diff --git a/2019/1010xxx/CVE-2019-1010178.json b/2019/1010xxx/CVE-2019-1010178.json index 55ccf0342fb..acfb77290e7 100644 --- a/2019/1010xxx/CVE-2019-1010178.json +++ b/2019/1010xxx/CVE-2019-1010178.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010178", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MODX Revolution", + "version": { + "version_data": [ + { + "version_value": "< 1.0.0-beta5 [fixed: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd and https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887beba0065246]" + } + ] + } + } + ] + }, + "vendor_name": "Fred" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd and https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887beba0065246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect Access Control - CWE-648" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.youtube.com/watch?v=vOlw2DP9WbE", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=vOlw2DP9WbE" } ] } diff --git a/2019/1010xxx/CVE-2019-1010179.json b/2019/1010xxx/CVE-2019-1010179.json index 8070574d464..10eb281d4ff 100644 --- a/2019/1010xxx/CVE-2019-1010179.json +++ b/2019/1010xxx/CVE-2019-1010179.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010179", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHKP", + "product": { + "product_data": [ + { + "product_name": "PHKP", + "version": { + "version_data": [ + { + "version_value": "including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b (as of 2018-09-15)" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The impact is: It is possible to manipulate gpg-keys or execute commands remotely. The component is: function pgp_exec() phkp.php:98. The attack vector is: HKP-Api: /pks/lookup?search." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/remko/phkp/issues/1", + "refsource": "MISC", + "name": "https://github.com/remko/phkp/issues/1" } ] } diff --git a/2019/1010xxx/CVE-2019-1010189.json b/2019/1010xxx/CVE-2019-1010189.json index fb672b6d5ef..1b577f5340c 100644 --- a/2019/1010xxx/CVE-2019-1010189.json +++ b/2019/1010xxx/CVE-2019-1010189.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010189", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "mgetty", + "version": { + "version_data": [ + { + "version_value": "prior to version 1.2.1 [fixed: 1.2.1]" + } + ] + } + } + ] + }, + "vendor_name": "mgetty" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Infinite Loop" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/", + "refsource": "MISC", + "name": "https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/" } ] } diff --git a/2019/1010xxx/CVE-2019-1010191.json b/2019/1010xxx/CVE-2019-1010191.json index ed463be9260..89e48129d36 100644 --- a/2019/1010xxx/CVE-2019-1010191.json +++ b/2019/1010xxx/CVE-2019-1010191.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010191", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "marginalia", + "version": { + "version_data": [ + { + "version_value": "< 1.6 [fixed: 1.6]" + } + ] + } + } + ] + }, + "vendor_name": "marginalia" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "marginalia < 1.6 is affected by: SQL Injection. The impact is: The impact is a injection of any SQL queries when a user controller argument is added as a component. The component is: Affects users that add a component that is user controller, for instance a parameter or a header. The attack vector is: Hacker inputs a SQL to a vulnerable vector(header, http parameter, etc). The fixed version is: 1.