admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-09 21:01:05 +00:00
parent 20b14abd14
commit 0eb1080877
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 1027 additions and 756 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/16xxx/CVE-2018-16530.json
View File

@ -11,7 +11,7 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "n/a", "vendor_name": "Forcepoint",
"product": { "product": {
"product_data": [ "product_data": [
{ {

70
2018/1xxx/CVE-2018-1356.json
View File

@ -1,17 +1,73 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1356",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-1356",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiSandbox",
"version": {
"version_data": [
{
"version_value": "2.5.2"
},
{
"version_value": "2.5.1"
},
{
"version_value": "2.5.0"
},
{
"version_value": "2.4.1"
},
{
"version_value": "2.4.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Execute unauthorized code or commands"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-18-024",
"url": "https://fortiguard.com/advisory/FG-IR-18-024"
}
]
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiSandbox before 3.0 may allow an attacker to execute unauthorized code or commands via the back_url parameter in the file scan component."
} }
] ]
} }

110
2019/0xxx/CVE-2019-0869.json
View File

@ -1,60 +1,62 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0869", "ID": "CVE-2019-0869",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Azure DevOps Server", "product_name": "Azure DevOps Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "2019" "version_value": "2019"
} }
] ]
}
}
]
},
"vendor_name": "Microsoft"
} }
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'."
"lang": "eng", }
"value": "A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka \u0027Azure DevOps Server HTML Injection Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0869" "lang": "eng",
} "value": "Spoofing"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0869",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0869"
}
]
}
} }

154
2019/0xxx/CVE-2019-0870.json
View File

@ -1,83 +1,85 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0870", "ID": "CVE-2019-0870",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Team Foundation Server", "product_name": "Team Foundation Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "2017 Update 3.1" "version_value": "2017 Update 3.1"
} }
] ]
} }
}, },
{ {
"product_name": "Team Foundation Server 2018", "product_name": "Team Foundation Server 2018",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "Update 1.2" "version_value": "Update 1.2"
},
{
"version_value": "Update 3.2"
}
]
}
},
{
"product_name": "Azure DevOps Server",
"version": {
"version_data": [
{
"version_value": "2019"
}
]
}
}
]
}, },
{ "vendor_name": "Microsoft"
"version_value": "Update 3.2"
}
]
} }
},
{
"product_name": "Azure DevOps Server",
"version": {
"version_data": [
{
"version_value": "2019"
}
]
}
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0871."
"lang": "eng", }
"value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka \u0027Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability\u0027. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0871."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0870" "lang": "eng",
} "value": "Spoofing"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0870",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0870"
}
]
}
} }

154
2019/0xxx/CVE-2019-0871.json
View File

@ -1,83 +1,85 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0871", "ID": "CVE-2019-0871",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Team Foundation Server", "product_name": "Team Foundation Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "2017 Update 3.1" "version_value": "2017 Update 3.1"
} }
] ]
} }
}, },
{ {
"product_name": "Team Foundation Server 2018", "product_name": "Team Foundation Server 2018",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "Update 1.2" "version_value": "Update 1.2"
},
{
"version_value": "Update 3.2"
}
]
}
},
{
"product_name": "Azure DevOps Server",
"version": {
"version_data": [
{
"version_value": "2019"
}
]
}
}
]
}, },
{ "vendor_name": "Microsoft"
"version_value": "Update 3.2"
}
]
} }
},
{
"product_name": "Azure DevOps Server",
"version": {
"version_data": [
{
"version_value": "2019"
}
]
}
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0870."
"lang": "eng", }
"value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka \u0027Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability\u0027. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0870."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0871" "lang": "eng",
} "value": "Spoofing"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0871",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0871"
}
]
}
} }

110
2019/0xxx/CVE-2019-0874.json
View File

@ -1,60 +1,62 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0874", "ID": "CVE-2019-0874",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Azure DevOps Server", "product_name": "Azure DevOps Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "2019" "version_value": "2019"
} }
] ]
}
}
]
},
"vendor_name": "Microsoft"
} }
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'."
"lang": "eng", }
"value": "A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka \u0027Azure DevOps Server Cross-site Scripting Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0874" "lang": "eng",
} "value": "Spoofing"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0874",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0874"
}
]
}
} }

110
2019/0xxx/CVE-2019-0875.json
View File

@ -1,60 +1,62 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0875", "ID": "CVE-2019-0875",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Azure DevOps Server", "product_name": "Azure DevOps Server",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "2019" "version_value": "2019"
} }
] ]
}
}
]
},
"vendor_name": "Microsoft"
} }
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka 'Azure DevOps Server Elevation of Privilege Vulnerability'."
"lang": "eng", }
"value": "An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project permissions, aka \u0027Azure DevOps Server Elevation of Privilege Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0875" "lang": "eng",
} "value": "Elevation of Privilege"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0875",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0875"
}
]
}
} }

