admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-25 19:00:51 +00:00
parent b8a5650460
commit 26d4e55a65
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
31 changed files with 1317 additions and 710 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
2015/1xxx/CVE-2015-1007.json
View File

@ -1,17 +1,111 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1007",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2015-1007",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Opto 22",
"product": {
"product_data": [
{
"product_name": "PAC Project Professional",
"version": {
"version_data": [
{
"version_value": "< R9.4008"
}
]
}
},
{
"product_name": "PAC Project Basic",
"version": {
"version_data": [
{
"version_value": "< R9.4008"
}
]
}
},
{
"product_name": "PAC Display Basic",
"version": {
"version_data": [
{
"version_value": "< R9.4g"
}
]
}
},
{
"product_name": "PAC Display Professional",
"version": {
"version_data": [
{
"version_value": "< R9.4g"
}
]
}
},
{
"product_name": "OptoOPCServer",
"version": {
"version_data": [
{
"version_value": "R9.4c and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
}
},
{
"product_name": "OptoDataLink",
"version": {
"version_data": [
{
"version_value": "R9.4d and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based buffer overflow CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior to R9.4008, PAC Display Basic versions prior to R9.4g, PAC Display Professional versions prior to R9.4g, OptoOPCServer version R9.4c and prior that were installed by PAC Project installer, versions prior to R9.4008, and OptoDataLink version R9.4d and prior that were installed by PAC Project installer, versions prior to R9.4008. Opto 22 suggests upgrading to the new product version as soon as possible."
}
]
}

64
2015/1xxx/CVE-2015-1012.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1012",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2015-1012",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Hospira",
"product": {
"product_data": [
{
"product_name": "LifeCare PCA Infusion System",
"version": {
"version_data": [
{
"version_value": "<= 5.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext storage of sensitive information CWE-312"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless capacity in a clinical setting. Hospira has developed a new version of the PCS Infusion System, version 7.0 that addresses the identified vulnerabilities. Version 7.0 has Port 20/FTP and Port 23/TELNET closed by default to prevent unauthorized access."
}
]
}

70
2015/1xxx/CVE-2015-1014.json
View File

@ -1,17 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1014",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2015-1014",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Schneider Electric",
"product": {
"product_data": [
{
"product_name": "OFS v3.5",
"version": {
"version_data": [
{
"version_value": "< v7.40 of SCADA Expert Vijeo Citect/CitectSCADA"
},
{
"version_value": "< v7.30 of Vijeo Citect/CitectSCADA"
},
{
"version_value": "< v7.20 of Vijeo Citect/CitectSCADA."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL hijacking CWE-427"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-141-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expert Vijeo Citect/CitectSCADA, OFS v3.5 with version v7.30 of Vijeo Citect/CitectSCADA, and OFS v3.5 with version v7.20 of Vijeo Citect/CitectSCADA.. If the application attempts to open that file, the application could crash or allow the attacker to execute arbitrary code. Schneider Electric recommends vulnerable users upgrade the OFS to V3.5 and install the latest service pack (SP 6 or newer) for their associated version."
}
]
}

48
2018/12xxx/CVE-2018-12652.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12652",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +11,52 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.knowcybersec.com/2019/02/CVE-2018-12652-reflected-XSS.html",
"url": "https://www.knowcybersec.com/2019/02/CVE-2018-12652-reflected-XSS.html"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}
}

48
2018/12xxx/CVE-2018-12653.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12653",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +11,52 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the RPT/SSRSDynamicEditReports.aspx ReportId parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.knowcybersec.com/2019/02/CVE-2018-12653-reflected-XSS.html",
"url": "https://www.knowcybersec.com/2019/02/CVE-2018-12653-reflected-XSS.html"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}
}

12
2018/16xxx/CVE-2018-16597.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel through 4.18.6. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem."
"value": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem."
}
]
},
@ -71,6 +71,16 @@
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0ca3d70e8d3cf81e2255a217f7ca402f5ed0862"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K22691834",
"url": "https://support.f5.com/csp/article/K22691834"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2018:3202",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00033.html"
}
]
}

62
2019/10xxx/CVE-2019-10011.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10011",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02-06 allows remote attackers to create an arbitrary number of accounts with a password of 1234."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://medium.com/@mdavis332/higher-ed-erp-portal-vulnerability-create-your-own-accounts-d865bd22cdd8",
"refsource": "MISC",
"name": "https://medium.com/@mdavis332/higher-ed-erp-portal-vulnerability-create-your-own-accounts-d865bd22cdd8"
}
]
}

67
2019/10xxx/CVE-2019-10012.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10012",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10012",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote attackers to upload and execute arbitrary .aspx code by placing it in a ZIP archive and using the Moxie Manager plugin before 2.1.4 in the ICS\\ICS.NET\\ICSFileServer/moxiemanager directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://medium.com/@mdavis332/critical-vulnerability-in-higher-ed-erp-55580f8880c",
"refsource": "MISC",
"name": "https://medium.com/@mdavis332/critical-vulnerability-in-higher-ed-erp-55580f8880c"
},
{
"url": "https://www.sjoerdlangkemper.nl/2016/09/15/uploading-webshells-with-moxiemanager/",
"refsource": "MISC",
"name": "https://www.sjoerdlangkemper.nl/2016/09/15/uploading-webshells-with-moxiemanager/"
}
]
}

62
2019/10xxx/CVE-2019-10039.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10039",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_web_and_sys_account/README.md",
"refsource": "MISC",
"name": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_web_and_sys_account/README.md"
}
]
}

