diff --git a/2014/3xxx/CVE-2014-3576.json b/2014/3xxx/CVE-2014-3576.json index b3f447ba24c..58795b6e6f5 100644 --- a/2014/3xxx/CVE-2014-3576.json +++ b/2014/3xxx/CVE-2014-3576.json @@ -96,6 +96,11 @@ "name": "20151106 [ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536862/100/0/threaded" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2014/3xxx/CVE-2014-3579.json b/2014/3xxx/CVE-2014-3579.json index 42cc10fa4c5..2faa8ecf0e5 100644 --- a/2014/3xxx/CVE-2014-3579.json +++ b/2014/3xxx/CVE-2014-3579.json @@ -76,6 +76,11 @@ "name": "http://activemq.apache.org/security-advisories.data/CVE-2014-3579-announcement.txt", "refsource": "CONFIRM", "url": "http://activemq.apache.org/security-advisories.data/CVE-2014-3579-announcement.txt" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2014/3xxx/CVE-2014-3600.json b/2014/3xxx/CVE-2014-3600.json index b53b277ad4a..f8356098374 100644 --- a/2014/3xxx/CVE-2014-3600.json +++ b/2014/3xxx/CVE-2014-3600.json @@ -76,6 +76,11 @@ "name": "https://issues.apache.org/jira/browse/AMQ-5333", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/AMQ-5333" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2014/3xxx/CVE-2014-3612.json b/2014/3xxx/CVE-2014-3612.json index b3fe17b39a6..9f04bd6899c 100644 --- a/2014/3xxx/CVE-2014-3612.json +++ b/2014/3xxx/CVE-2014-3612.json @@ -76,6 +76,11 @@ "name": "RHSA-2015:0138", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0138.html" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2014/8xxx/CVE-2014-8110.json b/2014/8xxx/CVE-2014-8110.json index 55815b8b71e..69115748c31 100644 --- a/2014/8xxx/CVE-2014-8110.json +++ b/2014/8xxx/CVE-2014-8110.json @@ -76,6 +76,11 @@ "name": "http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt", "refsource": "CONFIRM", "url": "http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2015/1xxx/CVE-2015-1830.json b/2015/1xxx/CVE-2015-1830.json index 852d1d646e7..9a83912a8ec 100644 --- a/2015/1xxx/CVE-2015-1830.json +++ b/2015/1xxx/CVE-2015-1830.json @@ -76,6 +76,11 @@ "name": "1033315", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033315" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2015/5xxx/CVE-2015-5254.json b/2015/5xxx/CVE-2015-5254.json index c70e19622a9..1816591e8f4 100644 --- a/2015/5xxx/CVE-2015-5254.json +++ b/2015/5xxx/CVE-2015-5254.json @@ -111,6 +111,11 @@ "name": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt", "refsource": "CONFIRM", "url": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2016/0xxx/CVE-2016-0734.json b/2016/0xxx/CVE-2016-0734.json index ebf80ad7727..e142d929fc8 100644 --- a/2016/0xxx/CVE-2016-0734.json +++ b/2016/0xxx/CVE-2016-0734.json @@ -76,6 +76,11 @@ "name": "84321", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84321" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2016/0xxx/CVE-2016-0782.json b/2016/0xxx/CVE-2016-0782.json index ac928254c6c..10eabfa2b83 100644 --- a/2016/0xxx/CVE-2016-0782.json +++ b/2016/0xxx/CVE-2016-0782.json @@ -81,6 +81,11 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317516", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317516" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2016/3xxx/CVE-2016-3088.json b/2016/3xxx/CVE-2016-3088.json index 3a7d5a11782..47eb2e8687d 100644 --- a/2016/3xxx/CVE-2016-3088.json +++ b/2016/3xxx/CVE-2016-3088.json @@ -81,6 +81,11 @@ "name": "1035951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035951" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2016/6xxx/CVE-2016-6810.json b/2016/6xxx/CVE-2016-6810.json index de31afd15e6..296bcad8dec 100644 --- a/2016/6xxx/CVE-2016-6810.json +++ b/2016/6xxx/CVE-2016-6810.json @@ -72,6 +72,11 @@ "name": "[users] 20161209 [ANNOUNCE] CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc@%3Cusers.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2017/15xxx/CVE-2017-15709.json b/2017/15xxx/CVE-2017-15709.json index 0259be9f1e9..5727d3a3f19 100644 --- a/2017/15xxx/CVE-2017-15709.json +++ b/2017/15xxx/CVE-2017-15709.json @@ -62,6 +62,16 @@ "refsource": "MLIST", "name": "[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories", "url": "https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-dev] 20190327 Re: Website", + "url": "https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2017/9xxx/CVE-2017-9626.json b/2017/9xxx/CVE-2017-9626.json index 6d2711ce0a2..7289578801c 100644 --- a/2017/9xxx/CVE-2017-9626.json +++ b/2017/9xxx/CVE-2017-9626.json @@ -1,17 +1,79 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-9626", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-9626", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Marel", + "product": { + "product_data": [ + { + "product_name": "Marel Food Processing Systems Pluto platform", + "version": { + "version_data": [ + { + "version_value": "Graders using Pluto platform" + }, + { + "version_value": "Portioning Machines using Pluto platform" + }, + { + "version_value": "Flowline systems using Pluto platform" + }, + { + "version_value": "Packing systems using Pluto platform" + }, + { + "version_value": "SensorX machines using Pluto platform" + }, + { + "version_value": "Target Batchers using Pluto platform" + }, + { + "version_value": "and SpeedBatchers using Pluto platform" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control CWE-284" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-094-02B" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by implementing SSH authentication." } ] } diff --git a/2018/11xxx/CVE-2018-11775.json b/2018/11xxx/CVE-2018-11775.json index fc22fab441c..658b743299e 100644 --- a/2018/11xxx/CVE-2018-11775.json +++ b/2018/11xxx/CVE-2018-11775.json @@ -77,6 +77,16 @@ "refsource": "MLIST", "name": "[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories", "url": "https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-dev] 20190327 Re: Website", + "url": "https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2018/12xxx/CVE-2018-12178.json b/2018/12xxx/CVE-2018-12178.json index 97b83456cfb..31c05a718ea 100644 --- a/2018/12xxx/CVE-2018-12178.json +++ b/2018/12xxx/CVE-2018-12178.