admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-12-31 17:01:03 +00:00
parent 54571042e4
commit dfaa1c328e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 502 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2019/12xxx/CVE-2019-12837.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12837",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-12837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Java API in Generalitat de Catalunya accesuniversitat.gencat.cat 1.7.5 allows remote attackers to get personal information of all registered students via several API endpoints, given that the attacker is authenticated as a student: 1) https://accesuniversitat.gencat.cat/accesuniversitat/accesuniversitat-rs/AppJava/api/v1/estudiants/{student_id}/ 2) https://accesuniversitat.gencat.cat/accesuniversitat/accesuniversitat-rs/AppJava/api/v1/estudiants/?page={page}."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://vulnz.avm99963.com/T15",
"url": "https://vulnz.avm99963.com/T15"
}
]
}

32
2019/16xxx/CVE-2019-16405.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Centreon Web 19.04.4 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same."
"value": "Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same."
}
]
},
@ -66,6 +66,36 @@
"refsource": "MISC",
"name": "https://github.com/TheCyberGeek/CVE-2019-16405.rb",
"url": "https://github.com/TheCyberGeek/CVE-2019-16405.rb"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html",
"url": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/centreon/centreon/pull/7884",
"url": "https://github.com/centreon/centreon/pull/7884"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html",
"url": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/centreon/centreon/pull/7864",
"url": "https://github.com/centreon/centreon/pull/7864"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html",
"url": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.04.html"
},
{
"refsource": "CONFIRM",
"name": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html",
"url": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html"
}
]
}

18
2019/20xxx/CVE-2019-20177.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20177",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

53
2019/7xxx/CVE-2019-7751.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7751",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151963/MarcomCentral-FusionPro-VDP-Creator-Directory-Traversal.html",
"url": "https://packetstormsecurity.com/files/151963/MarcomCentral-FusionPro-VDP-Creator-Directory-Traversal.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/46494",
"url": "https://www.exploit-db.com/exploits/46494"
}
]
}

53
2019/9xxx/CVE-2019-9197.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9197",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-252/"
},
{
"refsource": "CONFIRM",
"name": "https://unity3d.com/security#CVE-2019-9197",
"url": "https://unity3d.com/security#CVE-2019-9197"
}
]
}

53
2019/9xxx/CVE-2019-9206.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9206",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm errormsg or loginurl parameter. NOTE: This product is discontinued."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151925/PRTG-Network-Monitor-7.1.3.3378-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/151925/PRTG-Network-Monitor-7.1.3.3378-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2019/Mar/3",
"url": "https://seclists.org/fulldisclosure/2019/Mar/3"
}
]
}

53
2019/9xxx/CVE-2019-9207.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9207",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm searchtext parameter. NOTE: This product is discontinued."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151925/PRTG-Network-Monitor-7.1.3.3378-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/151925/PRTG-Network-Monitor-7.1.3.3378-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2019/Mar/3",
"url": "https://seclists.org/fulldisclosure/2019/Mar/3"
}
]
}

53
2019/9xxx/CVE-2019-9553.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9553",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcontent/pages, a related issue to CVE-2017-11128 and CVE-2018-19933."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/46495",
"url": "https://www.exploit-db.com/exploits/46495"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151943/Bold-CMS-3.6.4-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/151943/Bold-CMS-3.6.4-Cross-Site-Scripting.html"
}
]
}

53
2019/9xxx/CVE-2019-9554.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9554",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the header insertion field when adding source code at an s/admin/entries/news/new URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151944/Craft-CMS-3.1.12-Pro-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/151944/Craft-CMS-3.1.12-Pro-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/46496",
"url": "https://www.exploit-db.com/exploits/46496"
}
]
}

53
2019/9xxx/CVE-2019-9556.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9556",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "FiberHome an5506-04-f RP2669 devices have XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/151959/Fiberhome-AN5506-04-F-RP2669-Cross-Site-Scripting.html",
"url": "https://packetstormsecurity.com/files/151959/Fiberhome-AN5506-04-F-RP2669-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/46498",
"url": "https://www.exploit-db.com/exploits/46498"
}
]
}

48
2019/9xxx/CVE-2019-9668.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9668",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in rovinbhandari FTP through 2012-03-28. receive_file in file_transfer_functions.c allows remote attackers to cause a denial of service (daemon crash) via a 0xffff datalen field value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/152058/robinbhandari-FTP-Remote-Denial-Of-Service.html",
"url": "https://packetstormsecurity.com/files/152058/robinbhandari-FTP-Remote-Denial-Of-Service.html"
}
]
}