admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-31 21:00:48 +00:00
parent 2d010205d8
commit e235576a81
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 257 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2015/1xxx/CVE-2015-1331.json
View File

@ -86,6 +86,11 @@
"name": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1470842", "name": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1470842",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1470842" "url": "https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1470842"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
} }

5
2015/1xxx/CVE-2015-1334.json
View File

@ -86,6 +86,11 @@
"name": "openSUSE-SU-2015:1317", "name": "openSUSE-SU-2015:1317",
"refsource": "SUSE", "refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html" "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
} }

5
2015/1xxx/CVE-2015-1335.json
View File

@ -111,6 +111,11 @@
"name": "openSUSE-SU-2015:1717", "name": "openSUSE-SU-2015:1717",
"refsource": "SUSE", "refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00023.html" "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00023.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
} }

5
2017/5xxx/CVE-2017-5985.json
View File

@ -81,6 +81,11 @@
"name": "[oss-security] 20170309 LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership", "name": "[oss-security] 20170309 LXC: CVE-2017-5985: lxc-user-nic didn't verify network namespace ownership",
"refsource": "MLIST", "refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/03/09/4" "url": "http://www.openwall.com/lists/oss-security/2017/03/09/4"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
} }

5
2018/1000xxx/CVE-2018-1000632.json
View File

@ -124,6 +124,11 @@
"refsource": "CONFIRM", "refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190530-0001/", "name": "https://security.netapp.com/advisory/ntap-20190530-0001/",
"url": "https://security.netapp.com/advisory/ntap-20190530-0001/" "url": "https://security.netapp.com/advisory/ntap-20190530-0001/"
},
{
"refsource": "MLIST",
"name": "[maven-dev] 20190531 proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8)",
"url": "https://lists.apache.org/thread.html/7f6e120e6ed473f4e00dde4c398fc6698eb383bd7857d20513e989ce@%3Cdev.maven.apache.org%3E"
} }
] ]
} }

5
2018/6xxx/CVE-2018-6556.json
View File

@ -106,6 +106,11 @@
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2019:1275", "name": "openSUSE-SU-2019:1275",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00091.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
}, },

55
2019/10xxx/CVE-2019-10981.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10981", "ID": "CVE-2019-10981",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "AVEVA",
"product": {
"product_data": [
{
"product_name": "AVEVA Vijeo Citect and CitectSCADA",
"version": {
"version_data": [
{
"version_value": "Vijeo Citect 7.30 and 7.40 CitectSCADA 7.30 and 7.40"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficiently Protected Credentials CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-150-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-150-01"
},
{
"refsource": "CONFIRM",
"name": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf",
"url": "https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityAdvisory_LFSec136.pdf"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials."
} }
] ]
} }

5
2019/5xxx/CVE-2019-5736.json
View File

@ -271,6 +271,11 @@
"refsource": "SUSE", "refsource": "SUSE",
"name": "openSUSE-SU-2019:1444", "name": "openSUSE-SU-2019:1444",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00060.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1481",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html"
} }
] ]
} }

72
2019/9xxx/CVE-2019-9874.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9874",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9874",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://dev.sitecore.net/Downloads.aspx",
"refsource": "MISC",
"name": "https://dev.sitecore.net/Downloads.aspx"
},
{
"url": "https://www.synacktiv.com/blog.html",
"refsource": "MISC",
"name": "https://www.synacktiv.com/blog.html"
},
{
"refsource": "MISC",
"name": "https://www.synacktiv.com/ressources/advisories/Sitecore_CSRF_deserialize_RCE.pdf",
"url": "https://www.synacktiv.com/ressources/advisories/Sitecore_CSRF_deserialize_RCE.pdf"
} }
] ]
} }

72
2019/9xxx/CVE-2019-9875.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9875",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9875",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://dev.sitecore.net/Downloads.aspx",
"refsource": "MISC",
"name": "https://dev.sitecore.net/Downloads.aspx"
},
{
"url": "https://www.synacktiv.com/blog.html",
"refsource": "MISC",
"name": "https://www.synacktiv.com/blog.html"
},
{
"refsource": "MISC",
"name": "https://www.synacktiv.com/ressources/advisories/Sitecore_CSRF_deserialize_RCE.pdf",
"url": "https://www.synacktiv.com/ressources/advisories/Sitecore_CSRF_deserialize_RCE.pdf"
} }
] ]
} }

62
2019/9xxx/CVE-2019-9891.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-9891",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-9891",
"STATE": "PUBLIC"
}, },
"description": { "affects": {
"description_data": [ "vendor": {
"vendor_data": [
{ {
"lang": "eng", "product": {
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2019-007",
"refsource": "MISC",
"name": "https://www.redteam-pentesting.de/advisories/rt-sa-2019-007"
} }
] ]
} }