admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-10 15:00:45 +00:00
parent 224d220796
commit 1fe971b3a8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
9 changed files with 389 additions and 281 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2018/1xxx/CVE-2018-1903.json
View File

@ -1,35 +1,35 @@
{
"data_format" : "MITRE",
"description" : {
"description_data" : [
"data_format": "MITRE",
"description": {
"description_data": [
{
"value" : "IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.",
"lang" : "eng"
"value": "IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.",
"lang": "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "4.2.0"
"version_value": "4.2.0"
},
{
"version_value" : "4.3.0"
"version_value": "4.3.0"
},
{
"version_value" : "6.0.0"
"version_value": "6.0.0"
}
]
},
"product_name" : "Sterling Connect:Direct for UNIX"
"product_name": "Sterling Connect:Direct for UNIX"
}
]
}
@ -37,59 +37,59 @@
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 875386 (Sterling Connect:Direct for UNIX)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10875386",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10875386"
"title": "IBM Security Bulletin 875386 (Sterling Connect:Direct for UNIX)",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10875386",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10875386"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sterling-cve20181903-priv-escalation (152532)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152532"
"title": "X-Force Vulnerability Report",
"name": "ibm-sterling-cve20181903-priv-escalation (152532)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/152532"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
"data_type": "CVE",
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Gain Privileges",
"lang" : "eng"
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2018-1903",
"DATE_PUBLIC" : "2019-04-01T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
"CVE_data_meta": {
"ID": "CVE-2018-1903",
"DATE_PUBLIC": "2019-04-01T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM" : {
"C" : "H",
"UI" : "N",
"AC" : "L",
"SCORE" : "6.700",
"AV" : "L",
"I" : "H",
"A" : "H",
"S" : "U",
"PR" : "H"
"BM": {
"C": "H",
"UI": "N",
"AC": "L",
"SCORE": "6.700",
"AV": "L",
"I": "H",
"A": "H",
"S": "U",
"PR": "H"
}
}
}

108
2018/1xxx/CVE-2018-1994.json
View File

@ -1,93 +1,93 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
"product_name": "InfoSphere Information Server",
"version": {
"version_data": [
{
"version_value" : "11.5"
"version_value": "11.5"
},
{
"version_value" : "11.7"
"version_value": "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 793871 (InfoSphere Information Server)",
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10793871",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10793871"
"title": "IBM Security Bulletin 793871 (InfoSphere Information Server)",
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10793871",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10793871"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/154494",
"name" : "ibm-infosphere-cve20181994-sql-injection (154494)",
"title" : "X-Force Vulnerability Report"
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/154494",
"name": "ibm-infosphere-cve20181994-sql-injection (154494)",
"title": "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
"data_type": "CVE",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494."
"lang": "eng",
"value": "IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494."
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-04-04T00:00:00",
"ID" : "CVE-2018-1994",
"ASSIGNER" : "psirt@us.ibm.com"
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-04-04T00:00:00",
"ID": "CVE-2018-1994",
"ASSIGNER": "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"C" : "L",
"UI" : "N",
"I" : "L",
"A" : "L",
"S" : "U",
"PR" : "L",
"SCORE" : "6.300",
"AV" : "N"
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"C": "L",
"UI": "N",
"I": "L",
"A": "L",
"S": "U",
"PR": "L",
"SCORE": "6.300",
"AV": "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Data Manipulation"
"lang": "eng",
"value": "Data Manipulation"
}
]
}
]
},
"data_version" : "4.0"
"data_version": "4.0"
}

58
2019/0xxx/CVE-2019-0199.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0199",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0199",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Tomcat",
"version": {
"version_data": [
{
"version_value": "Apache Tomcat 9.0.0.M1 to 9.0.14, 8.5.0 to 8.5.37"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995@%3Cannounce.tomcat.apache.org%3E",
"url": "https://lists.apache.org/thread.html/e1b0b273b6e8ddcc72c9023bc2394b1276fc72664144bf21d0a87995@%3Cannounce.tomcat.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS."
}
]
}

4
2019/10xxx/CVE-2019-10843.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-10843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

106
2019/4xxx/CVE-2019-4013.json
View File

@ -1,90 +1,90 @@
{
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Gain Privileges",
"lang" : "eng"
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-03-11T00:00:00",
"ID" : "CVE-2019-4013"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-03-11T00:00:00",
"ID": "CVE-2019-4013"
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"C" : "H",
"UI" : "R",
"A" : "H",
"I" : "H",
"PR" : "L",
"S" : "C",
"AV" : "N",
"SCORE" : "9.000"
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"C": "H",
"UI": "R",
"A": "H",
"I": "H",
"PR": "L",
"S": "C",
"AV": "N",
"SCORE": "9.000"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"value" : "IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.",
"lang" : "eng"
"value": "IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.",
"lang": "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BigFix Platform",
"version" : {
"version_data" : [
"product_name": "BigFix Platform",
"version": {
"version_data": [
{
"version_value" : "9.5"
"version_value": "9.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"refsource" : "CONFIRM",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"title" : "IBM Security Bulletin 874666 (BigFix Platform)"
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"refsource": "CONFIRM",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
"title": "IBM Security Bulletin 874666 (BigFix Platform)"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155887",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-bigfix-cve2019-4013-code-exec (155887)"
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155887",
"title": "X-Force Vulnerability Report",
"name": "ibm-bigfix-cve2019-4013-code-exec (155887)"
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE"
"data_type": "CVE",
"data_format": "MITRE"
}

53
2019/6xxx/CVE-2019-6287.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6287",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Rancher 2.0.0 through 2.1.5, project members have continued access to create, update, read, and delete namespaces in a project after they have been removed from it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://rancher.com/blog/2019/2019-01-29-explaining-security-vulnerabilities-addressed-in-rancher-v2-1-6-and-v2-0-11/",
"url": "https://rancher.com/blog/2019/2019-01-29-explaining-security-vulnerabilities-addressed-in-rancher-v2-1-6-and-v2-0-11/"
},
{
"refsource": "CONFIRM",
"name": "https://forums.rancher.com/c/announcements",
"url": "https://forums.rancher.com/c/announcements"
}
]
}

5
2019/7xxx/CVE-2019-7385.json
View File

@ -81,6 +81,11 @@
"url": "https://s3curityb3ast.github.io",
"refsource": "MISC",
"name": "https://s3curityb3ast.github.io"
},
{
"refsource": "MISC",
"name": "https://s3curityb3ast.github.io/KSA-Dev-006.md",
"url": "https://s3curityb3ast.github.io/KSA-Dev-006.md"
}
]
}

5
2019/7xxx/CVE-2019-7386.json
View File

@ -76,6 +76,11 @@
"url": "http://www.breakthesec.com",
"refsource": "MISC",
"name": "http://www.breakthesec.com"
},
{
"refsource": "MISC",
"name": "https://s3curityb3ast.github.io/KSA-Dev-007.md",
"url": "https://s3curityb3ast.github.io/KSA-Dev-007.md"
}
]
}

5
2019/9xxx/CVE-2019-9489.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://success.trendmicro.com/solution/1122250",
"url": "https://success.trendmicro.com/solution/1122250"
},
{
"refsource": "CONFIRM",
"name": "https://success.trendmicro.com/jp/solution/1122253",
"url": "https://success.trendmicro.com/jp/solution/1122253"
}
]
}