admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-30 17:00:49 +00:00
parent 475cce8433
commit f2dcfaed91
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 298 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/12xxx/CVE-2018-12204.json
View File

@ -67,6 +67,11 @@
"refsource": "CONFIRM",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03912en_us"
},
{
"refsource": "CONFIRM",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03929en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03929en_us"
}
]
}

5
2019/10xxx/CVE-2019-10664.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/domoticz/domoticz/commit/ee70db46f81afa582c96b887b73bcd2a86feda00",
"refsource": "MISC",
"name": "https://github.com/domoticz/domoticz/commit/ee70db46f81afa582c96b887b73bcd2a86feda00"
},
{
"refsource": "EXPLOIT-DB",
"name": "46773",
"url": "https://www.exploit-db.com/exploits/46773/"
}
]
}

5
2019/10xxx/CVE-2019-10678.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/domoticz/domoticz/commit/2119afbe74ee0c914c1d5c4c859c594c08b0ad42",
"refsource": "MISC",
"name": "https://github.com/domoticz/domoticz/commit/2119afbe74ee0c914c1d5c4c859c594c08b0ad42"
},
{
"refsource": "EXPLOIT-DB",
"name": "46773",
"url": "https://www.exploit-db.com/exploits/46773/"
}
]
}

56
2019/10xxx/CVE-2019-10948.json
View File

@ -4,14 +4,64 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10948",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fujifilm",
"product": {
"product_data": [
{
"product_name": "Fujifilm FCR Capsula X/ Carbon X",
"version": {
"version_data": [
{
"version_value": "CR-IR 357 FCR Carbon X"
},
{
"version_value": "CR-IR 357 FCR XC-2"
},
{
"version_value": "FCR-IR 357 FCR Capsula X"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "UNCONTROLLED RESOURCE CONSUMPTION CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted."
}
]
}

61
2019/10xxx/CVE-2019-10950.json
View File

@ -4,14 +4,69 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10950",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fujifilm",
"product": {
"product_data": [
{
"product_name": "Fujifilm FCR Capsula X/ Carbon X",
"version": {
"version_data": [
{
"version_value": "CR-IR 357 FCR Carbon X"
},
{
"version_value": "CR-IR 357 FCR XC-2"
},
{
"version_value": "FCR-IR 357 FCR Capsula X"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER ACCESS CONTROL CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-113-01"
},
{
"refsource": "BID",
"name": "108052",
"url": "http://www.securityfocus.com/bid/108052"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. An attacker who successfully exploits this vulnerability may be able to access the underlying operating system."
}
]
}

5
2019/11xxx/CVE-2019-11415.json
View File

@ -56,6 +56,11 @@
"url": "https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/",
"refsource": "MISC",
"name": "https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/"
},
{
"refsource": "EXPLOIT-DB",
"name": "46768",
"url": "https://www.exploit-db.com/exploits/46768/"
}
]
}

5
2019/11xxx/CVE-2019-11416.json
View File

@ -56,6 +56,11 @@
"url": "https://1.337.zone/2019/04/08/intelbras-iwr-3000n-1-5-0-csrf-lead-to-router-takeover/",
"refsource": "MISC",
"name": "https://1.337.zone/2019/04/08/intelbras-iwr-3000n-1-5-0-csrf-lead-to-router-takeover/"
},
{
"refsource": "EXPLOIT-DB",
"name": "46770",
"url": "https://www.exploit-db.com/exploits/46770/"
}
]
}

18
2019/11xxx/CVE-2019-11601.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11601",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/11xxx/CVE-2019-11602.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11602",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/11xxx/CVE-2019-11603.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11603",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

214
2019/5xxx/CVE-2019-5624.json
View File

@ -1,115 +1,115 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.6"
},
"CVE_data_meta": {
"ID": "CVE-2019-5624",
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2019-04-24T18:00:00.000Z",
"TITLE": "Rapid7 Metasploit Framework Zip Import Directory Traversal",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"discovery": "USER"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rapid7",
"product": {
"product_data": [
{
"product_name": "Metasploit Framework",
"version": {
"version_data": [
{
"version_name": "4.14.0",
"version_affected": "<=",
"version_value": "4.14.0",
"platform": ""
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.6"
},
"CVE_data_meta": {
"ID": "CVE-2019-5624",
"ASSIGNER": "cve@rapid7.com",
"DATE_PUBLIC": "2019-04-24T18:00:00.000Z",
"TITLE": "Rapid7 Metasploit Framework Zip Import Directory Traversal",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"discovery": "USER"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Rapid7",
"product": {
"product_data": [
{
"product_name": "Metasploit Framework",
"version": {
"version_data": [
{
"version_name": "4.14.0",
"version_affected": "<=",
"version_value": "4.14.0",
"platform": ""
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/rapid7/metasploit-framework/pull/11716",
"name": "https://github.com/rapid7/metasploit-framework/pull/11716"
},
{
"refsource": "CONFIRM",
"url": "https://help.rapid7.com/metasploit/release-notes/archive/2019/04/#20190416",
"name": "https://help.rapid7.com/metasploit/release-notes/archive/2019/04/#20190416"
},
{
"refsource": "MISC",
"url": "https://blog.doyensec.com/2019/04/24/rubyzip-bug.html",
"name": "https://blog.doyensec.com/2019/04/24/rubyzip-bug.html"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.0",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 7.4,
"baseSeverity": "HIGH"
}
},
"exploit": [],
"work_around": [],
"solution": [
{
"lang": "eng",
"value": "Update to version 4.15.0 or later."
}
],
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Doyensec, and reported privately by Luca Carettoni."
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit.\nThis issue affects:\nRapid7 Metasploit Framework version 4.14.0 and prior versions."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/rapid7/metasploit-framework/pull/11716",
"name": "https://github.com/rapid7/metasploit-framework/pull/11716"
},
{
"refsource": "CONFIRM",
"url": "https://help.rapid7.com/metasploit/release-notes/archive/2019/04/#20190416",
"name": "https://help.rapid7.com/metasploit/release-notes/archive/2019/04/#20190416"
},
{
"refsource": "MISC",
"url": "https://blog.doyensec.com/2019/04/24/rubyzip-bug.html",
"name": "https://blog.doyensec.com/2019/04/24/rubyzip-bug.html"
}
]
},
"configuration": [],
"impact": {
"cvss": {
"version": "3.0",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"baseScore": 7.4,
"baseSeverity": "HIGH"
}
},
"exploit": [],
"work_around": [],
"solution": [
{
"lang": "eng",
"value": "Update to version 4.15.0 or later."
}
],
"credit": [
{
"lang": "eng",
"value": "This issue was discovered by Doyensec, and reported privately by Luca Carettoni."
}
]
}