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/basecamp/marginalia/pull/73/", + "refsource": "MISC", + "name": "https://github.com/basecamp/marginalia/pull/73/" } ] } diff --git a/2019/13xxx/CVE-2019-13118.json b/2019/13xxx/CVE-2019-13118.json index 91d96180247..4683a5105aa 100644 --- a/2019/13xxx/CVE-2019-13118.json +++ b/2019/13xxx/CVE-2019-13118.json @@ -141,6 +141,21 @@ "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT210358", "url": "https://support.apple.com/kb/HT210358" + }, + { + "refsource": "BUGTRAQ", + "name": "20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6", + "url": "https://seclists.org/bugtraq/2019/Jul/42" + }, + { + "refsource": "BUGTRAQ", + "name": "20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6", + "url": "https://seclists.org/bugtraq/2019/Jul/40" + }, + { + "refsource": "BUGTRAQ", + "name": "20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13", + "url": "https://seclists.org/bugtraq/2019/Jul/41" } ] } diff --git a/2019/14xxx/CVE-2019-14241.json b/2019/14xxx/CVE-2019-14241.json index 23c8fd403f1..f80b425ccd9 100644 --- a/2019/14xxx/CVE-2019-14241.json +++ b/2019/14xxx/CVE-2019-14241.json @@ -56,6 +56,11 @@ "url": "https://github.com/haproxy/haproxy/issues/181", "refsource": "MISC", "name": "https://github.com/haproxy/haproxy/issues/181" + }, + { + "refsource": "BID", + "name": "109352", + "url": "http://www.securityfocus.com/bid/109352" } ] } diff --git a/2019/2xxx/CVE-2019-2737.json b/2019/2xxx/CVE-2019-2737.json index 747c7adce75..6d1d9aaea8d 100644 --- a/2019/2xxx/CVE-2019-2737.json +++ b/2019/2xxx/CVE-2019-2737.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2738.json b/2019/2xxx/CVE-2019-2738.json index f54e6d62ddc..51d704b3562 100644 --- a/2019/2xxx/CVE-2019-2738.json +++ b/2019/2xxx/CVE-2019-2738.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2739.json b/2019/2xxx/CVE-2019-2739.json index 83853a40924..1ebe8f4d69f 100644 --- a/2019/2xxx/CVE-2019-2739.json +++ b/2019/2xxx/CVE-2019-2739.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2740.json b/2019/2xxx/CVE-2019-2740.json index 3712e48c001..ec4c4689d30 100644 --- a/2019/2xxx/CVE-2019-2740.json +++ b/2019/2xxx/CVE-2019-2740.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2741.json b/2019/2xxx/CVE-2019-2741.json index 8b3387b58bd..c16f2938ec1 100644 --- a/2019/2xxx/CVE-2019-2741.json +++ b/2019/2xxx/CVE-2019-2741.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2757.json b/2019/2xxx/CVE-2019-2757.json index e04f3035475..26afd25e930 100644 --- a/2019/2xxx/CVE-2019-2757.json +++ b/2019/2xxx/CVE-2019-2757.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2758.json b/2019/2xxx/CVE-2019-2758.json index e2f3bee4d2d..d82bbc361c3 100644 --- a/2019/2xxx/CVE-2019-2758.json +++ b/2019/2xxx/CVE-2019-2758.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2774.json b/2019/2xxx/CVE-2019-2774.json index b3a0648b4f5..40020806489 100644 --- a/2019/2xxx/CVE-2019-2774.json +++ b/2019/2xxx/CVE-2019-2774.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2778.json b/2019/2xxx/CVE-2019-2778.json index 99269c625c5..e5ae123eb57 100644 --- a/2019/2xxx/CVE-2019-2778.json +++ b/2019/2xxx/CVE-2019-2778.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2791.json b/2019/2xxx/CVE-2019-2791.json index 38e8fa26db9..d97ce3cce46 100644 --- a/2019/2xxx/CVE-2019-2791.json +++ b/2019/2xxx/CVE-2019-2791.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2797.json b/2019/2xxx/CVE-2019-2797.json index 1501845193a..3fc337fe9da 100644 --- a/2019/2xxx/CVE-2019-2797.json +++ b/2019/2xxx/CVE-2019-2797.json @@ -61,6 +61,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2805.json b/2019/2xxx/CVE-2019-2805.json index c83463b599c..32b57b99991 100644 --- a/2019/2xxx/CVE-2019-2805.json +++ b/2019/2xxx/CVE-2019-2805.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] } diff --git a/2019/2xxx/CVE-2019-2819.json b/2019/2xxx/CVE-2019-2819.json index 1955ff9e203..a72c653d730 100644 --- a/2019/2xxx/CVE-2019-2819.json +++ b/2019/2xxx/CVE-2019-2819.json @@ -65,6 +65,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4070-1", + "url": "https://usn.ubuntu.com/4070-1/" } ] }