site-scripting-xss-in-additional-variation-images-for-woocommerce/",
"refsource": "MISC",
"name": "https://www.pluginvulnerabilities.com/2019/08/20/vulnerablity-details-authenticated-persistent-cross-site-scripting-xss-in-additional-variation-images-for-woocommerce/"
}
]
}
}

62
2019/15xxx/CVE-2019-15779.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/insta-gallery/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/insta-gallery/#developers"
}
]
}
}

62
2019/15xxx/CVE-2019-15781.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wordpress.org/plugins/facebook-by-weblizar/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/facebook-by-weblizar/#developers"
}
]
}
}

62
2019/15xxx/CVE-2019-15784.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many SRT connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Haivision/srt/pull/811",
"refsource": "MISC",
"name": "https://github.com/Haivision/srt/pull/811"
}
]
}
}

62
2019/15xxx/CVE-2019-15785.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FontForge through 20190801 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/fontforge/fontforge/pull/3886",
"refsource": "MISC",
"name": "https://github.com/fontforge/fontforge/pull/3886"
}
]
}
}

62
2019/15xxx/CVE-2019-15786.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large rxpacket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ROBOTIS-GIT/DynamixelSDK/pull/339",
"refsource": "MISC",
"name": "https://github.com/ROBOTIS-GIT/DynamixelSDK/pull/339"
}
]
}
}

67
2019/15xxx/CVE-2019-15788.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Clara Genomics Analysis before 0.2.0 has an integer overflow for cudapoa memory management in allocate_block.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/clara-genomics/ClaraGenomicsAnalysis/compare/6dc3061...416af9f",
"refsource": "MISC",
"name": "https://github.com/clara-genomics/ClaraGenomicsAnalysis/compare/6dc3061...416af9f"
},
{
"url": "https://github.com/clara-genomics/ClaraGenomicsAnalysis/pull/70",
"refsource": "MISC",
"name": "https://github.com/clara-genomics/ClaraGenomicsAnalysis/pull/70"
}
]
}
}