admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-06-10 18:00:50 +00:00
parent cab11f8742
commit e07430a523
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
16 changed files with 478 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/7xxx/CVE-2018-7853.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0764",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0764"
} }
] ]
}, },

5
2018/7xxx/CVE-2018-7854.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0765",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0765"
} }
] ]
}, },

10
2018/7xxx/CVE-2018-7855.json
View File

@ -48,6 +48,16 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0767",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0767"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0766",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0766"
} }
] ]
}, },

5
2018/7xxx/CVE-2018-7857.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0768",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0768"
} }
] ]
}, },

56
2019/11xxx/CVE-2019-11517.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-11517",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-11517",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BUGTRAQ",
"name": "20190610 CVE-2019-11517: CSRF in Wampserver 3.1.4-3.1.8",
"url": "https://seclists.org/bugtraq/2019/Jun/10"
} }
] ]
} }

18
2019/12xxx/CVE-2019-12783.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12783",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/12xxx/CVE-2019-12784.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12784",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/12xxx/CVE-2019-12785.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12785",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2019/12xxx/CVE-2019-12786.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-protected.pdf",
"refsource": "MISC",
"name": "https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-protected.pdf"
}
]
}
}

62
2019/12xxx/CVE-2019-12787.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the Gateway key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-2-protected.pdf",
"refsource": "MISC",
"name": "https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-2-protected.pdf"
}
]
}
}

5
2019/6xxx/CVE-2019-6806.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0769",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0769"
} }
] ]
}, },

5
2019/6xxx/CVE-2019-6807.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0770",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0770"
} }
] ]
}, },

5
2019/6xxx/CVE-2019-6808.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/", "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/" "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-11/"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0771",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0771"
} }
] ]
}, },

76
2019/9xxx/CVE-2019-9879.json
View File

@ -1,17 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9879",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9879",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9282",
"url": "https://wpvulndb.com/vulnerabilities/9282"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html"
},
{
"refsource": "MISC",
"name": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/",
"url": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/"
},
{
"refsource": "MISC",
"name": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py",
"url": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0",
"url": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0"
} }
] ]
} }

76
2019/9xxx/CVE-2019-9880.json
View File

@ -1,17 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9880",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9880",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users' RootQuery, it is possible, for an unauthenticated attacker, to retrieve all WordPress users details such as email address, role, and username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9282",
"url": "https://wpvulndb.com/vulnerabilities/9282"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html"
},
{
"refsource": "MISC",
"name": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/",
"url": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/"
},
{
"refsource": "MISC",
"name": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py",
"url": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0",
"url": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0"
} }
] ]
} }

76
2019/9xxx/CVE-2019-9881.json
View File

@ -1,17 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9881",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9881",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9282",
"url": "https://wpvulndb.com/vulnerabilities/9282"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/153025/WordPress-WPGraphQL-0.2.3-Authentication-Bypass-Information-Disclosure.html"
},
{
"refsource": "MISC",
"name": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/",
"url": "https://www.pentestpartners.com/security-blog/pwning-wordpress-graphql/"
},
{
"refsource": "MISC",
"name": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py",
"url": "https://github.com/pentestpartners/snippets/blob/master/wp-graphql0.2.3_exploit.py"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0",
"url": "https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0"
} }
] ]
} }