admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-29 19:00:59 +00:00
parent 94824a6a02
commit dc7cb2c324
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 153 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2017/12xxx/CVE-2017-12945.json
View File

@ -57,15 +57,15 @@
"name": "https://github.com/aress31/cve-2017-12945",
"url": "https://github.com/aress31/cve-2017-12945"
},
{
"refsource": "MISC",
"name": "https://github.com/aress31/cve-2017-12945/blob/master/images/changelog.png",
"url": "https://github.com/aress31/cve-2017-12945/blob/master/images/changelog.png"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155494/Mersive-Solstice-2.8.0-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/155494/Mersive-Solstice-2.8.0-Remote-Code-Execution.html"
},
{
"refsource": "EXPLOIT-DB",
"name": "47722",
"url": "https://www.exploit-db.com/exploits/47722"
}
]
}

5
2018/15xxx/CVE-2018-15877.json
View File

@ -61,6 +61,11 @@
"name": "45274",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45274/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155502/WordPress-Plainview-Activity-Monitor-20161228-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/155502/WordPress-Plainview-Activity-Monitor-20161228-Remote-Command-Execution.html"
}
]
}

16
2019/10xxx/CVE-2019-10223.json
View File

@ -45,14 +45,24 @@
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2019/08/09/1",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2019/08/09/1"
"refsource": "MLIST",
"name": "[oss-security] 20190815 Re: [ANNOUNCE] Security release of kube-state-metrics v1.7.2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/15/8"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10223",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10223",
"refsource": "CONFIRM"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.7.2",
"url": "https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.7.2"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190809 [ANNOUNCE] Security release of kube-state-metrics v1.7.2",
"url": "https://www.openwall.com/lists/oss-security/2019/08/09/1"
}
]
},

58
2019/17xxx/CVE-2019-17110.json
View File

@ -1,61 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-17110",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0 and v1.7.1 that enabled annotations to be exposed as metrics. By default, kube-state-metrics metrics only expose metadata about Secrets. However, a combination of the default kubectl behavior and this new feature can cause the entire secret content to end up in metric labels, thus inadvertently exposing the secret content in metrics."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.7.2",
"refsource": "MISC",
"name": "https://github.com/kubernetes/kube-state-metrics/releases/tag/v1.7.2"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-10223. Reason: This candidate is a duplicate of CVE-2019-10223. Notes: All CVE users should reference CVE-2019-10223 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

5
2019/17xxx/CVE-2019-17421.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html",
"url": "https://blog.vastart.dev/2019/11/cve-2019-17421-privilege-escalation.html"
},
{
"refsource": "CONFIRM",
"name": "https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html",
"url": "https://www.manageengine.com/products/firewall/security-updates/cve-2019-17421.html"
}
]
}

5
2019/18xxx/CVE-2019-18276.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff",
"url": "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html"
}
]
}

62
2019/18xxx/CVE-2019-18922.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://pastebin.com/dpEGKUGz",
"url": "https://pastebin.com/dpEGKUGz"
}
]
}
}

58
2019/5xxx/CVE-2019-5226.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5226",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5226",
"ASSIGNER": "psirt@huawei.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "P30, P30 Pro, Mate 20, HiSuite",
"version": {
"version_data": [
{
"version_value": "Versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), Versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), Versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1), Versions earlier than HiSuite 9.1.0.305"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "version downgrade"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190904-01-smartphone-en"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "P30, P30 Pro, Mate 20 smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R2P1), versions earlier than Hima-AL00B 9.1.0.135(C00E133R2P1) and HiSuite with versions earlier than HiSuite 9.1.0.305 have a version downgrade vulnerability. The device and HiSuite software do not validate the upgrade package sufficiently, so that the system of smartphone can be downgraded to an older version."
}
]
}