admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-29 15:00:55 +00:00
parent 87f2286f71
commit 57abe4faac
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
41 changed files with 4519 additions and 4071 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
2012/5xxx/CVE-2012-5967.json
View File

@ -8,21 +8,31 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Centreon",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Centreon",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "2.3.3 through 2.3.9-4"
}
]
}
}
]
},
"vendor_name": "n/a"
{
"product_name": "Centreon web",
"version": {
"version_data": [
{
"version_value": "fixed in 2.6.0"
}
]
}
}
]
}
}
]
}
@ -34,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2.3.9-4 allows remote authenticated users to execute arbitrary SQL commands via the menu parameter."
"value": "SQL injection vulnerability in menuXML.php in Centreon 2.3.3 through 2.3.9-4 (fixed in Centreon web 2.6.0) allows remote authenticated users to execute arbitrary SQL commands via the menu parameter."
}
]
},
@ -61,6 +71,11 @@
"name": "http://forge.centreon.com/projects/centreon/repository/revisions/13749",
"refsource": "MISC",
"url": "http://forge.centreon.com/projects/centreon/repository/revisions/13749"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/centreon/centreon/commit/434e291eebcd8f56771ac96b37831634fa52b6a8#diff-606758231371c4a66ae2668f7ad2b617",
"url": "https://github.com/centreon/centreon/commit/434e291eebcd8f56771ac96b37831634fa52b6a8#diff-606758231371c4a66ae2668f7ad2b617"
}
]
}

63
2019/1010xxx/CVE-2019-1010156.json
View File

@ -1,66 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSL-2750U",
"version": {
"version_data": [
{
"version_value": "Firmware 1.11"
}
]
}
}
]
},
"vendor_name": "D-Link"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-1010156",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DSL-2750U Firmware 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://youtu.be/BQQbp2vn_wY",
"refsource": "MISC",
"name": "https://youtu.be/BQQbp2vn_wY"
},
{
"refsource": "BID",
"name": "109351",
"url": "http://www.securityfocus.com/bid/109351"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-1010155. Reason: This candidate is a duplicate of CVE-2019-1010155. Notes: All CVE users should reference CVE-2019-1010155 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

62
2019/1020xxx/CVE-2019-1020002.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020002",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Pterodactyl",
"product": {
"product_data": [
{
"product_name": "Pterodactyl Panel",
"version": {
"version_data": [
{
"version_value": "< 0.7.14"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pterodactyl before 0.7.14 with 2FA allows credential sniffing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "credential sniffing"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/pterodactyl/panel/security/advisories/GHSA-vcm9-hx3q-qwj8",
"url": "https://github.com/pterodactyl/panel/security/advisories/GHSA-vcm9-hx3q-qwj8"
}
]
}

62
2019/1020xxx/CVE-2019-1020003.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020003",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Invenio",
"product": {
"product_data": [
{
"product_name": "invenio-records",
"version": {
"version_data": [
{
"version_value": "< 1.2.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "invenio-records before 1.2.2 allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/inveniosoftware/invenio-records/security/advisories/GHSA-vxh3-mvv7-265j",
"refsource": "MISC",
"name": "https://github.com/inveniosoftware/invenio-records/security/advisories/GHSA-vxh3-mvv7-265j"
}
]
}

62
2019/1020xxx/CVE-2019-1020004.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Tridactyl",
"product": {
"product_data": [
{
"product_name": "Tridactyl",
"version": {
"version_data": [
{
"version_value": "< 1.16.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Tridactyl before 1.16.0 allows fake key events."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "fake key events"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/tridactyl/tridactyl/security/advisories/GHSA-7qr7-93pf-hr8f",
"refsource": "MISC",
"name": "https://github.com/tridactyl/tridactyl/security/advisories/GHSA-7qr7-93pf-hr8f"
}
]
}

62
2019/1020xxx/CVE-2019-1020005.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020005",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Invenio",
"product": {
"product_data": [
{
"product_name": "invenio-communities",
"version": {
"version_data": [
{
"version_value": "< 1.0.0a20"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "invenio-communities before 1.0.0a20 allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/inveniosoftware/invenio-communities/security/advisories/GHSA-mfv8-q39f-mgfg",
"refsource": "MISC",
"name": "https://github.com/inveniosoftware/invenio-communities/security/advisories/GHSA-mfv8-q39f-mgfg"
}
]
}

62
2019/1020xxx/CVE-2019-1020006.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020006",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Invenio",
"product": {
"product_data": [
{
"product_name": "invenio-app",
"version": {
"version_data": [
{
"version_value": "< 1.1.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "invenio-app before 1.1.1 allows host header injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "host header injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/inveniosoftware/invenio-app/security/advisories/GHSA-94mf-xfg5-r247",
"url": "https://github.com/inveniosoftware/invenio-app/security/advisories/GHSA-94mf-xfg5-r247"
}
]
}