110
2019/0xxx/CVE-2019-0876.json
View File

@ -1,60 +1,62 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0876", "ID": "CVE-2019-0876",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Open Enclave SDK", "product_name": "Open Enclave SDK",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "" "version_value": ""
} }
] ]
}
}
]
},
"vendor_name": "Microsoft"
} }
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'."
"lang": "eng", }
"value": "An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka \u0027Open Enclave SDK Information Disclosure Vulnerability\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0876" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0876",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0876"
}
]
}
} }

344
2019/0xxx/CVE-2019-0877.json
View File

@ -1,178 +1,180 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0877", "ID": "CVE-2019-0877",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Windows", "product_name": "Windows",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "7 for 32-bit Systems Service Pack 1" "version_value": "7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "7 for x64-based Systems Service Pack 1"
},
{
"version_value": "8.1 for 32-bit systems"
},
{
"version_value": "8.1 for x64-based systems"
},
{
"version_value": "RT 8.1"
},
{
"version_value": "10 for 32-bit Systems"
},
{
"version_value": "10 for x64-based Systems"
},
{
"version_value": "10 Version 1607 for 32-bit Systems"
},
{
"version_value": "10 Version 1607 for x64-based Systems"
},
{
"version_value": "10 Version 1703 for 32-bit Systems"
},
{
"version_value": "10 Version 1703 for x64-based Systems"
},
{
"version_value": "10 Version 1709 for 32-bit Systems"
},
{
"version_value": "10 Version 1709 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for 32-bit Systems"
},
{
"version_value": "10 Version 1803 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "10 Version 1809 for 32-bit Systems"
},
{
"version_value": "10 Version 1809 for x64-based Systems"
},
{
"version_value": "10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2012"
},
{
"version_value": "2012 (Core installation)"
},
{
"version_value": "2012 R2"
},
{
"version_value": "2012 R2 (Core installation)"
},
{
"version_value": "2016"
},
{
"version_value": "2016 (Core installation)"
},
{
"version_value": "version 1709 (Core Installation)"
},
{
"version_value": "version 1803 (Core Installation)"
},
{
"version_value": "2019"
},
{
"version_value": "2019 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
}, },
{ "vendor_name": "Microsoft"
"version_value": "7 for x64-based Systems Service Pack 1"
},
{
"version_value": "8.1 for 32-bit systems"
},
{
"version_value": "8.1 for x64-based systems"
},
{
"version_value": "RT 8.1"
},
{
"version_value": "10 for 32-bit Systems"
},
{
"version_value": "10 for x64-based Systems"
},
{
"version_value": "10 Version 1607 for 32-bit Systems"
},
{
"version_value": "10 Version 1607 for x64-based Systems"
},
{
"version_value": "10 Version 1703 for 32-bit Systems"
},
{
"version_value": "10 Version 1703 for x64-based Systems"
},
{
"version_value": "10 Version 1709 for 32-bit Systems"
},
{
"version_value": "10 Version 1709 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for 32-bit Systems"
},
{
"version_value": "10 Version 1803 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "10 Version 1809 for 32-bit Systems"
},
{
"version_value": "10 Version 1809 for x64-based Systems"
},
{
"version_value": "10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "10 Version 1709 for ARM64-based Systems"
}
]
} }
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2012"
},
{
"version_value": "2012 (Core installation)"
},
{
"version_value": "2012 R2"
},
{
"version_value": "2012 R2 (Core installation)"
},
{
"version_value": "2016"
},
{
"version_value": "2016 (Core installation)"
},
{
"version_value": "version 1709 (Core Installation)"
},
{
"version_value": "version 1803 (Core Installation)"
},
{
"version_value": "2019"
},
{
"version_value": "2019 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879."
"lang": "eng", }
"value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0877" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0877",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0877"
}
]
}
} }

