admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-04 15:00:45 +00:00
parent 6076571cb9
commit f05db6cc39
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 139 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/9xxx/CVE-2017-9553.json
View File

@ -56,6 +56,11 @@
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM"
},
{
"refsource": "MISC",
"name": "https://www.2-sec.com/2017/06/2-secs-expert-team-uncovers-new-vulnerability-popular-synology-nas-device/",
"url": "https://www.2-sec.com/2017/06/2-secs-expert-team-uncovers-new-vulnerability-popular-synology-nas-device/"
}
]
}

48
2018/10xxx/CVE-2018-10242.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10242",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/",
"url": "https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/"
}
]
}

63
2018/19xxx/CVE-2018-19981.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19981",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A cleartext-credential issue was discovered in the Amazon AWS SDK 2.8.5 for Android. This SDK uses Android SharedPreferences to store AWS STS Temporary Credentials retrieved by AWS Cognito Identity Provider. If a Mobile Application (MA) uses AWS Cognito in the authentication or authorization process, the AWS SDK will store these credentials in cleartext inside the \"com.amazonaws.android.auth\" SharedPref. An attacker can use these credentials to create and sign valid AWS Signature v4 requests, and perform authenticated and authorized application actions at the user's expense. Note that the attacker must have root access to the Android filesystem (i.e., the device must already be compromised, such as by malware)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_01.png",
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_01.png"
},
{
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_02.png",
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_02.png"
},
{
"url": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_03.png",
"refsource": "MISC",
"name": "https://raw.githubusercontent.com/lorenzodifuccia/cloudflare/master/Images/vulns/aws/aws_sdk_sp_03.png"
},
{
"url": "https://aws-amplify.github.io/aws-sdk-android/docs/reference/com/amazonaws/auth/CognitoCachingCredentialsProvider.html",
"refsource": "MISC",
"name": "https://aws-amplify.github.io/aws-sdk-android/docs/reference/com/amazonaws/auth/CognitoCachingCredentialsProvider.html"
}
]
}

10
2018/20xxx/CVE-2018-20555.json
View File

@ -56,6 +56,16 @@
"url": "https://wpvulndb.com/vulnerabilities/9204",
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9204"
},
{
"refsource": "MISC",
"name": "https://twitter.com/fs0c131y/status/1085828186708066304",
"url": "https://twitter.com/fs0c131y/status/1085828186708066304"
},
{
"refsource": "MISC",
"name": "https://github.com/fs0c131y/CVE-2018-20555",
"url": "https://github.com/fs0c131y/CVE-2018-20555"
}
]
}

15
2019/3xxx/CVE-2019-3847.json
View File

@ -15,20 +15,20 @@
"product": {
"product_data": [
{
"product_name": "moodle",
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_value": "3.6.3"
"version_value": "3.6 to 3.6.2"
},
{
"version_value": "3.5.5"
"version_value": "3.5 to 3.5.4"
},
{
"version_value": "3.4.8"
"version_value": "3.4 to 3.4.7"
},
{
"version_value": "3.1.17"
"version_value": "3.1 to 3.1.16 and earlier unsupported versions"
}
]
}
@ -53,6 +53,11 @@
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107489",
"url": "http://www.securityfocus.com/bid/107489"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3847",

14
2019/5xxx/CVE-2019-5022.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5022",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5022",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None."
}
]
}