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12178", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12178", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/dns-pack-size-check.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/dns-pack-size-check.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network." } ] } diff --git a/2018/12xxx/CVE-2018-12179.json b/2018/12xxx/CVE-2018-12179.json index 72c1118eced..ce75c35f75e 100644 --- a/2018/12xxx/CVE-2018-12179.json +++ b/2018/12xxx/CVE-2018-12179.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12179", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12179", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Information Disclosure and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/opal-blocksid-setting-disabled-after-s3.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access." } ] } diff --git a/2018/12xxx/CVE-2018-12180.json b/2018/12xxx/CVE-2018-12180.json index 4c64666238a..6d5adcfc173 100644 --- a/2018/12xxx/CVE-2018-12180.json +++ b/2018/12xxx/CVE-2018-12180.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12180", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12180", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Information Disclosure and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/buffer-overflow-in-blockio-service-for-ram-disk.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access." } ] } diff --git a/2018/12xxx/CVE-2018-12181.json b/2018/12xxx/CVE-2018-12181.json index 90f3ca18a38..b67fa56dcc3 100644 --- a/2018/12xxx/CVE-2018-12181.json +++ b/2018/12xxx/CVE-2018-12181.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12181", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12181", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/stack-overflow-on-corrupted-bmp.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access." } ] } diff --git a/2018/12xxx/CVE-2018-12182.json b/2018/12xxx/CVE-2018-12182.json index 3eee6694b39..1b5a946ccdd 100644 --- a/2018/12xxx/CVE-2018-12182.json +++ b/2018/12xxx/CVE-2018-12182.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12182", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12182", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Information Disclosure and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access." } ] } diff --git a/2018/12xxx/CVE-2018-12183.json b/2018/12xxx/CVE-2018-12183.json index 743d09e374c..27ddf1739e0 100644 --- a/2018/12xxx/CVE-2018-12183.json +++ b/2018/12xxx/CVE-2018-12183.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12183", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12183", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Information Disclosure and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/unlimited-fv-recursion.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access." } ] } diff --git a/2018/12xxx/CVE-2018-12545.json b/2018/12xxx/CVE-2018-12545.json index 4d9f416dad8..b03c753aa99 100644 --- a/2018/12xxx/CVE-2018-12545.json +++ b/2018/12xxx/CVE-2018-12545.json @@ -39,7 +39,7 @@ "description_data": [ { "lang": "eng", - "value": "In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings." + "value": "In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to the additional CPU and memory allocations required to handle changed settings." } ] }, diff --git a/2018/14xxx/CVE-2018-14814.json b/2018/14xxx/CVE-2018-14814.json index da4234a3a20..d4539e591b6 100644 --- a/2018/14xxx/CVE-2018-14814.json +++ b/2018/14xxx/CVE-2018-14814.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14814", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14814", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "WECON", + "product": { + "product_data": [ + { + "product_name": "WECON Technology PI Studio HMI", + "version": { + "version_data": [ + { + "version_value": "PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read CWE-125" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-277-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WECON Technology PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior lacks proper validation of user-supplied data, which may result in a read past the end of an allocated object." } ] } diff --git a/2018/15xxx/CVE-2018-15585.json b/2018/15xxx/CVE-2018-15585.json index fb7bc95cc67..11f375bb68d 100644 --- a/2018/15xxx/CVE-2018-15585.json +++ b/2018/15xxx/CVE-2018-15585.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-15585", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinform.php", + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinform.php" + }, + { + "url": "https://github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinformupdate.php", + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/blob/b1fc952c7600b825c4b02e2789ddafdea18c8d13/adm/newwinformupdate.php" + }, + { + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13", + "url": "https://github.com/gnuboard/gnuboard5/commit/b1fc952c7600b825c4b02e2789ddafdea18c8d13" } ] } diff --git a/2018/3xxx/CVE-2018-3613.json b/2018/3xxx/CVE-2018-3613.json index dceb5615b3e..5dd2d18a385 100644 --- a/2018/3xxx/CVE-2018-3613.json +++ b/2018/3xxx/CVE-2018-3613.