admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-23 14:00:57 +00:00
parent 5fb2bf1d6f
commit f5a4e9a34b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 402 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2019/14xxx/CVE-2019-14835.json
View File

@ -98,6 +98,21 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2863",
"url": "https://access.redhat.com/errata/RHSA-2019:2863"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:2866",
"url": "https://access.redhat.com/errata/RHSA-2019:2866"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:2864",
"url": "https://access.redhat.com/errata/RHSA-2019:2864"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:2865",
"url": "https://access.redhat.com/errata/RHSA-2019:2865"
}
]
},

72
2019/16xxx/CVE-2019-16718.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to an insufficient fix for CVE-2019-14745 and improper handling of symbol names embedded in executables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/radareorg/radare2/commit/5411543a310a470b1257fb93273cdd6e8dfcb3af",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/commit/5411543a310a470b1257fb93273cdd6e8dfcb3af"
},
{
"url": "https://github.com/radareorg/radare2/commit/dd739f5a45b3af3d1f65f00fe19af1dbfec7aea7",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/commit/dd739f5a45b3af3d1f65f00fe19af1dbfec7aea7"
},
{
"url": "https://github.com/radareorg/radare2/compare/3.8.0...3.9.0",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/compare/3.8.0...3.9.0"
}
]
}
}

62
2019/16xxx/CVE-2019-16719.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.iwantacve.cn/index.php/archives/344/",
"refsource": "MISC",
"name": "http://www.iwantacve.cn/index.php/archives/344/"
}
]
}
}

62
2019/16xxx/CVE-2019-16720.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins/ueditor/php/controller.php?upfolder=news&action=catchimage, as demonstrated by uploading a .htaccess or .php5 file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.iwantacve.cn/index.php/archives/333/",
"refsource": "MISC",
"name": "http://www.iwantacve.cn/index.php/archives/333/"
}
]
}
}

62
2019/16xxx/CVE-2019-16721.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.iwantacve.cn/index.php/archives/337/",
"refsource": "MISC",
"name": "http://www.iwantacve.cn/index.php/archives/337/"
}
]
}
}

62
2019/16xxx/CVE-2019-16722.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16722",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.iwantacve.cn/index.php/archives/348/",
"refsource": "MISC",
"name": "http://www.iwantacve.cn/index.php/archives/348/"
}
]
}
}

70
2019/3xxx/CVE-2019-3416.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3416",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZXV10 B860A",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "All versions up to V81511329.1008"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "input validation "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011263",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011263"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}