62
2019/10xxx/CVE-2019-10040.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10040",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/remote_cmd_exec_0/README.md",
"refsource": "MISC",
"name": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/remote_cmd_exec_0/README.md"
}
]
}

62
2019/10xxx/CVE-2019-10041.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10041",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10041",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_sys_account/README.md",
"refsource": "MISC",
"name": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/edit_sys_account/README.md"
}
]
}

62
2019/10xxx/CVE-2019-10042.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10042",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-10042",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/reset_router/README.md",
"refsource": "MISC",
"name": "https://github.com/PAGalaxyLab/VulInfo/blob/master/D-Link/DIR-816/reset_router/README.md"
}
]
}

18
2019/10xxx/CVE-2019-10043.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10043",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2019/3xxx/CVE-2019-3395.json
View File

@ -19,8 +19,6 @@
"version_value": "6.6.7",
"version_affected": "<"
},
{
"version_value": "6.7.0",
"version_affected": ">="
@ -29,8 +27,6 @@
"version_value": "6.7.3",
"version_affected": "<="
},
{
"version_value": "6.8.0",
"version_affected": ">="
@ -39,8 +35,6 @@
"version_value": "6.8.5",
"version_affected": "<"
},
{
"version_value": "6.9.0",
"version_affected": ">="
@ -85,7 +79,9 @@
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-57971"
"url": "https://jira.atlassian.com/browse/CONFSERVER-57971",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-57971"
}
]
}

10
2019/3xxx/CVE-2019-3396.json
View File

@ -19,8 +19,6 @@
"version_value": "6.6.12",
"version_affected": "<"
},
{
"version_value": "6.7.0",
"version_affected": ">="
@ -29,8 +27,6 @@
"version_value": "6.12.3",
"version_affected": "<"
},
{
"version_value": "6.13.0",
"version_affected": ">"
@ -39,8 +35,6 @@
"version_value": "6.13.3",
"version_affected": "<"
},
{
"version_value": "6.14.0",
"version_affected": ">"
@ -85,7 +79,9 @@
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974"
"url": "https://jira.atlassian.com/browse/CONFSERVER-57974",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-57974"
}
]
}

7
2019/3xxx/CVE-2019-3835.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3835",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -49,7 +50,9 @@
"refsource": "CONFIRM"
},
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700585"
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700585",
"refsource": "MISC",
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=700585"
}
]
},

7
2019/3xxx/CVE-2019-3838.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3838",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -49,7 +50,9 @@
"refsource": "CONFIRM"
},
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700576"
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=700576",
"refsource": "MISC",
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=700576"
}
]
},

7
2019/3xxx/CVE-2019-3856.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3856",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -52,7 +53,9 @@
"references": {
"reference_data": [
{
"url": "https://www.libssh2.org/CVE-2019-3856.html"
"url": "https://www.libssh2.org/CVE-2019-3856.html",
"refsource": "MISC",
"name": "https://www.libssh2.org/CVE-2019-3856.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856",

7
2019/3xxx/CVE-2019-3857.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3857",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -57,7 +58,9 @@
"refsource": "CONFIRM"
},
{
"url": "https://www.libssh2.org/CVE-2019-3857.html"
"url": "https://www.libssh2.org/CVE-2019-3857.html",
"refsource": "MISC",
"name": "https://www.libssh2.org/CVE-2019-3857.html"
}
]
},

7
2019/3xxx/CVE-2019-3860.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3860",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -44,7 +45,9 @@
"references": {
"reference_data": [
{
"url": "https://www.libssh2.org/CVE-2019-3860.html"
"url": "https://www.libssh2.org/CVE-2019-3860.html",
"refsource": "MISC",
"name": "https://www.libssh2.org/CVE-2019-3860.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860",

7
2019/3xxx/CVE-2019-3861.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3861",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
@ -44,7 +45,9 @@
"references": {
"reference_data": [
{
"url": "https://www.libssh2.org/CVE-2019-3861.html"
"url": "https://www.libssh2.org/CVE-2019-3861.html",
"refsource": "MISC",
"name": "https://www.libssh2.org/CVE-2019-3861.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861",

3
2019/3xxx/CVE-2019-3874.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3874",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2019/3xxx/CVE-2019-3879.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-3879",
"ASSIGNER": "psampaio@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

10
2019/7xxx/CVE-2019-7608.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7608",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},

11
2019/7xxx/CVE-2019-7609.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7609",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},
@ -61,4 +65,3 @@
]
}
}

10
2019/7xxx/CVE-2019-7610.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7610",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},

10
2019/7xxx/CVE-2019-7611.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7611",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},

11
2019/7xxx/CVE-2019-7612.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7612",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
}
]
},
@ -61,4 +65,3 @@
]
}
}

10
2019/7xxx/CVE-2019-7613.json
View File

@ -3,7 +3,7 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "bressers@elastic.co",
"ASSIGNER": "security@elastic.co",
"ID": "CVE-2019-7613",
"STATE": "PUBLIC"
},
@ -45,10 +45,14 @@
"references": {
"reference_data": [
{
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180"
"url": "https://www.elastic.co/community/security",
"refsource": "MISC",
"name": "https://www.elastic.co/community/security"
},
{
"url": "https://www.elastic.co/community/security"
"url": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180",
"refsource": "MISC",
"name": "https://discuss.elastic.co/t/elastic-stack-6-6-2-and-5-6-16-security-update/173180"
}
]
},