admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-07 21:01:23 +00:00
parent b4c1811bf3
commit ed4b94940c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 494 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2010/2xxx/CVE-2010-2450.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2450",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2450",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-2450"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571631"
},
{
"refsource": "CONFIRM",
"name": "https://todos.internet2.edu/browse/SSPCPP-106",
"url": "https://todos.internet2.edu/browse/SSPCPP-106"
}
]
}

60
2010/2xxx/CVE-2010-2476.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2476",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "syscp",
"product": {
"product_data": [
{
"product_name": "syscp",
"version": {
"version_data": [
{
"version_value": "1.4.2.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "open_basedir bypassing"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2476",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-2476"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587481",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587481"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20100630 Re: CVE id request: syscp",
"url": "https://www.openwall.com/lists/oss-security/2010/06/30/15"
}
]
}

60
2013/1xxx/CVE-2013-1425.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-1425",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ldap-git-backup",
"version": {
"version_data": [
{
"version_value": "1.0.7-1"
}
]
}
}
]
},
"vendor_name": "ldap-git-backup"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-1425",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-1425"
},
{
"refsource": "MISC",
"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1096253.html",
"url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1096253.html"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/elmar/ldap-git-backup/commit/a90f3217fce87962db82d212f73af70693087124",
"url": "https://github.com/elmar/ldap-git-backup/commit/a90f3217fce87962db82d212f73af70693087124"
}
]
}

60
2013/1xxx/CVE-2013-1426.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2013-1426",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "mahara",
"product": {
"product_data": [
{
"product_name": "mahara",
"version": {
"version_data": [
{
"version_value": "1.5.9"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-1426",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-1426"
},
{
"refsource": "CONFIRM",
"name": "https://mahara.org/interaction/forum/topic.php?id=5365",
"url": "https://mahara.org/interaction/forum/topic.php?id=5365"
},
{
"refsource": "CONFIRM",
"name": "https://bugs.launchpad.net/mahara/+bug/1153423",
"url": "https://bugs.launchpad.net/mahara/+bug/1153423"
}
]
}

58
2018/18xxx/CVE-2018-18674.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18674",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"board tail contents\" parameter, aka the adm/board_form_update.php bo_content_tail parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-653a2b5a93ed2ca9b8c809ba723638c1",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-653a2b5a93ed2ca9b8c809ba723638c1"
}
]
}

5
2019/13xxx/CVE-2019-13224.json
View File

@ -86,6 +86,11 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K00103182?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K00103182?utm_source=f5support&utm_medium=RSS"
},
{
"refsource": "GENTOO",
"name": "GLSA-201911-03",
"url": "https://security.gentoo.org/glsa/201911-03"
}
]
}

5
2019/13xxx/CVE-2019-13225.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-5409bb5e68",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWCPDTZOIUKGMFAD5NAKUB7FPJFAIQN5/"
},
{
"refsource": "GENTOO",
"name": "GLSA-201911-03",
"url": "https://security.gentoo.org/glsa/201911-03"
}
]
}

5
2019/16xxx/CVE-2019-16905.json
View File

@ -91,6 +91,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20191024-0003/",
"url": "https://security.netapp.com/advisory/ntap-20191024-0003/"
},
{
"refsource": "GENTOO",
"name": "GLSA-201911-01",
"url": "https://security.gentoo.org/glsa/201911-01"
}
]
}

62
2019/18xxx/CVE-2019-18819.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiVectorRender!StrokeText_Blend+0x00000000000003a7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html",
"refsource": "MISC",
"name": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html"
}
]
}
}

62
2019/18xxx/CVE-2019-18820.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eximious Logo Designer 3.82 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a78."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html",
"refsource": "MISC",
"name": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html"
}
]
}
}

62
2019/18xxx/CVE-2019-18821.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiCustomPathLib!ExiCustomPathLib::CGradientColorsProfile::BuildGradientColorsTable+0x0000000000000053."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html",
"refsource": "MISC",
"name": "https://code610.blogspot.com/2019/11/crashing-eximioussoft-logo-designer.html"
}
]
}
}

5
2019/1xxx/CVE-2019-1547.json
View File

@ -177,6 +177,11 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201911-04",
"url": "https://security.gentoo.org/glsa/201911-04"
}
]
}

5
2019/1xxx/CVE-2019-1563.json
View File

@ -172,6 +172,11 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-201911-04",
"url": "https://security.gentoo.org/glsa/201911-04"
}
]
}