344
2019/0xxx/CVE-2019-0879.json
View File

@ -1,178 +1,180 @@
{ {
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0879", "ID": "CVE-2019-0879",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Windows", "product_name": "Windows",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "7 for 32-bit Systems Service Pack 1" "version_value": "7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "7 for x64-based Systems Service Pack 1"
},
{
"version_value": "8.1 for 32-bit systems"
},
{
"version_value": "8.1 for x64-based systems"
},
{
"version_value": "RT 8.1"
},
{
"version_value": "10 for 32-bit Systems"
},
{
"version_value": "10 for x64-based Systems"
},
{
"version_value": "10 Version 1607 for 32-bit Systems"
},
{
"version_value": "10 Version 1607 for x64-based Systems"
},
{
"version_value": "10 Version 1703 for 32-bit Systems"
},
{
"version_value": "10 Version 1703 for x64-based Systems"
},
{
"version_value": "10 Version 1709 for 32-bit Systems"
},
{
"version_value": "10 Version 1709 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for 32-bit Systems"
},
{
"version_value": "10 Version 1803 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "10 Version 1809 for 32-bit Systems"
},
{
"version_value": "10 Version 1809 for x64-based Systems"
},
{
"version_value": "10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "10 Version 1709 for ARM64-based Systems"
}
]
}
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2012"
},
{
"version_value": "2012 (Core installation)"
},
{
"version_value": "2012 R2"
},
{
"version_value": "2012 R2 (Core installation)"
},
{
"version_value": "2016"
},
{
"version_value": "2016 (Core installation)"
},
{
"version_value": "version 1709 (Core Installation)"
},
{
"version_value": "version 1803 (Core Installation)"
},
{
"version_value": "2019"
},
{
"version_value": "2019 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
}, },
{ "vendor_name": "Microsoft"
"version_value": "7 for x64-based Systems Service Pack 1"
},
{
"version_value": "8.1 for 32-bit systems"
},
{
"version_value": "8.1 for x64-based systems"
},
{
"version_value": "RT 8.1"
},
{
"version_value": "10 for 32-bit Systems"
},
{
"version_value": "10 for x64-based Systems"
},
{
"version_value": "10 Version 1607 for 32-bit Systems"
},
{
"version_value": "10 Version 1607 for x64-based Systems"
},
{
"version_value": "10 Version 1703 for 32-bit Systems"
},
{
"version_value": "10 Version 1703 for x64-based Systems"
},
{
"version_value": "10 Version 1709 for 32-bit Systems"
},
{
"version_value": "10 Version 1709 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for 32-bit Systems"
},
{
"version_value": "10 Version 1803 for x64-based Systems"
},
{
"version_value": "10 Version 1803 for ARM64-based Systems"
},
{
"version_value": "10 Version 1809 for 32-bit Systems"
},
{
"version_value": "10 Version 1809 for x64-based Systems"
},
{
"version_value": "10 Version 1809 for ARM64-based Systems"
},
{
"version_value": "10 Version 1709 for ARM64-based Systems"
}
]
} }
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2012"
},
{
"version_value": "2012 (Core installation)"
},
{
"version_value": "2012 R2"
},
{
"version_value": "2012 R2 (Core installation)"
},
{
"version_value": "2016"
},
{
"version_value": "2016 (Core installation)"
},
{
"version_value": "version 1709 (Core Installation)"
},
{
"version_value": "version 1803 (Core Installation)"
},
{
"version_value": "2019"
},
{
"version_value": "2019 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
] ]
},
"vendor_name": "Microsoft"
} }
] },
} "description": {
}, "description_data": [
"description": { {
"description_data": [ "lang": "eng",
{ "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877."
"lang": "eng", }
"value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \u0027Jet Database Engine Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
] ]
} },
] "problemtype": {
}, "problemtype_data": [
"references": { {
"reference_data": [ "description": [
{ {
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0879" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0879",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0879"
}
]
}
} }

3
2019/3xxx/CVE-2019-3842.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-3842", "ID": "CVE-2019-3842",
"ASSIGNER": "psampaio@redhat.com" "ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

72
2019/5xxx/CVE-2019-5585.json
View File

@ -1,17 +1,75 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5585",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5585",
"ASSIGNER": "psirt@fortinet.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "FortiClientMac",
"version": {
"version_data": [
{
"version_value": "6.0.4"
},
{
"version_value": "6.0.3"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107693",
"url": "http://www.securityfocus.com/bid/107693"
},
{
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-19-003",
"url": "https://fortiguard.com/advisory/FG-IR-19-003"
}
]
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An improper access control vulnerability in FortiClientMac before 6.0.5 may allow an attacker to affect the application's performance via modifying the contents of a file used by several FortiClientMac processes."
} }
] ]
} }

61
2019/6xxx/CVE-2019-6140.json
View File

@ -1,17 +1,64 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6140",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-6140",
"ASSIGNER": "psirt@forcepoint.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Forcepoint",
"product": {
"product_data": [
{
"product_name": "Forcepoint Email Security",
"version": {
"version_data": [
{
"version_value": "8.4"
},
{
"version_value": "8.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.forcepoint.com/KBArticle?id=000016668",
"url": "https://support.forcepoint.com/KBArticle?id=000016668"
}
]
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed."
} }
] ]
} }

58
2019/8xxx/CVE-2019-8456.json
View File

@ -1,17 +1,61 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8456",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-8456",
"ASSIGNER": "cve@checkpoint.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Check Point",
"product": {
"product_data": [
{
"product_name": "Check Point IPsec VPN",
"version": {
"version_data": [
{
"version_value": "Up to R80.30"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk149892",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk149892"
}
]
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server."
} }
] ]
} }

63
2019/9xxx/CVE-2019-9696.json
View File

@ -1,17 +1,66 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9696",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9696",
"ASSIGNER": "secure@symantec.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Symantec",
"product": {
"product_data": [
{
"product_name": "Symantec VIP Enterprise Gateway",
"version": {
"version_data": [
{
"version_value": "All EG Versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://support.symantec.com/en_US/article.SYMSA1477.html",
"url": "https://support.symantec.com/en_US/article.SYMSA1477.html"
},
{
"refsource": "BID",
"name": "107692",
"url": "http://www.securityfocus.com/bid/107692"
}
]
},
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy."
} }
] ]
} }