diff --git a/2018/17xxx/CVE-2018-17179.json b/2018/17xxx/CVE-2018-17179.json index 7fa3a27b500..7e501b7650c 100644 --- a/2018/17xxx/CVE-2018-17179.json +++ b/2018/17xxx/CVE-2018-17179.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17179", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617", + "refsource": "MISC", + "name": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617" + }, + { + "url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29", + "refsource": "MISC", + "name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29" } ] } diff --git a/2018/17xxx/CVE-2018-17180.json b/2018/17xxx/CVE-2018-17180.json index 8bd92d83078..448ef069811 100644 --- a/2018/17xxx/CVE-2018-17180.json +++ b/2018/17xxx/CVE-2018-17180.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17180", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. Directory Traversal exists via docid=../ to /portal/lib/download_template.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29", + "refsource": "MISC", + "name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29" + }, + { + "url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541", + "refsource": "MISC", + "name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541" } ] } diff --git a/2018/17xxx/CVE-2018-17181.json b/2018/17xxx/CVE-2018-17181.json index eff10a710b7..b61eadc7449 100644 --- a/2018/17xxx/CVE-2018-17181.json +++ b/2018/17xxx/CVE-2018-17181.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17181", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29", + "refsource": "MISC", + "name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29" + }, + { + "url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541", + "refsource": "MISC", + "name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541" } ] } diff --git a/2018/19xxx/CVE-2018-19585.json b/2018/19xxx/CVE-2018-19585.json index ce591eb0784..9db54e97a00 100644 --- a/2018/19xxx/CVE-2018-19585.json +++ b/2018/19xxx/CVE-2018-19585.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19585", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/" } ] } diff --git a/2018/20xxx/CVE-2018-20500.json b/2018/20xxx/CVE-2018-20500.json index cb3971bcd32..1a9b6b2f6d7 100644 --- a/2018/20xxx/CVE-2018-20500.json +++ b/2018/20xxx/CVE-2018-20500.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20500", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "MISC", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" } ] } diff --git a/2018/3xxx/CVE-2018-3701.json b/2018/3xxx/CVE-2018-3701.json index e5d47cfcff1..24e52fb291e 100644 --- a/2018/3xxx/CVE-2018-3701.json +++ b/2018/3xxx/CVE-2018-3701.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-3701", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-3701", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi Software Advisory", + "version": { + "version_data": [ + { + "version_value": "Versions 20.100 and before." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0086.json b/2019/0xxx/CVE-2019-0086.json index d8b4b5a9bc7..4fb3d38b568 100644 --- a/2019/0xxx/CVE-2019-0086.json +++ b/2019/0xxx/CVE-2019-0086.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0086", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0086", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)", + "version": { + "version_data": [ + { + "version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0089.json b/2019/0xxx/CVE-2019-0089.json index d488125d7dd..429ae9a018a 100644 --- a/2019/0xxx/CVE-2019-0089.json +++ b/2019/0xxx/CVE-2019-0089.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0089", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0089", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Server Platform Services (SPS)", + "version": { + "version_data": [ + { + "version_value": "Versions before SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0090.json b/2019/0xxx/CVE-2019-0090.json index 1a4efdbe8b4..8bd95c71d5a 100644 --- a/2019/0xxx/CVE-2019-0090.json +++ b/2019/0xxx/CVE-2019-0090.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0090", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0090", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)", + "version": { + "version_data": [ + { + "version_value": "CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access." } ] } diff --git a/2019/0xxx/CVE-2019-0091.json b/2019/0xxx/CVE-2019-0091.json index b66e64430ab..e803a419fb8 100644 --- a/2019/0xxx/CVE-2019-0091.json +++ b/2019/0xxx/CVE-2019-0091.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0091", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0091", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)", + "version": { + "version_data": [ + { + "version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0092.json b/2019/0xxx/CVE-2019-0092.json index 51630bc8e18..0d7bf7fa327 100644 --- a/2019/0xxx/CVE-2019-0092.json +++ b/2019/0xxx/CVE-2019-0092.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0092", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0092", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Active Management Technology (AMT)", + "version": { + "version_data": [ + { + "version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] } diff --git a/2019/0xxx/CVE-2019-0093.json b/2019/0xxx/CVE-2019-0093.json index 91ae9aba9aa..2ff97664666 100644 --- a/2019/0xxx/CVE-2019-0093.json +++ b/2019/0xxx/CVE-2019-0093.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0093", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0093", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)", + "version": { + "version_data": [ + { + "version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0094.json b/2019/0xxx/CVE-2019-0094.json index 9bf4c7e0244..ce3a7fc756a 100644 --- a/2019/0xxx/CVE-2019-0094.json +++ b/2019/0xxx/CVE-2019-0094.