admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-10-07 15:01:03 +00:00
parent c84d5d6636
commit e2129e516d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
18 changed files with 916 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2015/9xxx/CVE-2015-9450.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8340",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8340"
},
{
"url": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html"
}
]
}
}

72
2015/9xxx/CVE-2015-9451.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_mailchimp pmfb_tid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8340",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8340"
},
{
"url": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html"
}
]
}
}

72
2015/9xxx/CVE-2015-9452.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nex_forms_Id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8336",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8336"
},
{
"url": "https://wordpress.org/plugins/nex-forms-express-wp-form-builder/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/nex-forms-express-wp-form-builder/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_cb24b6204803e8e94943b198edc37af7.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_cb24b6204803e8e94943b198edc37af7.html"
}
]
}
}

72
2015/9xxx/CVE-2015-9453.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8333",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8333"
},
{
"url": "https://wordpress.org/plugins/broken-link-manager/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/broken-link-manager/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_b677bb83a6c1495f85f76faa5b13011d.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_b677bb83a6c1495f85f76faa5b13011d.html"
}
]
}
}

72
2015/9xxx/CVE-2015-9454.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8284",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8284"
},
{
"url": "https://wordpress.org/plugins/smooth-slider/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/smooth-slider/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_36e814da6ac4dd903be2c77cfbdd0afd.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_36e814da6ac4dd903be2c77cfbdd0afd.html"
}
]
}
}

67
2015/9xxx/CVE-2015-9455.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security.dxw.com/advisories/csrf-and-arbitrary-file-deletion-in-buddypress-activity-plus-1-5/",
"refsource": "MISC",
"name": "https://security.dxw.com/advisories/csrf-and-arbitrary-file-deletion-in-buddypress-activity-plus-1-5/"
},
{
"url": "https://wordpress.org/plugins/buddypress-activity-plus/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/buddypress-activity-plus/#developers"
}
]
}
}

77
2015/9xxx/CVE-2015-9456.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://wpvulndb.com/vulnerabilities/8315",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/8315"
},
{
"url": "https://wordpress.org/plugins/orbisius-child-theme-creator/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/orbisius-child-theme-creator/#developers"
},
{
"url": "http://cinu.pl/research/wp-plugins/mail_28c91eee00e8e4b5868ebc58b5b1f730.html",
"refsource": "MISC",
"name": "http://cinu.pl/research/wp-plugins/mail_28c91eee00e8e4b5868ebc58b5b1f730.html"
},
{
"refsource": "CONFIRM",
"name": "https://wpvulndb.com/vulnerabilities/8315",
"url": "https://wpvulndb.com/vulnerabilities/8315"
}
]
}
}

56
2019/12xxx/CVE-2019-12811.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"ID": "CVE-2019-12811",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MyBuilder",
"version": {
"version_data": [
{
"version_value": "prior to 6.2.2019.814"
}
]
}
}
]
},
"vendor_name": "ACTIVESOFT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155",
"name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155"
}
]
}

56
2019/12xxx/CVE-2019-12812.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"ID": "CVE-2019-12812",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MyBuilder",
"version": {
"version_data": [
{
"version_value": "prior to 6.2.2019.814"
}
]
}
}
]
},
"vendor_name": "ACTIVESOFT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155",
"name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155"
}
]
}

5
2019/15xxx/CVE-2019-15746.json
View File

@ -52,11 +52,6 @@
},
"references": {
"reference_data": [
{
"url": "https://www.sitos.at/sitossix/",
"refsource": "MISC",
"name": "https://www.sitos.at/sitossix/"
},
{
"refsource": "MISC",
"name": "https://www.contextis.com/en/resources/advisories/cve-2019-15746",

5
2019/15xxx/CVE-2019-15749.json
View File

@ -52,11 +52,6 @@
},
"references": {
"reference_data": [
{
"url": "https://www.sitos.at/sitossix/",
"refsource": "MISC",
"name": "https://www.sitos.at/sitossix/"
},
{
"refsource": "MISC",
"name": "https://www.contextis.com/en/resources/advisories/cve-2019-15749",

5
2019/15xxx/CVE-2019-15751.json
View File

@ -52,11 +52,6 @@
},
"references": {
"reference_data": [
{
"url": "https://www.sitos.at/sitossix/",
"refsource": "MISC",
"name": "https://www.sitos.at/sitossix/"
},
{
"refsource": "MISC",
"name": "https://www.contextis.com/en/resources/advisories/cve-2019-15751",

62
2019/17xxx/CVE-2019-17315.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-042/",
"refsource": "MISC",
"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-042/"
}
]
}
}

62
2019/17xxx/CVE-2019-17316.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-043/",
"refsource": "MISC",
"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-043/"
}
]
}
}

62
2019/17xxx/CVE-2019-17317.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-044/",
"refsource": "MISC",
"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-044/"
}
]
}
}

62
2019/17xxx/CVE-2019-17318.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-046/",
"refsource": "MISC",
"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-046/"
}
]
}
}

62
2019/17xxx/CVE-2019-17319.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-17319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-047/",
"refsource": "MISC",
"name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-047/"
}
]
}
}

4
2019/3xxx/CVE-2019-3688.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@suse.de",
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2018-05-15T00:00:00.000Z",
"ID": "CVE-2019-3688",
"STATE": "PUBLIC",
@ -101,4 +101,4 @@
],
"discovery": "UNKNOWN"
}
}
}