From 272c5fc3e50a003b2f91e1c21b40dcdc04084294 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 1 Apr 2019 16:00:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/12xxx/CVE-2018-12182.json | 5 +++ 2018/19xxx/CVE-2018-19487.json | 5 +++ 2018/19xxx/CVE-2018-19488.json | 5 +++ 2019/1002xxx/CVE-2019-1002100.json | 5 +++ 2019/10xxx/CVE-2019-10684.json | 62 ++++++++++++++++++++++++++++++ 2019/5xxx/CVE-2019-5888.json | 48 ++++++++++++++++++++++- 2019/5xxx/CVE-2019-5889.json | 48 ++++++++++++++++++++++- 2019/5xxx/CVE-2019-5890.json | 48 ++++++++++++++++++++++- 2019/5xxx/CVE-2019-5891.json | 48 ++++++++++++++++++++++- 2019/6xxx/CVE-2019-6341.json | 5 +++ 10 files changed, 271 insertions(+), 8 deletions(-) create mode 100644 2019/10xxx/CVE-2019-10684.json diff --git a/2018/12xxx/CVE-2018-12182.json b/2018/12xxx/CVE-2018-12182.json index 1b5a946ccdd..0c17bc91e37 100644 --- a/2018/12xxx/CVE-2018-12182.json +++ b/2018/12xxx/CVE-2018-12182.json @@ -48,6 +48,11 @@ "refsource": "CONFIRM", "name": "https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html", "url": "https://edk2-docs.gitbooks.io/security-advisory/content/sw-smi-confused-deputy-smramsavestate_c.html" + }, + { + "refsource": "BID", + "name": "107648", + "url": "http://www.securityfocus.com/bid/107648" } ] }, diff --git a/2018/19xxx/CVE-2018-19487.json b/2018/19xxx/CVE-2018-19487.json index e5fc14d4303..266409769b7 100644 --- a/2018/19xxx/CVE-2018-19487.json +++ b/2018/19xxx/CVE-2018-19487.json @@ -56,6 +56,11 @@ "url": "https://wpvulndb.com/vulnerabilities/9206", "refsource": "MISC", "name": "https://wpvulndb.com/vulnerabilities/9206" + }, + { + "refsource": "MISC", + "name": "https://github.com/Antho59/wp-jobhunt-exploit", + "url": "https://github.com/Antho59/wp-jobhunt-exploit" } ] } diff --git a/2018/19xxx/CVE-2018-19488.json b/2018/19xxx/CVE-2018-19488.json index b12ccc17911..777d73e2566 100644 --- a/2018/19xxx/CVE-2018-19488.json +++ b/2018/19xxx/CVE-2018-19488.json @@ -56,6 +56,11 @@ "url": "https://wpvulndb.com/vulnerabilities/9206", "refsource": "MISC", "name": "https://wpvulndb.com/vulnerabilities/9206" + }, + { + "refsource": "MISC", + "name": "https://github.com/Antho59/wp-jobhunt-exploit", + "url": "https://github.com/Antho59/wp-jobhunt-exploit" } ] } diff --git a/2019/1002xxx/CVE-2019-1002100.json b/2019/1002xxx/CVE-2019-1002100.json index ab8e44d3c96..28030470bfc 100644 --- a/2019/1002xxx/CVE-2019-1002100.json +++ b/2019/1002xxx/CVE-2019-1002100.json @@ -125,6 +125,11 @@ }, "references": { "reference_data": [ + { + "refsource": "BID", + "name": "107290", + "url": "http://www.securityfocus.com/bid/107290" + }, { "name": "https://groups.google.com/forum/#!topic/kubernetes-announce/vmUUNkYfG9g", "refsource": "CONFIRM", diff --git a/2019/10xxx/CVE-2019-10684.json b/2019/10xxx/CVE-2019-10684.json new file mode 100644 index 00000000000..19fd042f271 --- /dev/null +++ b/2019/10xxx/CVE-2019-10684.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10684", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/kyrie403/Vuln/blob/master/74cms/74cms%20v5.0.1%20remote%20code%20execution.md", + "refsource": "MISC", + "name": "https://github.com/kyrie403/Vuln/blob/master/74cms/74cms%20v5.0.1%20remote%20code%20execution.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5888.json b/2019/5xxx/CVE-2019-5888.json index d8a0545e332..774cf1ca260 100644 --- a/2019/5xxx/CVE-2019-5888.json +++ b/2019/5xxx/CVE-2019-5888.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5888", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/", + "refsource": "MISC", + "name": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/" } ] } diff --git a/2019/5xxx/CVE-2019-5889.json b/2019/5xxx/CVE-2019-5889.json index 47b10fad8fb..7a57efd9afd 100644 --- a/2019/5xxx/CVE-2019-5889.json +++ b/2019/5xxx/CVE-2019-5889.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5889", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/", + "refsource": "MISC", + "name": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/" } ] } diff --git a/2019/5xxx/CVE-2019-5890.json b/2019/5xxx/CVE-2019-5890.json index 7b4201f34c9..2994b667b62 100644 --- a/2019/5xxx/CVE-2019-5890.json +++ b/2019/5xxx/CVE-2019-5890.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5890", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/", + "refsource": "MISC", + "name": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/" } ] } diff --git a/2019/5xxx/CVE-2019-5891.json b/2019/5xxx/CVE-2019-5891.json index 966ff35b412..59717ffcb70 100644 --- a/2019/5xxx/CVE-2019-5891.json +++ b/2019/5xxx/CVE-2019-5891.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5891", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/", + "refsource": "MISC", + "name": "https://www.quantumleap.it/geocall-v-6-3-multiple-vulnerabilities/" } ] } diff --git a/2019/6xxx/CVE-2019-6341.json b/2019/6xxx/CVE-2019-6341.json index 98ae4ca773a..2bd1fbeb38d 100644 --- a/2019/6xxx/CVE-2019-6341.json +++ b/2019/6xxx/CVE-2019-6341.json @@ -72,6 +72,11 @@ "name": "https://www.drupal.org/sa-core-2019-004", "refsource": "CONFIRM", "url": "https://www.drupal.org/sa-core-2019-004" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1746-1] drupal7 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00003.html" } ] },