admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-26 21:01:00 +00:00
parent 9661ebff9f
commit ecca289be6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
14 changed files with 236 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/15xxx/CVE-2018-15756.json
View File

@ -141,6 +141,11 @@
"refsource": "MLIST",
"name": "[activemq-issues] 20190826 [jira] [Closed] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756",
"url": "https://lists.apache.org/thread.html/efaa52b0aa67aae7cbd9e6ef96945387e422d7ce0e65434570a37b1d@%3Cissues.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190826 [jira] [Updated] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756",
"url": "https://lists.apache.org/thread.html/f8905507a2c94af6b08b72d7be0c4b8c6660e585f00abfafeccc86bc@%3Cissues.activemq.apache.org%3E"
}
]
},

58
2018/18xxx/CVE-2018-18668.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18668",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"homepage title\" parameter, aka the adm/config_form_update.php cf_title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-53f7f220c2d2861a98444adf09471496",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-53f7f220c2d2861a98444adf09471496"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
}
]
}

5
2018/19xxx/CVE-2018-19857.json
View File

@ -91,6 +91,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
}

2
2019/10xxx/CVE-2019-10747.json
View File

@ -55,7 +55,7 @@
"description_data": [
{
"lang": "eng",
"value": "set-value is vulnerable to Prototype Pollution in versions before 2.0.1 and version 3.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads."
"value": "set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads."
}
]
}

5
2019/12xxx/CVE-2019-12874.json
View File

@ -86,6 +86,11 @@
"refsource": "GENTOO",
"name": "GLSA-201908-23",
"url": "https://security.gentoo.org/glsa/201908-23"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
}

5
2019/13xxx/CVE-2019-13602.json
View File

@ -96,6 +96,11 @@
"refsource": "BUGTRAQ",
"name": "20190821 [SECURITY] [DSA 4504-1] vlc security update",
"url": "https://seclists.org/bugtraq/2019/Aug/36"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
}

5
2019/13xxx/CVE-2019-13962.json
View File

@ -91,6 +91,11 @@
"refsource": "BUGTRAQ",
"name": "20190821 [SECURITY] [DSA 4504-1] vlc security update",
"url": "https://seclists.org/bugtraq/2019/Aug/36"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
}

67
2019/15xxx/CVE-2019-15055.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly handles the disk name, which allows authenticated users to delete arbitrary files. Attackers can exploit this vulnerability to reset credential storage, which allows them access to the management interface as an administrator without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://mikrotik.com/download/changelogs/testing-release-tree",
"url": "https://mikrotik.com/download/changelogs/testing-release-tree"
},
{
"refsource": "MISC",
"name": "https://fortiguard.com/zeroday/FG-VD-19-108",
"url": "https://fortiguard.com/zeroday/FG-VD-19-108"
}
]
}
}

5
2019/15xxx/CVE-2019-15295.json
View File

@ -56,6 +56,11 @@
"refsource": "CONFIRM",
"name": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-serviceinstance-dll-bitdefender-antivirus-free-2020/",
"url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-serviceinstance-dll-bitdefender-antivirus-free-2020/"
},
{
"refsource": "MISC",
"name": "https://safebreach.com/Post/BitDefender-Antivirus-Free-2020-Privilege-Escalation-to-SYSTEM",
"url": "https://safebreach.com/Post/BitDefender-Antivirus-Free-2020-Privilege-Escalation-to-SYSTEM"
}
]
}

62
2019/15xxx/CVE-2019-15497.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://experiencesofasysadmin.wordpress.com/2019/08/23/cve-2019-15497-default-credentials/",
"url": "https://experiencesofasysadmin.wordpress.com/2019/08/23/cve-2019-15497-default-credentials/"
}
]
}
}

5
2019/15xxx/CVE-2019-15525.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2019/08/26/1",
"url": "https://www.openwall.com/lists/oss-security/2019/08/26/1"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190826 CVE-2019-15525: Missing TLS/SSL certificate validation in pw3270",
"url": "http://www.openwall.com/lists/oss-security/2019/08/26/1"
}
]
}

5
2019/5xxx/CVE-2019-5439.json
View File

@ -78,6 +78,11 @@
"refsource": "GENTOO",
"name": "GLSA-201908-23",
"url": "https://security.gentoo.org/glsa/201908-23"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
},

5
2019/5xxx/CVE-2019-5459.json
View File

@ -63,6 +63,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
},

5
2019/5xxx/CVE-2019-5460.json
View File

@ -63,6 +63,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1897",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:2015",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html"
}
]
},