62
2019/1020xxx/CVE-2019-1020007.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020007",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Dependency-Track",
"product": {
"product_data": [
{
"product_name": "Dependency-Track",
"version": {
"version_data": [
{
"version_value": ">=3.0.0 <= 3.5.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dependency-Track before 3.5.1 allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/DependencyTrack/dependency-track/security/advisories/GHSA-jp9v-w6vw-9m5v",
"url": "https://github.com/DependencyTrack/dependency-track/security/advisories/GHSA-jp9v-w6vw-9m5v"
}
]
}

62
2019/1020xxx/CVE-2019-1020008.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020008",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "stacktable.js",
"product": {
"product_data": [
{
"product_name": "stacktable.js",
"version": {
"version_data": [
{
"version_value": "< 1.0.4"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stacktable.js before 1.0.4 allows XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/WebFirst/stacktable.js/security/advisories/GHSA-r9j3-hgxr-75xg",
"refsource": "MISC",
"name": "https://github.com/WebFirst/stacktable.js/security/advisories/GHSA-r9j3-hgxr-75xg"
}
]
}

62
2019/1020xxx/CVE-2019-1020009.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1020009",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "Fleet",
"product": {
"product_data": [
{
"product_name": "Fleet",
"version": {
"version_data": [
{
"version_value": ">2.0.2 < 2.1.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fleet before 2.1.2 allows exposure of SMTP credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "exposure of SMTP credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/kolide/fleet/security/advisories/GHSA-6g7f-8qm4-f7h8",
"refsource": "MISC",
"name": "https://github.com/kolide/fleet/security/advisories/GHSA-6g7f-8qm4-f7h8"
}
]
}

4
2019/12xxx/CVE-2019-12613.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2019-12613",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: recovery of a public key is not a security concern as per its public nature."
}
]
}

67
2019/13xxx/CVE-2019-13103.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/u-boot/u-boot/commits/master",
"refsource": "MISC",
"name": "https://github.com/u-boot/u-boot/commits/master"
},
{
"refsource": "MISC",
"name": "https://lists.denx.de/pipermail/u-boot/2019-July/375512.html",
"url": "https://lists.denx.de/pipermail/u-boot/2019-July/375512.html"
}
]
}
}

6
2019/1xxx/CVE-2019-1104.json
View File

@ -254,7 +254,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka \u0027Microsoft Browser Memory Corruption Vulnerability\u0027."
"value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'."
}
]
},
@ -273,7 +273,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104"
}
]
}

8
2019/1xxx/CVE-2019-1105.json
View File

@ -17,7 +17,9 @@
"product_name": "Microsoft Outlook for Android",
"version": {
"version_data": [
{"version_value" : ""}
{
"version_value": ""
}
]
}
}
@ -51,7 +53,9 @@
"references": {
"reference_data": [
{
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1105"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1105",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1105"
}
]
}

6
2019/1xxx/CVE-2019-1106.json
View File

@ -116,7 +116,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107."
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1107."
}
]
},
@ -135,7 +135,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1106"
}
]
}

6
2019/1xxx/CVE-2019-1107.json
View File

@ -122,7 +122,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka \u0027Chakra Scripting Engine Memory Corruption Vulnerability\u0027. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106."
"value": "A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103, CVE-2019-1106."
}
]
},
@ -141,7 +141,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1107"
}
]
}

6
2019/1xxx/CVE-2019-1108.json
View File

@ -189,7 +189,7 @@
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka \u0027Remote Desktop Protocol Client Information Disclosure Vulnerability\u0027."
"value": "An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'."
}
]
},
@ -208,7 +208,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1108"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1108",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1108"
}
]
}

6
2019/1xxx/CVE-2019-1109.json
View File

@ -65,7 +65,7 @@
"description_data": [
{
"lang": "eng",
"value": "A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka \u0027Microsoft Office Spoofing Vulnerability\u0027."
"value": "A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka 'Microsoft Office Spoofing Vulnerability'."
}
]
},
@ -84,7 +84,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109"
}
]
}

6
2019/1xxx/CVE-2019-1110.json
View File

@ -84,7 +84,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \u0027Microsoft Excel Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1111."
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1111."
}
]
},
@ -103,7 +103,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1110"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1110",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1110"
}
]
}

6
2019/1xxx/CVE-2019-1111.json
View File

@ -105,7 +105,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \u0027Microsoft Excel Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1110."
"value": "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110."
}
]
},
@ -124,7 +124,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1111"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1111",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1111"
}
]
}

