admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-16 19:00:54 +00:00
parent 47b1669d2f
commit f2b3d0e6a8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
14 changed files with 210 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/17xxx/CVE-2017-17485.json
View File

@ -146,6 +146,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/12xxx/CVE-2018-12022.json
View File

@ -141,6 +141,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/12xxx/CVE-2018-12023.json
View File

@ -146,6 +146,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/14xxx/CVE-2018-14718.json
View File

@ -136,6 +136,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/14xxx/CVE-2018-14719.json
View File

@ -121,6 +121,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

7
2018/15xxx/CVE-2018-15756.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2018-10-16T07:00:00.000Z",
"ID": "CVE-2018-15756",
"STATE": "PUBLIC",
@ -121,6 +121,11 @@
"refsource": "MLIST",
"name": "[activemq-issues] 20190626 [jira] [Work logged] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756",
"url": "https://lists.apache.org/thread.html/7b156ee50ba3ecce87b33c06bf7a749d84ffee55e69bfb5eca88fcc3@%3Cissues.activemq.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190716 [jira] [Commented] (ARTEMIS-2363) spring-core-5.0.1.RELEASE.jar vulnerable to CVE-2018-15756",
"url": "https://lists.apache.org/thread.html/77886fec378ee6064debb1efb6b464a4a0173b2ff0d151ed86d3a228@%3Cissues.activemq.apache.org%3E"
}
]
},

5
2018/18xxx/CVE-2018-18095.json
View File

@ -53,6 +53,11 @@
"refsource": "BID",
"name": "109103",
"url": "http://www.securityfocus.com/bid/109103"
},
{
"refsource": "CONFIRM",
"name": "https://support.lenovo.com/us/en/product_security/LEN-28116",
"url": "https://support.lenovo.com/us/en/product_security/LEN-28116"
}
]
},

5
2018/19xxx/CVE-2018-19360.json
View File

@ -131,6 +131,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/19xxx/CVE-2018-19361.json
View File

@ -131,6 +131,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

5
2018/19xxx/CVE-2018-19362.json
View File

@ -131,6 +131,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:1782",
"url": "https://access.redhat.com/errata/RHSA-2019:1782"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1797",
"url": "https://access.redhat.com/errata/RHSA-2019:1797"
}
]
}

58
2019/1010xxx/CVE-2019-1010042.json
View File

@ -1,61 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "couchcms",
"version": {
"version_data": [
{
"version_value": "2"
}
]
}
}
]
},
"vendor_name": "couchcms"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-1010042",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "couchcms 2 is affected by: Web Site physical path leakage. The impact is: disclosure the full path. The component is: includes/mysql2i/mysql2i.func.php and addons/phpmailer/phpmailer.php. The attack vector is: network connectivity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Web Site physical path leakage"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/CouchCMS/CouchCMS/issues/46",
"refsource": "MISC",
"name": "https://github.com/CouchCMS/CouchCMS/issues/46"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7662. Reason: This candidate is a reservation duplicate of CVE-2018-7662. Notes: All CVE users should reference CVE-2018-7662 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

63
2019/1010xxx/CVE-2019-1010061.json
View File

@ -1,66 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BigTree-CMS",
"version": {
"version_data": [
{
"version_value": "commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6 and earlier [fixed: after commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6]"
}
]
}
}
]
},
"vendor_name": "BigTree-CMS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-1010061",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigTree-CMS commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6 and earlier is affected by: Improper Neutralization of Script-Related HTML Tags in a Web Page. The impact is: Any Javascript code can be executed. The component is: users management page. The attack vector is: Insert payload into users' profile and wait for administrators to visit the users management page. The fixed version is: after commit b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Script-Related HTML Tags in a Web Page"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/bigtreecms/BigTree-CMS/issues/332",
"refsource": "MISC",
"name": "https://github.com/bigtreecms/BigTree-CMS/issues/332"
},
{
"url": "https://github.com/bigtreecms/BigTree-CMS/commit/b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6",
"refsource": "MISC",
"name": "https://github.com/bigtreecms/BigTree-CMS/commit/b2eff67e45b90ca26a62e971e8f0d5d0d70f23e6"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-10364. Reason: This candidate is a reservation duplicate of CVE-2018-10364. Notes: All CVE users should reference CVE-2018-10364 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

185
2019/6xxx/CVE-2019-6160.json
View File

@ -1,95 +1,96 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-07-16T16:00:00.000Z",
"ID": "CVE-2019-6160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NAS products",
"version": {
"version_data": [
{
"affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Iomega and LenovoEMC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo would like to thank WhiteHat Security and Vertical Structure for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2019-07-16T16:00:00.000Z",
"ID": "CVE-2019-6160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NAS products",
"version": {
"version_data": [
{
"affected": "=",
"version_value": "various"
}
]
}
}
]
},
"vendor_name": "Iomega and LenovoEMC"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/solutions/LEN-25557"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to the firmware level (or later) described for your system in the Product Impact section of LEN-25557. If it is not feasible to update the firmware immediately, partial protection can be achieved by removing any public shares and using the device only on trusted networks."
}
],
"source": {
"advisory": "LEN-25557",
"discovery": "UNKNOWN"
}
}
},
"credit": [
{
"lang": "eng",
"value": "Lenovo would like to thank WhiteHat Security and Vertical Structure for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.lenovo.com/solutions/LEN-25557",
"url": "https://support.lenovo.com/solutions/LEN-25557"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to the firmware level (or later) described for your system in the Product Impact section of LEN-25557. If it is not feasible to update the firmware immediately, partial protection can be achieved by removing any public shares and using the device only on trusted networks."
}
],
"source": {
"advisory": "LEN-25557",
"discovery": "UNKNOWN"
}
}

58
2019/9xxx/CVE-2019-9700.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9700",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9700",
"ASSIGNER": "secure@symantec.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Norton",
"product": {
"product_data": [
{
"product_name": "Norton Password Manager",
"version": {
"version_data": [
{
"version_value": "Prior to 6.3.0.2082"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Address Spoof"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.symantec.com/us/en/article.SYMSA1483.html",
"url": "https://support.symantec.com/us/en/article.SYMSA1483.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic."
}
]
}