admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-27 14:00:47 +00:00
parent 0c9e02f961
commit e58d2a970a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
19 changed files with 394 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2018/16xxx/CVE-2018-16207.json
View File

@ -3,13 +3,19 @@
"references": {
"reference_data": [
{
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
"url": "https://www.oss.omron.co.jp/ups/info/topics/190326.html",
"refsource": "MISC",
"name": "https://www.oss.omron.co.jp/ups/info/topics/190326.html"
},
{
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
"url": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html",
"refsource": "MISC",
"name": "https://www.oss.omron.co.jp/ups/support/download/soft/poweractpro/master/poweractpro_master_windows.html"
},
{
"url": "https://jvn.jp/en/jp/JVN63981842/index.html"
"url": "https://jvn.jp/en/jp/JVN63981842/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN63981842/index.html"
}
]
},
@ -47,7 +53,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2018-16207",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

5
2018/16xxx/CVE-2018-16867.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/16xxx/CVE-2018-16872.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/19xxx/CVE-2018-19489.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20123.json
View File

@ -66,6 +66,11 @@
"name": "[qemu-devel] 20181212 Re: [PATCH] pvrdma: release device resources in case of an error",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02817.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20124.json
View File

@ -66,6 +66,11 @@
"name": "106290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106290"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20125.json
View File

@ -66,6 +66,11 @@
"name": "[qemu-devel] 20181213 [PATCH v2 3/6] pvrdma: check number of pages when creating rings",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20126.json
View File

@ -66,6 +66,11 @@
"name": "106298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106298"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20191.json
View File

@ -71,6 +71,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2018/20xxx/CVE-2018-20216.json
View File

@ -66,6 +66,11 @@
"name": "106291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106291"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

5
2019/3xxx/CVE-2019-3812.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

93
2019/5xxx/CVE-2019-5418.json
View File

@ -1,17 +1,90 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5418",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-5418",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Rails",
"product": {
"product_data": [
{
"product_name": "https://github.com/rails/rails",
"version": {
"version_data": [
{
"version_value": "5.2.2.1"
},
{
"version_value": "5.1.6.2"
},
{
"version_value": "5.0.7.2"
},
{
"version_value": "4.2.11.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "46585",
"url": "https://www.exploit-db.com/exploits/46585/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html",
"url": "http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View",
"url": "http://www.openwall.com/lists/oss-security/2019/03/22/1"
},
{
"refsource": "CONFIRM",
"name": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/",
"url": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/"
},
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a File Content Disclosure vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed."
}
]
}

83
2019/5xxx/CVE-2019-5419.json
View File

@ -1,17 +1,80 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5419",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-5419",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Rails",
"product": {
"product_data": [
{
"product_name": "https://github.com/rails/rails",
"version": {
"version_data": [
{
"version_value": "5.2.2.1"
},
{
"version_value": "5.1.6.2"
},
{
"version_value": "5.0.7.2"
},
{
"version_value": "4.2.11.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[oss-security] 20190322 [CVE-2019-5418] Amendment: Possible Remote Code Execution Exploit in Action View",
"url": "http://www.openwall.com/lists/oss-security/2019/03/22/1"
},
{
"refsource": "CONFIRM",
"name": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/",
"url": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/"
},
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/GN7w9fFAQeI"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive."
}
]
}

72
2019/5xxx/CVE-2019-5420.json
View File

@ -1,17 +1,69 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5420",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-5420",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Rails",
"product": {
"product_data": [
{
"product_name": "https://github.com/rails/rails",
"version": {
"version_data": [
{
"version_value": "5.2.2.1"
},
{
"version_value": "6.0.0.beta3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection - Generic (CWE-77)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/",
"url": "https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/"
},
{
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit."
}
]
}

15
2019/5xxx/CVE-2019-5926.json
View File

@ -3,13 +3,19 @@
"references": {
"reference_data": [
{
"url": "https://xn--5rwx17a.xn--v8jtdudb.com/"
"url": "https://xn--5rwx17a.xn--v8jtdudb.com/",
"refsource": "MISC",
"name": "https://xn--5rwx17a.xn--v8jtdudb.com/"
},
{
"url": "https://github.com/KinagaCMS/KinagaCMS"
"url": "https://github.com/KinagaCMS/KinagaCMS",
"refsource": "MISC",
"name": "https://github.com/KinagaCMS/KinagaCMS"
},
{
"url": "https://jvn.jp/en/jp/JVN06527859/index.html"
"url": "https://jvn.jp/en/jp/JVN06527859/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN06527859/index.html"
}
]
},
@ -47,7 +53,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5926",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5927.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://weban.jp/contents/c/smartphone_apri/"
"url": "https://weban.jp/contents/c/smartphone_apri/",
"refsource": "MISC",
"name": "https://weban.jp/contents/c/smartphone_apri/"
},
{
"url": "https://jvn.jp/en/jp/JVN60497148/index.html"
"url": "https://jvn.jp/en/jp/JVN60497148/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/en/jp/JVN60497148/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5927",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

5
2019/6xxx/CVE-2019-6778.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-88a98ce795",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
},
{
"refsource": "UBUNTU",
"name": "USN-3923-1",
"url": "https://usn.ubuntu.com/3923-1/"
}
]
}

62
2019/9xxx/CVE-2019-9862.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9862",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-9862",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on ABUS Secvest wireless alarm system FUAA50000 3.01.01 in conjunction with Secvest remote control FUBE50014 or FUBE50015. Because \"encrypted signal transmission\" is missing, an attacker is able to eavesdrop sensitive data as cleartext (for instance, the current rolling code state)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.txt",
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-035.txt"
}
]
}

62
2019/9xxx/CVE-2019-9863.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9863",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-9863",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-034.txt",
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-034.txt"
}
]
}