admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-08 21:00:45 +00:00
parent cbee4ccafb
commit 5cbbbd3f61
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 120 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/15xxx/CVE-2018-15317.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
"value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
}
]
},

5
2018/16xxx/CVE-2018-16868.json
View File

@ -76,6 +76,11 @@
"name": "106080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106080"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1353",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
}
]
}

15
2018/19xxx/CVE-2018-19525.json
View File

@ -58,14 +58,19 @@
"name": "http://packetstormsecurity.com/files/151647/SYSTORME-ISG-Cross-Site-Request-Forgery.html"
},
{
"url": "http://breakthesec.com",
"refsource": "MISC",
"name": "http://breakthesec.com"
"refsource": "FULLDISC",
"name": "20190212 KSA-Dev-002: CVE-2018-19525 : Account takeover via XSRF in All ISG Series Firewall",
"url": "http://seclists.org/fulldisclosure/2019/Feb/31"
},
{
"url": "http://seclists.org/fulldisclosure/2019/Feb/31",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2019/Feb/31"
"name": "https://s3curityb3ast.github.io/KSA-Dev-002.md",
"url": "https://s3curityb3ast.github.io/KSA-Dev-002.md"
},
{
"refsource": "MISC",
"name": "https://www.breakthesec.com/2019/02/cve-2018-19525-account-takeover-via.html",
"url": "https://www.breakthesec.com/2019/02/cve-2018-19525-account-takeover-via.html"
}
]
}

5
2018/19xxx/CVE-2018-19636.json
View File

@ -81,6 +81,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117751",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117751"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1351",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html"
}
]
},

5
2018/19xxx/CVE-2018-19637.json
View File

@ -81,6 +81,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1117776",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1117776"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1351",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html"
}
]
},

5
2018/19xxx/CVE-2018-19638.json
View File

@ -81,6 +81,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1118460",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1118460"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1351",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html"
}
]
},

5
2018/19xxx/CVE-2018-19639.json
View File

@ -81,6 +81,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1118462",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1118462"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1351",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html"
}
]
},

5
2018/19xxx/CVE-2018-19640.json
View File

@ -81,6 +81,11 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1118463",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1118463"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1351",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html"
}
]
},

5
2019/0xxx/CVE-2019-0161.json
View File

@ -48,6 +48,11 @@
"refsource": "CONFIRM",
"name": "https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html",
"url": "https://edk2-docs.gitbooks.io/security-advisory/content/xhci-stack-local-stack-overflow.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1352",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html"
}
]
},

5
2019/3xxx/CVE-2019-3829.json
View File

@ -81,6 +81,11 @@
"refsource": "GENTOO",
"name": "GLSA-201904-14",
"url": "https://security.gentoo.org/glsa/201904-14"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1353",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
}
]
},

5
2019/3xxx/CVE-2019-3836.json
View File

@ -68,6 +68,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190502-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190502-0005/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1353",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
}
]
},

10
2019/5xxx/CVE-2019-5736.json
View File

@ -246,6 +246,16 @@
"refsource": "REDHAT",
"name": "RHSA-2019:0975",
"url": "https://access.redhat.com/errata/RHSA-2019:0975"
},
{
"refsource": "MISC",
"name": "https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/",
"url": "https://azure.microsoft.com/en-us/updates/cve-2019-5736-and-runc-vulnerability/"
},
{
"refsource": "MISC",
"name": "https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/",
"url": "https://azure.microsoft.com/en-us/updates/iot-edge-fix-cve-2019-5736/"
}
]
}

13
2019/7xxx/CVE-2019-7384.json
View File

@ -68,19 +68,14 @@
"url": "http://www.securityfocus.com/bid/107033"
},
{
"url": "http://www.breakthesec.com/search/label/0day",
"refsource": "MISC",
"name": "http://www.breakthesec.com/search/label/0day"
"name": "https://s3curityb3ast.github.io/KSA-Dev-005.md",
"url": "https://s3curityb3ast.github.io/KSA-Dev-005.md"
},
{
"url": "https://s3curityb3ast.github.io",
"refsource": "MISC",
"name": "https://s3curityb3ast.github.io"
},
{
"url": "http://www.breakthesec.com",
"refsource": "MISC",
"name": "http://www.breakthesec.com"
"name": "https://www.breakthesec.com/2019/02/cve-2019-7384-authenticated-remote-code.html",
"url": "https://www.breakthesec.com/2019/02/cve-2019-7384-authenticated-remote-code.html"
}
]
}

8
2019/7xxx/CVE-2019-7387.json
View File

@ -53,14 +53,14 @@
"references": {
"reference_data": [
{
"name": "https://github.com/s3curityb3ast/s3curityb3ast.github.io/blob/master/KSA-Dev-004.txt",
"refsource": "MISC",
"url": "https://github.com/s3curityb3ast/s3curityb3ast.github.io/blob/master/KSA-Dev-004.txt"
"name": "https://s3curityb3ast.github.io/KSA-Dev-004.md",
"url": "https://s3curityb3ast.github.io/KSA-Dev-004.md"
},
{
"name": "https://s3curityb3ast.github.io/KSA-Dev-004.txt",
"refsource": "MISC",
"url": "https://s3curityb3ast.github.io/KSA-Dev-004.txt"
"name": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html",
"url": "https://www.breakthesec.com/2019/02/cve-2019-7387-authenticated-arbitrary.html"
}
]
}

48
2019/7xxx/CVE-2019-7442.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7442",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.octority.com/2019/05/07/cyberark-enterprise-password-vault-xml-external-entity-xxe-injection/",
"url": "https://www.octority.com/2019/05/07/cyberark-enterprise-password-vault-xml-external-entity-xxe-injection/"
}
]
}