admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-15 18:01:07 +00:00
parent 82de54661d
commit e2c5b1a06c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
34 changed files with 482 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2018/14xxx/CVE-2018-14668.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14668",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14668",
"ASSIGNER": "browser-security@yandex-team.ru",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 1.1.54388."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Protocol Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In ClickHouse before 1.1.54388, \"remote\" table function allowed arbitrary symbols in \"user\", \"password\" and \"default_database\" fields which led to Cross Protocol Request Forgery Attacks."
}
]
}

58
2018/14xxx/CVE-2018-14669.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14669",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14669",
"ASSIGNER": "browser-security@yandex-team.ru",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 1.1.54390."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local File Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ClickHouse MySQL client before versions 1.1.54390 had \"LOAD DATA LOCAL INFILE\" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server."
}
]
}

58
2018/14xxx/CVE-2018-14670.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14670",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14670",
"ASSIGNER": "browser-security@yandex-team.ru",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ClickHouse",
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 1.1.54131."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execution with Unnecessary Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database."
}
]
}

58
2018/14xxx/CVE-2018-14671.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14671",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14671",
"ASSIGNER": "browser-security@yandex-team.ru",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ClickHouse",
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 18.10.3."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability."
}
]
}

58
2018/14xxx/CVE-2018-14672.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14672",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-14672",
"ASSIGNER": "browser-security@yandex-team.ru",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClickHouse",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 18.12.13."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://clickhouse.yandex/docs/en/security_changelog/",
"url": "https://clickhouse.yandex/docs/en/security_changelog/"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages."
}
]
}

5
2018/3xxx/CVE-2018-3139.json
View File

@ -181,6 +181,11 @@
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-10",
"url": "https://security.gentoo.org/glsa/201908-10"
}
]
}

5
2018/3xxx/CVE-2018-3209.json
View File

@ -81,6 +81,11 @@
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-10",
"url": "https://security.gentoo.org/glsa/201908-10"
}
]
}

5
2019/11xxx/CVE-2019-11707.json
View File

@ -81,6 +81,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1544386",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1544386"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11708.json
View File

@ -81,6 +81,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11709.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11710.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11711.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11712.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11713.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11714.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542593",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542593"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11715.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11716.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552632",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552632"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11717.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11718.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408349",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408349"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11719.json
View File

@ -101,6 +101,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1951",
"url": "https://access.redhat.com/errata/RHSA-2019:1951"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11720.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1556230",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1556230"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11721.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256009",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256009"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11723.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528335",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528335"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11724.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1512511",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1512511"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11725.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1483510",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1483510"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11727.json
View File

@ -59,6 +59,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1951",
"url": "https://access.redhat.com/errata/RHSA-2019:1951"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11728.json
View File

@ -54,6 +54,11 @@
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552993",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552993"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11729.json
View File

@ -101,6 +101,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1951",
"url": "https://access.redhat.com/errata/RHSA-2019:1951"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/11xxx/CVE-2019-11730.json
View File

@ -106,6 +106,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},

5
2019/2xxx/CVE-2019-2602.json
View File

@ -151,6 +151,11 @@
"refsource": "CONFIRM",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10285",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10285"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-10",
"url": "https://security.gentoo.org/glsa/201908-10"
}
]
}

5
2019/2xxx/CVE-2019-2699.json
View File

@ -62,6 +62,11 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K02771314",
"url": "https://support.f5.com/csp/article/K02771314"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-10",
"url": "https://security.gentoo.org/glsa/201908-10"
}
]
}

48
2019/9xxx/CVE-2019-9010.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9010",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03"
}
]
}

48
2019/9xxx/CVE-2019-9012.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9012",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03"
}
]
}

5
2019/9xxx/CVE-2019-9811.json
View File

@ -116,6 +116,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201908-12",
"url": "https://security.gentoo.org/glsa/201908-12"
}
]
},