From 42e18bcbcf5ba60a31bcb42c678f3cc6b745a7e2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 27 Nov 2019 19:01:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2011/2xxx/CVE-2011-2207.json | 73 +++++++++++++++++++++++++++++-- 2011/2xxx/CVE-2011-2480.json | 80 ++++++++++++++++++++++++++++++++-- 2013/2xxx/CVE-2013-2625.json | 68 ++++++++++++++++++++++++++++- 2014/3xxx/CVE-2014-3875.json | 68 ++++++++++++++++++++++++++++- 2019/14xxx/CVE-2019-14812.json | 12 ++--- 2019/19xxx/CVE-2019-19356.json | 18 ++++++++ 2019/19xxx/CVE-2019-19357.json | 18 ++++++++ 2019/19xxx/CVE-2019-19358.json | 18 ++++++++ 2019/19xxx/CVE-2019-19359.json | 18 ++++++++ 2019/19xxx/CVE-2019-19360.json | 18 ++++++++ 2019/19xxx/CVE-2019-19361.json | 18 ++++++++ 2019/19xxx/CVE-2019-19362.json | 18 ++++++++ 2019/19xxx/CVE-2019-19363.json | 18 ++++++++ 2019/19xxx/CVE-2019-19364.json | 18 ++++++++ 14 files changed, 447 insertions(+), 16 deletions(-) create mode 100644 2019/19xxx/CVE-2019-19356.json create mode 100644 2019/19xxx/CVE-2019-19357.json create mode 100644 2019/19xxx/CVE-2019-19358.json create mode 100644 2019/19xxx/CVE-2019-19359.json create mode 100644 2019/19xxx/CVE-2019-19360.json create mode 100644 2019/19xxx/CVE-2019-19361.json create mode 100644 2019/19xxx/CVE-2019-19362.json create mode 100644 2019/19xxx/CVE-2019-19363.json create mode 100644 2019/19xxx/CVE-2019-19364.json diff --git a/2011/2xxx/CVE-2011-2207.json b/2011/2xxx/CVE-2011-2207.json index 308290975bd..24deb80a126 100644 --- a/2011/2xxx/CVE-2011-2207.json +++ b/2011/2xxx/CVE-2011-2207.json @@ -1,8 +1,34 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2207", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "dirmngr", + "product": { + "product_data": [ + { + "product_name": "dirmngr", + "version": { + "version_data": [ + { + "version_value": "1.1.0" + }, + { + "version_value": "fixed in 2.1.0" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +37,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper dealing with blocking system calls, when verifying a certificate" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2011-2207", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2011-2207" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2207" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2011-2207", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2011-2207" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627377", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627377" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20110615 Re: CVE Request / Discussion -- dirmngr -- Improper dealing with blocking system calls, when verifying a certificate", + "url": "https://www.openwall.com/lists/oss-security/2011/06/15/6" } ] } diff --git a/2011/2xxx/CVE-2011-2480.json b/2011/2xxx/CVE-2011-2480.json index f936c90faee..8706a6a8e8a 100644 --- a/2011/2xxx/CVE-2011-2480.json +++ b/2011/2xxx/CVE-2011-2480.json @@ -1,8 +1,41 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2480", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "FreeBSD, NetBSD", + "product": { + "product_data": [ + { + "product_name": "FreeBSD", + "version": { + "version_data": [ + { + "version_value": "before 8.2" + } + ] + } + }, + { + "product_name": "NetBSD", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +44,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "info disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2011-2480", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2011-2480" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2011-2480", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2011-2480" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631161" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631160" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20110620 Re: CVE request: FreeBSD/NetBSD 802.11 kernel memory disclosure", + "url": "https://www.openwall.com/lists/oss-security/2011/06/20/15" } ] } diff --git a/2013/2xxx/CVE-2013-2625.json b/2013/2xxx/CVE-2013-2625.json index 97c8839ae3c..a01acad8b64 100644 --- a/2013/2xxx/CVE-2013-2625.json +++ b/2013/2xxx/CVE-2013-2625.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2625", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-2625", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-2625" + }, + { + "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00027.html" + }, + { + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0009.html" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/58936", + "url": "http://www.securityfocus.com/bid/58936" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83287" } ] } diff --git a/2014/3xxx/CVE-2014-3875.json b/2014/3xxx/CVE-2014-3875.json index 6bb0e56172e..53ed18f5d59 100644 --- a/2014/3xxx/CVE-2014-3875.json +++ b/2014/3xxx/CVE-2014-3875.