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0094", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0094", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Active Management Technology (AMT)", + "version": { + "version_data": [ + { + "version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access." } ] } diff --git a/2019/0xxx/CVE-2019-0096.json b/2019/0xxx/CVE-2019-0096.json index 8f8c80a52a5..55efe3ffd0c 100644 --- a/2019/0xxx/CVE-2019-0096.json +++ b/2019/0xxx/CVE-2019-0096.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0096", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0096", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Active Management Technology (AMT)", + "version": { + "version_data": [ + { + "version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access." } ] } diff --git a/2019/0xxx/CVE-2019-0097.json b/2019/0xxx/CVE-2019-0097.json index 6e62e8aac9f..4c90173c5a1 100644 --- a/2019/0xxx/CVE-2019-0097.json +++ b/2019/0xxx/CVE-2019-0097.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0097", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0097", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Active Management Technology (AMT)", + "version": { + "version_data": [ + { + "version_value": "Versions before 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access." } ] } diff --git a/2019/0xxx/CVE-2019-0098.json b/2019/0xxx/CVE-2019-0098.json index f7a5408e37e..7555e3602bc 100644 --- a/2019/0xxx/CVE-2019-0098.json +++ b/2019/0xxx/CVE-2019-0098.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0098", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0098", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)", + "version": { + "version_data": [ + { + "version_value": "Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] } diff --git a/2019/0xxx/CVE-2019-0099.json b/2019/0xxx/CVE-2019-0099.json index bd69b6a934c..9257df5ec4d 100644 --- a/2019/0xxx/CVE-2019-0099.json +++ b/2019/0xxx/CVE-2019-0099.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0099", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0099", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Server Platform Services (SPS), Intel (R) Trusted Execution Engine Interface (TXE)", + "version": { + "version_data": [ + { + "version_value": "Versions before SPS_E3_05.00.04.027.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access." } ] } diff --git a/2019/0xxx/CVE-2019-0113.json b/2019/0xxx/CVE-2019-0113.json index 050fa240f11..6b9eb47fb96 100644 --- a/2019/0xxx/CVE-2019-0113.json +++ b/2019/0xxx/CVE-2019-0113.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0113", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0113", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0114.json b/2019/0xxx/CVE-2019-0114.json index 70c19f6f76a..47cfde4c4a6 100644 --- a/2019/0xxx/CVE-2019-0114.json +++ b/2019/0xxx/CVE-2019-0114.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0114", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0114", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0115.json b/2019/0xxx/CVE-2019-0115.json index 7d453f24429..dd0d3651bbc 100644 --- a/2019/0xxx/CVE-2019-0115.json +++ b/2019/0xxx/CVE-2019-0115.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0115", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0115", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Driver KMD module", + "version": { + "version_data": [ + { + "version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0116.json b/2019/0xxx/CVE-2019-0116.json index 4564d8e8f2f..ed045a019ef 100644 --- a/2019/0xxx/CVE-2019-0116.json +++ b/2019/0xxx/CVE-2019-0116.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0116", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0116", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Driver KMD module", + "version": { + "version_data": [ + { + "version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0119.json b/2019/0xxx/CVE-2019-0119.json index e9334c8c94d..0f40d709f07 100644 --- a/2019/0xxx/CVE-2019-0119.json +++ b/2019/0xxx/CVE-2019-0119.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0119", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0119", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)", + "version": { + "version_data": [ + { + "version_value": "Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0120.json b/2019/0xxx/CVE-2019-0120.json index 5f06aeee3c4..17aef8b20db 100644 --- a/2019/0xxx/CVE-2019-0120.json +++ b/2019/0xxx/CVE-2019-0120.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0120", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0120", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)", + "version": { + "version_data": [ + { + "version_value": "Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0126.json b/2019/0xxx/CVE-2019-0126.json index 34b796da55f..423fbcc8530 100644 --- a/2019/0xxx/CVE-2019-0126.json +++ b/2019/0xxx/CVE-2019-0126.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0126", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0126", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)", + "version": { + "version_data": [ + { + "version_value": "Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0132.json b/2019/0xxx/CVE-2019-0132.json index a9ef0db4ca6..33838d73159 100644 --- a/2019/0xxx/CVE-2019-0132.json +++ b/2019/0xxx/CVE-2019-0132.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0132", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0132", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel Unite(R) Client", + "version": { + "version_data": [ + { + "version_value": "Versions before 3.3.176.13." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access." } ] } diff --git a/2019/0xxx/CVE-2019-0138.json b/2019/0xxx/CVE-2019-0138.json index bdd85fb51c1..1daace9c288 100644 --- a/2019/0xxx/CVE-2019-0138.json +++ b/2019/0xxx/CVE-2019-0138.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0138", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0138", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) ACU Wizard", + "version": { + "version_data": [ + { + "version_value": "Versions 12.0.0.129 and earlier." