admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-02 15:00:47 +00:00
parent d487fd58e3
commit 5755146b00
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 214 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/18xxx/CVE-2018-18815.json
View File

@ -156,6 +156,11 @@
"name": "107346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107346"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-305/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-305/"
}
]
},

5
2018/20xxx/CVE-2018-20025.json
View File

@ -62,6 +62,11 @@
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/"
},
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04"
}
]
}

5
2018/20xxx/CVE-2018-20026.json
View File

@ -62,6 +62,11 @@
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/"
},
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04"
}
]
}

56
2019/1010xxx/CVE-2019-1010260.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010260",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ktlint",
"version": {
"version_data": [
{
"version_value": "0.29.0 and earlier [fixed: 0.30.0 and later - after commit 5e547b287d6c260d328a2cb658dbe6b7a7ff2261]"
}
]
}
}
]
},
"vendor_name": "ktlint"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the artifact servers. This vulnerability appears to have been fixed in 0.30.0 and later; after commit 5e547b287d6c260d328a2cb658dbe6b7a7ff2261."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/shyiko/ktlint/pull/332",
"refsource": "MISC",
"name": "https://github.com/shyiko/ktlint/pull/332"
}
]
}

82
2019/5xxx/CVE-2019-5515.json
View File

@ -1,17 +1,85 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5515",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5515",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware Workstation and Fusion",
"version": {
"version_data": [
{
"version_value": "Workstation 15.x before 15.0.3"
},
{
"version_value": "Workstation 14.x before 14.1.6"
},
{
"version_value": "Fusion 11.x before 11.0.3"
},
{
"version_value": "Fusion 10.x before 10.1.6"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-306/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-306/"
},
{
"refsource": "BID",
"name": "107634",
"url": "https://www.securityfocus.com/bid/107634"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
"url": "https://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the host from the guest but it is more likely to result in a denial of service of the guest."
}
]
}

71
2019/5xxx/CVE-2019-5524.json
View File

@ -1,17 +1,74 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5524",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5524",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "VMware",
"product": {
"product_data": [
{
"product_name": "VMware Workstation, VMware Fusion",
"version": {
"version_data": [
{
"version_value": "Workstation (14.x before 14.1.6)"
},
{
"version_value": "Fusion (10.x before 10.1.6)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
"url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
},
{
"refsource": "BID",
"name": "107635",
"url": "http://www.securityfocus.com/bid/107635"
},
{
"refsource": "CONFIRM",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host."
}
]
}

5
2019/7xxx/CVE-2019-7524.json
View File

@ -86,6 +86,11 @@
"refsource": "UBUNTU",
"name": "USN-3928-1",
"url": "https://usn.ubuntu.com/3928-1/"
},
{
"refsource": "BID",
"name": "107672",
"url": "http://www.securityfocus.com/bid/107672"
}
]
},

5
2019/9xxx/CVE-2019-9956.json
View File

@ -61,6 +61,11 @@
"refsource": "BID",
"name": "107546",
"url": "http://www.securityfocus.com/bid/107546"
},
{
"refsource": "BID",
"name": "107672",
"url": "http://www.securityfocus.com/bid/107672"
}
]
}