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-3875", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The addto parameter to fup in Frams' Fast File EXchange (F*EX, aka fex) before fex-2014053 allows remote attackers to conduct cross-site scripting (XSS) attacks" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/126906/F-EX-20140313-1-HTTP-Response-Splitting-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/126906/F-EX-20140313-1-HTTP-Response-Splitting-Cross-Site-Scripting.html" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2014-3875", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2014-3875" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2014/06/03/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2014/06/03/6" + }, + { + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2014/Jun/1", + "url": "http://seclists.org/fulldisclosure/2014/Jun/1" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/67783", + "url": "http://www.securityfocus.com/bid/67783" } ] } diff --git a/2019/14xxx/CVE-2019-14812.json b/2019/14xxx/CVE-2019-14812.json index c0b5b94ff7c..ecee1f1b80d 100644 --- a/2019/14xxx/CVE-2019-14812.json +++ b/2019/14xxx/CVE-2019-14812.json @@ -44,6 +44,11 @@ }, "references": { "reference_data": [ + { + "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33", + "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33", + "refsource": "CONFIRM" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14812", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14812", @@ -59,12 +64,7 @@ "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBUC4DBBJTRFNCR3IODBV4IXB2C2HI3V/", "refsource": "CONFIRM" }, - { - "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33", - "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33", - "refsource": "CONFIRM" - }, - { + { "url": "https://bugs.ghostscript.com/show_bug.cgi?id=701444", "name": "https://bugs.ghostscript.com/show_bug.cgi?id=701444", "refsource": "CONFIRM" diff --git a/2019/19xxx/CVE-2019-19356.json b/2019/19xxx/CVE-2019-19356.json new file mode 100644 index 00000000000..5182bcf25f8 --- /dev/null +++ b/2019/19xxx/CVE-2019-19356.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19356", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19357.json b/2019/19xxx/CVE-2019-19357.json new file mode 100644 index 00000000000..11e778c01d4 --- /dev/null +++ b/2019/19xxx/CVE-2019-19357.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19357", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19358.json b/2019/19xxx/CVE-2019-19358.json new file mode 100644 index 00000000000..19931d59004 --- /dev/null +++ b/2019/19xxx/CVE-2019-19358.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19358", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19359.json b/2019/19xxx/CVE-2019-19359.json new file mode 100644 index 00000000000..30edc745bb0 --- /dev/null +++ b/2019/19xxx/CVE-2019-19359.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19359", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19360.json b/2019/19xxx/CVE-2019-19360.json new file mode 100644 index 00000000000..dee0ab078a6 --- /dev/null +++ b/2019/19xxx/CVE-2019-19360.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19360", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19361.json b/2019/19xxx/CVE-2019-19361.json new file mode 100644 index 00000000000..c2a02e0e5e0 --- /dev/null +++ b/2019/19xxx/CVE-2019-19361.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19361", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19362.json b/2019/19xxx/CVE-2019-19362.json new file mode 100644 index 00000000000..be12876ab2c --- /dev/null +++ b/2019/19xxx/CVE-2019-19362.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19362", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19363.json b/2019/19xxx/CVE-2019-19363.json new file mode 100644 index 00000000000..baca5a23acf --- /dev/null +++ b/2019/19xxx/CVE-2019-19363.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19363", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19364.json b/2019/19xxx/CVE-2019-19364.json new file mode 100644 index 00000000000..2650187365d --- /dev/null +++ b/2019/19xxx/CVE-2019-19364.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19364", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file