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0153.json b/2019/0xxx/CVE-2019-0153.json index f875ba826d5..804ca05608f 100644 --- a/2019/0xxx/CVE-2019-0153.json +++ b/2019/0xxx/CVE-2019-0153.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0153", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0153", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Converged Security & Management Engine (CSME)", + "version": { + "version_data": [ + { + "version_value": "Versions before 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access." } ] } diff --git a/2019/0xxx/CVE-2019-0170.json b/2019/0xxx/CVE-2019-0170.json index 6eb376676eb..cf52e18a12c 100644 --- a/2019/0xxx/CVE-2019-0170.json +++ b/2019/0xxx/CVE-2019-0170.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0170", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0170", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Dynamic Application Loader (DAL)", + "version": { + "version_data": [ + { + "version_value": "Versions before 12.0.35." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0171.json b/2019/0xxx/CVE-2019-0171.json index acbc279fc36..13adfc19722 100644 --- a/2019/0xxx/CVE-2019-0171.json +++ b/2019/0xxx/CVE-2019-0171.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0171", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0171", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Quartus(R)", + "version": { + "version_data": [ + { + "version_value": "Intel(R) Quartus(R) Prime all versions 15.1 to 18.1, and Intel(R) Quartus(R) II versions 9.1 to 15.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/0xxx/CVE-2019-0172.json b/2019/0xxx/CVE-2019-0172.json index 560c3633c34..54d586fcfb1 100644 --- a/2019/0xxx/CVE-2019-0172.json +++ b/2019/0xxx/CVE-2019-0172.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0172", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0172", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel Unite(R) Client for Android", + "version": { + "version_data": [ + { + "version_value": "Versions prior to 4.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access." } ] } diff --git a/2019/10xxx/CVE-2019-10139.json b/2019/10xxx/CVE-2019-10139.json index 90dfbafa1b4..26da0cacf8b 100644 --- a/2019/10xxx/CVE-2019-10139.json +++ b/2019/10xxx/CVE-2019-10139.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10139", - "ASSIGNER": "mrehak@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -68,4 +69,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11085.json b/2019/11xxx/CVE-2019-11085.json index 16ced52becd..f6b411c245a 100644 --- a/2019/11xxx/CVE-2019-11085.json +++ b/2019/11xxx/CVE-2019-11085.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11085", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) i915 Graphics for Linux", + "version": { + "version_data": [ + { + "version_value": "Versions before 5.0." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11093.json b/2019/11xxx/CVE-2019-11093.json index 9c5d204c8ab..99e569fb9ae 100644 --- a/2019/11xxx/CVE-2019-11093.json +++ b/2019/11xxx/CVE-2019-11093.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11093", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SCS Discovery Utility", + "version": { + "version_data": [ + { + "version_value": "Versions 12.0.0.129 and earlier." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11094.json b/2019/11xxx/CVE-2019-11094.json index 1d2bc3a118c..34eb0c7e638 100644 --- a/2019/11xxx/CVE-2019-11094.json +++ b/2019/11xxx/CVE-2019-11094.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11094", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel (R) NUC", + "version": { + "version_data": [ + { + "version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11095.json b/2019/11xxx/CVE-2019-11095.json index 86eabf5fa93..5145a370c0b 100644 --- a/2019/11xxx/CVE-2019-11095.json +++ b/2019/11xxx/CVE-2019-11095.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11095", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Driver & Support Assistant", + "version": { + "version_data": [ + { + "version_value": "Version 19.3.12.3 and before." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11114.json b/2019/11xxx/CVE-2019-11114.json index f8e4ae8efdb..f220f161eb3 100644 --- a/2019/11xxx/CVE-2019-11114.json +++ b/2019/11xxx/CVE-2019-11114.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11114", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Driver & Support Assistant", + "version": { + "version_data": [ + { + "version_value": "Version 19.3.12.3 and before." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2019/4xxx/CVE-2019-4119.json b/2019/4xxx/CVE-2019-4119.json index 6a10c5d1241..8c8717ecd77 100644 --- a/2019/4xxx/CVE-2019-4119.json +++ b/2019/4xxx/CVE-2019-4119.json @@ -1,99 +1,99 @@ { - "description" : { - "description_data" : [ - { - "value" : "IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.", - "lang" : "eng" - } - ] - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Other" - } - ] - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "A" : "N", - "AC" : "H", - "I" : "L", - "C" : "N", - "AV" : "N", - "UI" : "N", - "PR" : "L", - "SCORE" : "3.100" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Private", - "version" : { - "version_data" : [ - { - "version_value" : "2.1.0" - }, - { - "version_value" : "3.1.0" - }, - { - "version_value" : "3.1.1" - }, - { - "version_value" : "3.1.2" - } - ] - } - } - ] - } + "value": "IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.", + "lang": "eng" } - ] - } - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2019-05-15T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "ID" : "CVE-2019-4119" - }, - "references" : { - "reference_data" : [ - { - "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10878460", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 878460 (Cloud Private)", - "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10878460" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-cloud-cve20194119-proxy (158145)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158145", - "refsource" : "XF" - } - ] - }, - "data_format" : "MITRE" -} + ] + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "A": "N", + "AC": "H", + "I": "L", + "C": "N", + "AV": "N", + "UI": "N", + "PR": "L", + "SCORE": "3.100" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cloud Private", + "version": { + "version_data": [ + { + "version_value": "2.1.0" + }, + { + "version_value": "3.1.0" + }, + { + "version_value": "3.1.1" + }, + { + "version_value": "3.1.2" + } + ] + } + } + ] + } + } + ] + } + }, + "data_type": "CVE", + "CVE_data_meta": { + "DATE_PUBLIC": "2019-05-15T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "ID": "CVE-2019-4119" + }, + "references": { + "reference_data": [ + { + "url": "http://www.ibm.com/support/docview.wss?uid=ibm10878460", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 878460 (Cloud Private)", + "name": "http://www.ibm.com/support/docview.wss?uid=ibm10878460" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-cloud-cve20194119-proxy (158145)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158145", + "refsource": "XF" + } + ] + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4279.json b/2019/4xxx/CVE-2019-4279.json index 95bfe6ccd0b..71c5a8e29f9 100644 --- a/2019/4xxx/CVE-2019-4279.json +++ b/2019/4xxx/CVE-2019-4279.json @@ -1,93 +1,93 @@ { - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "value" : "IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.", - "lang" : "eng" - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10883628", - "title" : "IBM Security Bulletin 883628 (WebSphere Application Server)", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10883628" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/160445", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-websphere-cve20194279-code-exec (160445)" - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2019-4279", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2019-05-16T00:00:00" - }, - "data_format" : "MITRE", - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "C", - "A" : "H", - "AC" : "H", - "I" : "H", - "C" : "H", - "AV" : "N", - "PR" : "N", - "UI" : "N", - "SCORE" : "9.000" - }, - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Gain Privileges", - "lang" : "eng" - } - ] - } - ] - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Application Server", - "version" : { - "version_data" : [ - { - "version_value" : "8.5" - }, - { - "version_value" : "9.0" - } - ] - } - } - ] - } + "value": "IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.", + "lang": "eng" } - ] - } - } -} + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10883628", + "title": "IBM Security Bulletin 883628 (WebSphere Application Server)", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10883628" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160445", + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-websphere-cve20194279-code-exec (160445)" + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2019-4279", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2019-05-16T00:00:00" + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "BM": { + "S": "C", + "A": "H", + "AC": "H", + "I": "H", + "C": "H", + "AV": "N", + "PR": "N", + "UI": "N", + "SCORE": "9.000" + }, + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Gain Privileges", + "lang": "eng" + } + ] + } + ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "WebSphere Application Server", + "version": { + "version_data": [ + { + "version_value": "8.5" + }, + { + "version_value": "9.0" + } + ] + } + } + ] + } + } + ] + } + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5883.json b/2019/5xxx/CVE-2019-5883.json index baabb21b8db..d9a4b907fdb 100644 --- a/2019/5xxx/CVE-2019-5883.json +++ b/2019/5xxx/CVE-2019-5883.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-5883", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/" } ] } diff --git a/2019/5xxx/CVE-2019-5928.json b/2019/5xxx/CVE-2019-5928.json index 5ee81c58c20..187cd776a68 100644 --- a/2019/5xxx/CVE-2019-5928.json +++ b/2019/5xxx/CVE-2019-5928.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/34279/" + "url": "https://kb.cybozu.support/article/34279/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/34279/" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5928", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5929.json b/2019/5xxx/CVE-2019-5929.json index b5fc16047a0..2bd2ca93aaa 100644 --- a/2019/5xxx/CVE-2019-5929.json +++ b/2019/5xxx/CVE-2019-5929.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/34277/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/34277/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/34277/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5929", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5930.json b/2019/5xxx/CVE-2019-5930.json index 9e886e27a82..e842bca045e 100644 --- a/2019/5xxx/CVE-2019-5930.json +++ b/2019/5xxx/CVE-2019-5930.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/34227/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/34227/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/34227/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5930", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { @@ -59,4 +64,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5931.json b/2019/5xxx/CVE-2019-5931.json index 9551a871b44..ff089caad4d 100644 --- a/2019/5xxx/CVE-2019-5931.json +++ b/2019/5xxx/CVE-2019-5931.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/34283/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/34283/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/34283/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5931", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5932.json b/2019/5xxx/CVE-2019-5932.json index 8140816dfc8..cede906581f 100644 --- a/2019/5xxx/CVE-2019-5932.json +++ b/2019/5xxx/CVE-2019-5932.