From 432222cddf067c1e892a420ede5e0e6609008808 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Aug 2019 00:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/1000xxx/CVE-2018-1000812.json | 2 +- 2019/15xxx/CVE-2019-15084.json | 62 +++++++++++++++++++++++++ 2019/15xxx/CVE-2019-15090.json | 72 ++++++++++++++++++++++++++++++ 2019/1xxx/CVE-2019-1144.json | 5 +++ 2019/1xxx/CVE-2019-1145.json | 5 +++ 2019/1xxx/CVE-2019-1148.json | 5 +++ 2019/1xxx/CVE-2019-1149.json | 5 +++ 2019/1xxx/CVE-2019-1150.json | 10 +++++ 2019/1xxx/CVE-2019-1151.json | 5 +++ 2019/1xxx/CVE-2019-1152.json | 5 +++ 2019/1xxx/CVE-2019-1153.json | 5 +++ 2019/2xxx/CVE-2019-2745.json | 5 +++ 2019/2xxx/CVE-2019-2762.json | 5 +++ 2019/2xxx/CVE-2019-2769.json | 5 +++ 2019/2xxx/CVE-2019-2816.json | 5 +++ 15 files changed, 200 insertions(+), 1 deletion(-) create mode 100644 2019/15xxx/CVE-2019-15084.json create mode 100644 2019/15xxx/CVE-2019-15090.json diff --git a/2018/1000xxx/CVE-2018-1000812.json b/2018/1000xxx/CVE-2018-1000812.json index 5a9a132d00b..56cefe97bb6 100644 --- a/2018/1000xxx/CVE-2018-1000812.json +++ b/2018/1000xxx/CVE-2018-1000812.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Ártica Soluciones Tecnológicas Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047." + "value": "Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047." } ] }, diff --git a/2019/15xxx/CVE-2019-15084.json b/2019/15xxx/CVE-2019-15084.json new file mode 100644 index 00000000000..4d97707adee --- /dev/null +++ b/2019/15xxx/CVE-2019-15084.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file permissions. As a result, a local attacker can escalate to SYSTEM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/46416", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/46416" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15090.json b/2019/15xxx/CVE-2019-15090.json new file mode 100644 index 00000000000..90026fd4b23 --- /dev/null +++ b/2019/15xxx/CVE-2019-15090.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15090", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/c09581a52765a85f19fc35340127396d5e3379cc", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/c09581a52765a85f19fc35340127396d5e3379cc" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c09581a52765a85f19fc35340127396d5e3379cc", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c09581a52765a85f19fc35340127396d5e3379cc" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.12", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.12" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1144.json b/2019/1xxx/CVE-2019-1144.json index bd00b78eec3..da37aa8a080 100644 --- a/2019/1xxx/CVE-2019-1144.json +++ b/2019/1xxx/CVE-2019-1144.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1144", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1144" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154085/Microsoft-Font-Subsetting-DLL-MergeFormat12Cmap-MakeFormat12MergedGlyphList-Double-Free.html", + "url": "http://packetstormsecurity.com/files/154085/Microsoft-Font-Subsetting-DLL-MergeFormat12Cmap-MakeFormat12MergedGlyphList-Double-Free.html" } ] } diff --git a/2019/1xxx/CVE-2019-1145.json b/2019/1xxx/CVE-2019-1145.json index af50c8fd3f5..accaf06ff66 100644 --- a/2019/1xxx/CVE-2019-1145.json +++ b/2019/1xxx/CVE-2019-1145.