From 0c0a2f8de9c400f1e5260bf73a61429d681f5c08 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sat, 12 Jan 2019 19:06:25 -0500 Subject: [PATCH] - Synchronized data. --- 2018/16xxx/CVE-2018-16206.json | 55 ++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20700.json | 18 ++++++++++ 2018/20xxx/CVE-2018-20701.json | 18 ++++++++++ 2018/20xxx/CVE-2018-20702.json | 18 ++++++++++ 2019/6xxx/CVE-2019-6245.json | 62 ++++++++++++++++++++++++++++++++++ 2019/6xxx/CVE-2019-6246.json | 62 ++++++++++++++++++++++++++++++++++ 2019/6xxx/CVE-2019-6247.json | 62 ++++++++++++++++++++++++++++++++++ 2019/6xxx/CVE-2019-6248.json | 62 ++++++++++++++++++++++++++++++++++ 8 files changed, 354 insertions(+), 3 deletions(-) create mode 100644 2018/20xxx/CVE-2018-20700.json create mode 100644 2018/20xxx/CVE-2018-20701.json create mode 100644 2018/20xxx/CVE-2018-20702.json create mode 100644 2019/6xxx/CVE-2019-6245.json create mode 100644 2019/6xxx/CVE-2019-6246.json create mode 100644 2019/6xxx/CVE-2019-6247.json create mode 100644 2019/6xxx/CVE-2019-6248.json diff --git a/2018/16xxx/CVE-2018-16206.json b/2018/16xxx/CVE-2018-16206.json index 197967be42e..c306b67aa68 100644 --- a/2018/16xxx/CVE-2018-16206.json +++ b/2018/16xxx/CVE-2018-16206.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "vultures@jpcert.or.jp", "ID" : "CVE-2018-16206", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site scripting vulnerability in WordPress plugin spam-byebye 2.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://wordpress.org/plugins/spam-byebye/", + "refsource" : "MISC", + "url" : "https://wordpress.org/plugins/spam-byebye/" + }, + { + "name" : "JVN#58010349", + "refsource" : "JVN", + "url" : "http://jvn.jp/en/jp/JVN58010349/index.html" } ] } diff --git a/2018/20xxx/CVE-2018-20700.json b/2018/20xxx/CVE-2018-20700.json new file mode 100644 index 00000000000..5a84467db6d --- /dev/null +++ b/2018/20xxx/CVE-2018-20700.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20700", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20701.json b/2018/20xxx/CVE-2018-20701.json new file mode 100644 index 00000000000..3d616c3c9fe --- /dev/null +++ b/2018/20xxx/CVE-2018-20701.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20701", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20702.json b/2018/20xxx/CVE-2018-20702.json new file mode 100644 index 00000000000..68f60ec9afd --- /dev/null +++ b/2018/20xxx/CVE-2018-20702.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20702", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6245.json b/2019/6xxx/CVE-2019-6245.json new file mode 100644 index 00000000000..66c09b9a57c --- /dev/null +++ b/2019/6xxx/CVE-2019-6245.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6245", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cell_aa::not_equal, dx is assigned to (x2 - x1). If dx >= dx_limit, which is (16384 << poly_subpixel_shift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dx_limit during the recursion, leading to continual stack consumption." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/svgpp/svgpp/issues/70", + "refsource" : "MISC", + "url" : "https://github.com/svgpp/svgpp/issues/70" + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6246.json b/2019/6xxx/CVE-2019-6246.json new file mode 100644 index 00000000000..e864697007d --- /dev/null +++ b/2019/6xxx/CVE-2019-6246.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6246", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the gil::get_color function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/svgpp/svgpp/issues/70", + "refsource" : "MISC", + "url" : "https://github.com/svgpp/svgpp/issues/70" + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6247.json b/2019/6xxx/CVE-2019-6247.json new file mode 100644 index 00000000000..38d148ee942 --- /dev/null +++ b/2019/6xxx/CVE-2019-6247.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6247", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. A heap-based buffer overflow bug in svgpp_agg_render may lead to code execution. In the render_scanlines_aa_solid function, the blend_hline function is called repeatedly multiple times. blend_hline is equivalent to a loop containing write operations. Each call writes a piece of heap data, and multiple calls overwrite the data in the heap." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/svgpp/svgpp/issues/70", + "refsource" : "MISC", + "url" : "https://github.com/svgpp/svgpp/issues/70" + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6248.json b/2019/6xxx/CVE-2019-6248.json new file mode 100644 index 00000000000..d0a804c0097 --- /dev/null +++ b/2019/6xxx/CVE-2019-6248.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6248", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 has Reflected XSS via the srch parameter, as demonstrated by restaurants-details.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/", + "refsource" : "MISC", + "url" : "https://suku90.wordpress.com/2019/01/12/php-scripts-mall-citysearch-hotfrog-gelbeseiten-clone-script-2-0-1-reflected-xss/" + } + ] + } +}