admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-13 17:00:47 +00:00
parent 9e7be7093b
commit ef8440523f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 281 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/16xxx/CVE-2018-16865.json
View File

@ -141,6 +141,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190510 Re: System Down: A systemd-journald exploit",
"url": "http://www.openwall.com/lists/oss-security/2019/05/10/4"
},
{
"refsource": "BUGTRAQ",
"name": "20190513 Re: System Down: A systemd-journald exploit",
"url": "https://seclists.org/bugtraq/2019/May/25"
}
]
}

5
2018/16xxx/CVE-2018-16866.json
View File

@ -109,6 +109,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190510 Re: System Down: A systemd-journald exploit",
"url": "http://www.openwall.com/lists/oss-security/2019/05/10/4"
},
{
"refsource": "BUGTRAQ",
"name": "20190513 Re: System Down: A systemd-journald exploit",
"url": "https://seclists.org/bugtraq/2019/May/25"
}
]
}

61
2019/10xxx/CVE-2019-10050.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10050",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lists.openinfosecfoundation.org/pipermail/oisf-announce/",
"refsource": "MISC",
"name": "https://lists.openinfosecfoundation.org/pipermail/oisf-announce/"
},
{
"refsource": "MISC",
"name": "https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/",
"url": "https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/"
}
]
}

5
2019/10xxx/CVE-2019-10906.json
View File

@ -111,6 +111,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-04a42e480b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS7IVZAJBWOHNRDMFJDIZVFCMRP6YIUQ/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1152",
"url": "https://access.redhat.com/errata/RHSA-2019:1152"
}
]
}

5
2019/11xxx/CVE-2019-11000.json
View File

@ -61,6 +61,11 @@
"refsource": "CONFIRM",
"name": "https://about.gitlab.com/2019/04/10/critical-security-release-gitlab-11-dot-9-dot-7-released/",
"url": "https://about.gitlab.com/2019/04/10/critical-security-release-gitlab-11-dot-9-dot-7-released/"
},
{
"refsource": "BID",
"name": "108301",
"url": "http://www.securityfocus.com/bid/108301"
}
]
}

5
2019/11xxx/CVE-2019-11832.json
View File

@ -56,6 +56,11 @@
"url": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/",
"refsource": "MISC",
"name": "https://typo3.org/security/advisory/typo3-core-sa-2019-012/"
},
{
"refsource": "BID",
"name": "108305",
"url": "http://www.securityfocus.com/bid/108305"
}
]
}

58
2019/3xxx/CVE-2019-3702.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3702",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.sva.de/solutions/it-security.html",
"refsource": "MISC",
"name": "https://www.sva.de/solutions/it-security.html"
},
{
"url": "https://www.lifesize.com/en/video-conferencing-cameras",
"refsource": "MISC",
"name": "https://www.lifesize.com/en/video-conferencing-cameras"
},
{
"url": "https://atomic111.github.io/article/lifesize-icon-remote-code-execution",
"refsource": "MISC",
"name": "https://atomic111.github.io/article/lifesize-icon-remote-code-execution"
}
]
}

5
2019/5xxx/CVE-2019-5018.json
View File

@ -53,6 +53,11 @@
"refsource": "BID",
"name": "108294",
"url": "http://www.securityfocus.com/bid/108294"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html"
}
]
},

2
2019/7xxx/CVE-2019-7359.json
View File

@ -134,7 +134,7 @@
"description_data": [
{
"lang": "eng",
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may cause a heap overflow, resulting in code execution."
"value": "An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
}
]
},

2
2019/7xxx/CVE-2019-7360.json
View File

@ -134,7 +134,7 @@
"description_data": [
{
"lang": "eng",
"value": "An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file with too many cell margins populating an AcCellMargin object may cause a heap overflow, resulting in code execution."
"value": "An exploitable use-after-free vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk AutoCAD Mechanical 2018, Autodesk AutoCAD MEP 2018, Autodesk AutoCAD P&ID 2018, Autodesk AutoCAD Plant 3D 2018, Autodesk AutoCAD LT 2018, and Autodesk Civil 3D 2018. A specially crafted DXF file may trigger a use-after-free, resulting in code execution."
}
]
},

48
2019/8xxx/CVE-2019-8342.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8342",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "MISC",
"name": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}

48
2019/9xxx/CVE-2019-9726.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9726",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://atomic111.github.io/article/homematic-ccu3-fileread",
"refsource": "MISC",
"name": "https://atomic111.github.io/article/homematic-ccu3-fileread"
}
]
}

48
2019/9xxx/CVE-2019-9727.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9727",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to retrieve the GUI password hashes of GUI users. This vulnerability can be exploited by unauthenticated attackers with access to the web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://atomic111.github.io/article/homematic-ccu3-unauthenticated-password-hash-disclosure",
"refsource": "MISC",
"name": "https://atomic111.github.io/article/homematic-ccu3-unauthenticated-password-hash-disclosure"
}
]
}