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1145", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1145" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154081/Microsoft-Font-Subsetting-DLL-MergeFontPackage-Dangling-Pointer.html", + "url": "http://packetstormsecurity.com/files/154081/Microsoft-Font-Subsetting-DLL-MergeFontPackage-Dangling-Pointer.html" } ] } diff --git a/2019/1xxx/CVE-2019-1148.json b/2019/1xxx/CVE-2019-1148.json index 04496189922..eb93aea81bb 100644 --- a/2019/1xxx/CVE-2019-1148.json +++ b/2019/1xxx/CVE-2019-1148.json @@ -221,6 +221,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1149.json b/2019/1xxx/CVE-2019-1149.json index 043beb35856..2fa41a3d862 100644 --- a/2019/1xxx/CVE-2019-1149.json +++ b/2019/1xxx/CVE-2019-1149.json @@ -221,6 +221,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html", + "url": "http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html" } ] } diff --git a/2019/1xxx/CVE-2019-1150.json b/2019/1xxx/CVE-2019-1150.json index 451c4dadd69..cd4c5cdd91b 100644 --- a/2019/1xxx/CVE-2019-1150.json +++ b/2019/1xxx/CVE-2019-1150.json @@ -211,6 +211,16 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1150", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1150" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154087/Microsoft-Font-Subsetting-DLL-ReadTableIntoStructure-Heap-Corruption.html", + "url": "http://packetstormsecurity.com/files/154087/Microsoft-Font-Subsetting-DLL-ReadTableIntoStructure-Heap-Corruption.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154093/Microsoft-Font-Subsetting-DLL-WriteTableFromStructure-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154093/Microsoft-Font-Subsetting-DLL-WriteTableFromStructure-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1151.json b/2019/1xxx/CVE-2019-1151.json index 057a3da29b5..2a2abd4e14c 100644 --- a/2019/1xxx/CVE-2019-1151.json +++ b/2019/1xxx/CVE-2019-1151.json @@ -221,6 +221,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html", + "url": "http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html" } ] } diff --git a/2019/1xxx/CVE-2019-1152.json b/2019/1xxx/CVE-2019-1152.json index 932c721b83c..734aba88bbe 100644 --- a/2019/1xxx/CVE-2019-1152.json +++ b/2019/1xxx/CVE-2019-1152.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1152", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1152" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154096/Microsoft-Font-Subsetting-DLL-MakeFormat12MergedGlyphList-Heap-Corruption.html", + "url": "http://packetstormsecurity.com/files/154096/Microsoft-Font-Subsetting-DLL-MakeFormat12MergedGlyphList-Heap-Corruption.html" } ] } diff --git a/2019/1xxx/CVE-2019-1153.json b/2019/1xxx/CVE-2019-1153.json index c1b99817d3c..379bf824e79 100644 --- a/2019/1xxx/CVE-2019-1153.json +++ b/2019/1xxx/CVE-2019-1153.json @@ -221,6 +221,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/2xxx/CVE-2019-2745.json b/2019/2xxx/CVE-2019-2745.json index d5485810f77..d6fc14ea678 100644 --- a/2019/2xxx/CVE-2019-2745.json +++ b/2019/2xxx/CVE-2019-2745.json @@ -72,6 +72,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1912", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1886-1] openjdk-7 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00020.html" } ] } diff --git a/2019/2xxx/CVE-2019-2762.json b/2019/2xxx/CVE-2019-2762.json index 312d7d050ef..b18d2239976 100644 --- a/2019/2xxx/CVE-2019-2762.json +++ b/2019/2xxx/CVE-2019-2762.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1912", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1886-1] openjdk-7 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00020.html" } ] } diff --git a/2019/2xxx/CVE-2019-2769.json b/2019/2xxx/CVE-2019-2769.json index 7c5e47bf922..ad37830ad69 100644 --- a/2019/2xxx/CVE-2019-2769.json +++ b/2019/2xxx/CVE-2019-2769.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1912", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1886-1] openjdk-7 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00020.html" } ] } diff --git a/2019/2xxx/CVE-2019-2816.json b/2019/2xxx/CVE-2019-2816.json index da443c5f707..cdeaec5f47e 100644 --- a/2019/2xxx/CVE-2019-2816.json +++ b/2019/2xxx/CVE-2019-2816.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1912", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1886-1] openjdk-7 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00020.html" } ] }