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-3613", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-3613", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Information Disclosure and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/authvariable-timestamp-zeroing-on-append_write.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access." } ] } diff --git a/2018/8xxx/CVE-2018-8006.json b/2018/8xxx/CVE-2018-8006.json index 1e69458929a..99e99176de2 100644 --- a/2018/8xxx/CVE-2018-8006.json +++ b/2018/8xxx/CVE-2018-8006.json @@ -67,6 +67,16 @@ "refsource": "MLIST", "name": "[activemq-commits] 20190327 [CONF] Apache ActiveMQ > Security Advisories", "url": "https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-dev] 20190327 Re: Website", + "url": "https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-commits] 20190327 svn commit: r1042639 - in /websites/production/activemq/content/activemq-website: ./ projects/artemis/download/ projects/classic/download/ projects/cms/download/ security-advisories.data/", + "url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E" } ] } diff --git a/2019/0xxx/CVE-2019-0160.json b/2019/0xxx/CVE-2019-0160.json index 727a12a91cb..d026d212c00 100644 --- a/2019/0xxx/CVE-2019-0160.json +++ b/2019/0xxx/CVE-2019-0160.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0160", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0160", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege and/or Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/partitiondxe-and-udf-buffer-overflow.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/partitiondxe-and-udf-buffer-overflow.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access." } ] } diff --git a/2019/0xxx/CVE-2019-0161.json b/2019/0xxx/CVE-2019-0161.json index ced1f69ec7a..0cd43c86ed0 100644 --- a/2019/0xxx/CVE-2019-0161.json +++ b/2019/0xxx/CVE-2019-0161.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0161", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0161", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Extensible Firmware Interface Development Kit (EDK II)", + "product": { + "product_data": [ + { + "product_name": "Extensible Firmware Interface Development Kit (EDK II)", + "version": { + "version_data": [ + { + "version_value": "N/A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html", + "url": "https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access." } ] } diff --git a/2019/10xxx/CVE-2019-10240.json b/2019/10xxx/CVE-2019-10240.json new file mode 100644 index 00000000000..49228f08c6c --- /dev/null +++ b/2019/10xxx/CVE-2019-10240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10241.json b/2019/10xxx/CVE-2019-10241.json new file mode 100644 index 00000000000..04451ffead8 --- /dev/null +++ b/2019/10xxx/CVE-2019-10241.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10241", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10242.json b/2019/10xxx/CVE-2019-10242.json new file mode 100644 index 00000000000..1758d2f6ca5 --- /dev/null +++ b/2019/10xxx/CVE-2019-10242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10243.json b/2019/10xxx/CVE-2019-10243.json new file mode 100644 index 00000000000..cde7d5e646b --- /dev/null +++ b/2019/10xxx/CVE-2019-10243.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10244.json b/2019/10xxx/CVE-2019-10244.json new file mode 100644 index 00000000000..6a878f478d2 --- /dev/null +++ b/2019/10xxx/CVE-2019-10244.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10244", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10245.json b/2019/10xxx/CVE-2019-10245.json new file mode 100644 index 00000000000..2460c8238af --- /dev/null +++ b/2019/10xxx/CVE-2019-10245.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10245", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10246.json b/2019/10xxx/CVE-2019-10246.json new file mode 100644 index 00000000000..6aa7c835414 --- /dev/null +++ b/2019/10xxx/CVE-2019-10246.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10246", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10247.json b/2019/10xxx/CVE-2019-10247.json new file mode 100644 index 00000000000..40f0af60b51 --- /dev/null +++ b/2019/10xxx/CVE-2019-10247.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10247", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10248.json b/2019/10xxx/CVE-2019-10248.json new file mode 100644 index 00000000000..581a73a10d0 --- /dev/null +++ b/2019/10xxx/CVE-2019-10248.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10248", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10249.json b/2019/10xxx/CVE-2019-10249.json new file mode 100644 index 00000000000..5bae84739fe --- /dev/null +++ b/2019/10xxx/CVE-2019-10249.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10249", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5736.json b/2019/5xxx/CVE-2019-5736.json index 9c5c13c648b..d6f2385da30 100644 --- a/2019/5xxx/CVE-2019-5736.json +++ b/2019/5xxx/CVE-2019-5736.json @@ -206,6 +206,11 @@ "refsource": "MLIST", "name": "[oss-security] 20190323 CVE-2019-0204: Some Mesos components can be overwritten making arbitrary code execution possible.", "url": "http://www.openwall.com/lists/oss-security/2019/03/23/1" + }, + { + "refsource": "CONFIRM", + "name": "https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003", + "url": "https://support.mesosphere.com/s/article/Known-Issue-Container-Runtime-Vulnerability-MSPH-2019-0003" } ] }