"-Synchronized-Data."

2025-05-06 10:41:46 +00:00 · 2019-08-18 16:00:46 +00:00 · 2019-08-18 16:00:46 +00:00 · 38b497a43c
commit 38b497a43c
parent 2ac3510e9f
4 changed files with 206 additions and 0 deletions
--- a/2018/16xxx/CVE-2018-16858.json
+++ b/2018/16xxx/CVE-2018-16858.json
@ -81,6 +81,11 @@
                "refsource": "BUGTRAQ",
                "name": "20190815 [SECURITY] [DSA 4501-1] libreoffice security update",
                "url": "https://seclists.org/bugtraq/2019/Aug/28"
+            },
+            {
+                "refsource": "SUSE",
+                "name": "openSUSE-SU-2019:1929",
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html"
            }
        ]
    },
--- a/2019/15xxx/CVE-2019-15135.json
+++ b/2019/15xxx/CVE-2019-15135.json
@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-15135",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://arxiv.org/abs/1908.05310",
+                "refsource": "MISC",
+                "name": "https://arxiv.org/abs/1908.05310"
+            },
+            {
+                "url": "https://www.omg.org/spec/DDS-SECURITY/1.1/PDF",
+                "refsource": "MISC",
+                "name": "https://www.omg.org/spec/DDS-SECURITY/1.1/PDF"
+            }
+        ]
+    }
+}
--- a/2019/15xxx/CVE-2019-15136.json
+++ b/2019/15xxx/CVE-2019-15136.json
@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-15136",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://arxiv.org/abs/1908.05310",
+                "refsource": "MISC",
+                "name": "https://arxiv.org/abs/1908.05310"
+            },
+            {
+                "url": "https://github.com/eProsima/Fast-RTPS/issues/443",
+                "refsource": "MISC",
+                "name": "https://github.com/eProsima/Fast-RTPS/issues/443"
+            }
+        ]
+    }
+}
--- a/2019/15xxx/CVE-2019-15137.json
+++ b/2019/15xxx/CVE-2019-15137.json
@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-15137",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows fnmatch pattern matches with topic name strings (instead of the permission expressions themselves), which can lead to unintended connections between participants in a Data Distribution Service (DDS) network."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://arxiv.org/abs/1908.05310",
+                "refsource": "MISC",
+                "name": "https://arxiv.org/abs/1908.05310"
+            },
+            {
+                "url": "https://github.com/eProsima/Fast-RTPS/issues/441",
+                "refsource": "MISC",
+                "name": "https://github.com/eProsima/Fast-RTPS/issues/441"
+            }
+        ]
+    }
+}