From 517b01210ec6f2faac9e9ee024d489ccee748f24 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 18 Apr 2019 22:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/11xxx/CVE-2019-11015.json | 56 ++++++++++++++++++++++++++---- 2019/11xxx/CVE-2019-11069.json | 7 +++- 2019/11xxx/CVE-2019-11328.json | 18 ++++++++++ 2019/11xxx/CVE-2019-11329.json | 18 ++++++++++ 2019/11xxx/CVE-2019-11330.json | 18 ++++++++++ 2019/11xxx/CVE-2019-11331.json | 62 ++++++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9160.json | 48 ++++++++++++++++++++++++-- 7 files changed, 218 insertions(+), 9 deletions(-) create mode 100644 2019/11xxx/CVE-2019-11328.json create mode 100644 2019/11xxx/CVE-2019-11329.json create mode 100644 2019/11xxx/CVE-2019-11330.json create mode 100644 2019/11xxx/CVE-2019-11331.json diff --git a/2019/11xxx/CVE-2019-11015.json b/2019/11xxx/CVE-2019-11015.json index eefe67177be..e8ab338fa1a 100644 --- a/2019/11xxx/CVE-2019-11015.json +++ b/2019/11xxx/CVE-2019-11015.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11015", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11015", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in the MIUI OS version 10.1.3.0 that allows a physically proximate attacker to bypass Lockscreen based authentication via the Wallpaper Carousel application to obtain sensitive Clipboard data and the user's stored credentials (partially). This occurs because of paste access to a social media login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.andmp.com/2019/04/unpatched-vulnerability-in-xiaomi-miui-os-lock-screen.html", + "url": "https://www.andmp.com/2019/04/unpatched-vulnerability-in-xiaomi-miui-os-lock-screen.html" } ] } diff --git a/2019/11xxx/CVE-2019-11069.json b/2019/11xxx/CVE-2019-11069.json index 9ee2e1ab73b..d55287a22d9 100644 --- a/2019/11xxx/CVE-2019-11069.json +++ b/2019/11xxx/CVE-2019-11069.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Sequelize before 5.3.0 does not properly ensure that standard conforming strings are used." + "value": "Sequelize version 5 before 5.3.0 does not properly ensure that standard conforming strings are used." } ] }, @@ -61,6 +61,11 @@ "url": "https://github.com/sequelize/sequelize/releases/tag/v5.3.0", "refsource": "MISC", "name": "https://github.com/sequelize/sequelize/releases/tag/v5.3.0" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/sequelize/sequelize/blob/98cb17c17f73e2aa1792aa5a1d31216ba984b456/lib/dialects/postgres/connection-manager.js#L158-L160", + "url": "https://github.com/sequelize/sequelize/blob/98cb17c17f73e2aa1792aa5a1d31216ba984b456/lib/dialects/postgres/connection-manager.js#L158-L160" } ] } diff --git a/2019/11xxx/CVE-2019-11328.json b/2019/11xxx/CVE-2019-11328.json new file mode 100644 index 00000000000..0ff0855dfce --- /dev/null +++ b/2019/11xxx/CVE-2019-11328.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-11328", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11329.json b/2019/11xxx/CVE-2019-11329.json new file mode 100644 index 00000000000..7ba440b2f1b --- /dev/null +++ b/2019/11xxx/CVE-2019-11329.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-11329", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11330.json b/2019/11xxx/CVE-2019-11330.json new file mode 100644 index 00000000000..5f6b88e7c21 --- /dev/null +++ b/2019/11xxx/CVE-2019-11330.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-11330", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11331.json b/2019/11xxx/CVE-2019-11331.json new file mode 100644 index 00000000000..f682f1f7383 --- /dev/null +++ b/2019/11xxx/CVE-2019-11331.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-11331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://tools.ietf.org/html/draft-gont-ntp-port-randomization-00", + "refsource": "MISC", + "name": "https://tools.ietf.org/html/draft-gont-ntp-port-randomization-00" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9160.json b/2019/9xxx/CVE-2019-9160.json index affca6f12f9..9cc5fb3ad65 100644 --- a/2019/9xxx/CVE-2019-9160.json +++ b/2019/9xxx/CVE-2019-9160.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9160", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.cnvd.org.cn/flaw/show/CNVD-2019-07680", + "url": "http://www.cnvd.org.cn/flaw/show/CNVD-2019-07680" } ] }