6
2019/1xxx/CVE-2019-1112.json
View File

@ -50,7 +50,7 @@
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \u0027Microsoft Excel Information Disclosure Vulnerability\u0027."
"value": "An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'."
}
]
},
@ -69,7 +69,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112"
}
]
}

6
2019/1xxx/CVE-2019-1113.json
View File

@ -617,7 +617,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka \u0027.NET Framework Remote Code Execution Vulnerability\u0027."
"value": "A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'."
}
]
},
@ -636,7 +636,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1113"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1113",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1113"
}
]
}

6
2019/1xxx/CVE-2019-1116.json
View File

@ -68,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \u0027Windows GDI Information Disclosure Vulnerability\u0027. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101."
"value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101."
}
]
},
@ -87,7 +87,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1116"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1116",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1116"
}
]
}

6
2019/1xxx/CVE-2019-1117.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1117"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1117",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1117"
}
]
}

6
2019/1xxx/CVE-2019-1118.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1118"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1118",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1118"
}
]
}

6
2019/1xxx/CVE-2019-1119.json
View File

@ -101,7 +101,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -120,7 +120,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1119"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1119",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1119"
}
]
}

6
2019/1xxx/CVE-2019-1120.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1120"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1120",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1120"
}
]
}

6
2019/1xxx/CVE-2019-1121.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1121"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1121",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1121"
}
]
}

6
2019/1xxx/CVE-2019-1122.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1122"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1122",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1122"
}
]
}

6
2019/1xxx/CVE-2019-1123.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1124, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1123"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1123",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1123"
}
]
}

6
2019/1xxx/CVE-2019-1124.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1127, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1127, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1124"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1124",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1124"
}
]
}

6
2019/1xxx/CVE-2019-1126.json
View File

@ -62,7 +62,7 @@
"description_data": [
{
"lang": "eng",
"value": "A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka \u0027ADFS Security Feature Bypass Vulnerability\u0027. This CVE ID is unique from CVE-2019-0975."
"value": "A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password brute-force attack or cause account lockouts in Active Directory.This security update corrects how ADFS handles external authentication requests., aka 'ADFS Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0975."
}
]
},
@ -81,7 +81,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1126"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1126",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1126"
}
]
}

6
2019/1xxx/CVE-2019-1127.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1128."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1128."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1127"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1127",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1127"
}
]
}

6
2019/1xxx/CVE-2019-1128.json
View File

@ -114,7 +114,7 @@
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka \u0027DirectWrite Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127."
"value": "A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124, CVE-2019-1127."
}
]
},
@ -133,7 +133,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1128"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1128",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1128"
}
]
}

6
2019/1xxx/CVE-2019-1129.json
View File

@ -120,7 +120,7 @@
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka \u0027Windows Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-1130."
"value": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130."
}
]
},
@ -139,7 +139,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1129"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1129",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1129"
}
]
}

6
2019/1xxx/CVE-2019-1130.json
View File

@ -156,7 +156,7 @@
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka \u0027Windows Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-1129."
"value": "An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129."
}
]
},
@ -175,7 +175,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130"
}
]
}

6
2019/1xxx/CVE-2019-1132.json
View File

@ -68,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027."
"value": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'."
}
]
},
@ -87,7 +87,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132"
}
]
}

6
2019/1xxx/CVE-2019-1134.json
View File

@ -47,7 +47,7 @@
"description_data": [
{
"lang": "eng",
"value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \u0027Microsoft Office SharePoint XSS Vulnerability\u0027."
"value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'."
}
]
},
@ -66,7 +66,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1134"
}
]
}

6
2019/1xxx/CVE-2019-1136.json
View File

@ -57,7 +57,7 @@
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka \u0027Microsoft Exchange Server Elevation of Privilege Vulnerability\u0027."
"value": "An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'."
}
]
},
@ -76,7 +76,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1136"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1136",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1136"
}
]
}

6
2019/1xxx/CVE-2019-1137.json
View File

@ -60,7 +60,7 @@
"description_data": [
{
"lang": "eng",
"value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka \u0027Microsoft Exchange Server Spoofing Vulnerability\u0027."
"value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'."
}
]
},
@ -79,7 +79,9 @@
"references": {
"reference_data": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1137"
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1137",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1137"
}
]
}

5
2019/7xxx/CVE-2019-7659.json
View File

@ -61,6 +61,11 @@
"name": "https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_(Jan_14,_2019)",
"refsource": "CONFIRM",
"url": "https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_(Jan_14,_2019)"
},
{
"refsource": "MISC",
"name": "https://outpost24.com/blog/gsoap-vulnerability-identified",
"url": "https://outpost24.com/blog/gsoap-vulnerability-identified"
}
]
}