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/34276/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/34276/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/34276/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5932", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5933.json b/2019/5xxx/CVE-2019-5933.json index d8efebdf0e8..91611173d65 100644 --- a/2019/5xxx/CVE-2019-5933.json +++ b/2019/5xxx/CVE-2019-5933.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35307/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35307/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35307/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5933", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5934.json b/2019/5xxx/CVE-2019-5934.json index 624980c8fdc..1122dc3202a 100644 --- a/2019/5xxx/CVE-2019-5934.json +++ b/2019/5xxx/CVE-2019-5934.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35306/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35306/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35306/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5934", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5935.json b/2019/5xxx/CVE-2019-5935.json index b9810cc30cf..c2b4e82fdf4 100644 --- a/2019/5xxx/CVE-2019-5935.json +++ b/2019/5xxx/CVE-2019-5935.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35497/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35497/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35497/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5935", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5936.json b/2019/5xxx/CVE-2019-5936.json index 58994382ebe..16ebb2ddd28 100644 --- a/2019/5xxx/CVE-2019-5936.json +++ b/2019/5xxx/CVE-2019-5936.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35484/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35484/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35484/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5936", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5937.json b/2019/5xxx/CVE-2019-5937.json index 7768ecc5b7e..2779bc739f3 100644 --- a/2019/5xxx/CVE-2019-5937.json +++ b/2019/5xxx/CVE-2019-5937.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35493/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35493/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35493/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5937", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5938.json b/2019/5xxx/CVE-2019-5938.json index db2f63fb394..bbd79f4a357 100644 --- a/2019/5xxx/CVE-2019-5938.json +++ b/2019/5xxx/CVE-2019-5938.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35494/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35494/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35494/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5938", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5939.json b/2019/5xxx/CVE-2019-5939.json index 4030cea33fa..0306e4cb9b2 100644 --- a/2019/5xxx/CVE-2019-5939.json +++ b/2019/5xxx/CVE-2019-5939.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35495/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35495/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35495/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5939", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5940.json b/2019/5xxx/CVE-2019-5940.json index 0fb94b08872..c6687e9d9c2 100644 --- a/2019/5xxx/CVE-2019-5940.json +++ b/2019/5xxx/CVE-2019-5940.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35490/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35490/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35490/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5940", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5941.json b/2019/5xxx/CVE-2019-5941.json index 5076f5e10a1..be79d80d9c8 100644 --- a/2019/5xxx/CVE-2019-5941.json +++ b/2019/5xxx/CVE-2019-5941.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35489/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35489/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35489/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5941", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5942.json b/2019/5xxx/CVE-2019-5942.json index b36e17c2cb8..b51d22425ce 100644 --- a/2019/5xxx/CVE-2019-5942.json +++ b/2019/5xxx/CVE-2019-5942.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35485/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35485/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35485/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5942", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5943.json b/2019/5xxx/CVE-2019-5943.json index f8bcd90566f..1b7f8881d71 100644 --- a/2019/5xxx/CVE-2019-5943.json +++ b/2019/5xxx/CVE-2019-5943.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35486/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35486/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35486/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5943", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5944.json b/2019/5xxx/CVE-2019-5944.json index 1ba80760cc2..e27d79bba45 100644 --- a/2019/5xxx/CVE-2019-5944.json +++ b/2019/5xxx/CVE-2019-5944.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35487/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35487/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35487/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5944", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5945.json b/2019/5xxx/CVE-2019-5945.json index 178660cb142..2d86af0ccdc 100644 --- a/2019/5xxx/CVE-2019-5945.json +++ b/2019/5xxx/CVE-2019-5945.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35488/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35488/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35488/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5945", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5946.json b/2019/5xxx/CVE-2019-5946.json index 5c110cc7004..f082cd0c3c1 100644 --- a/2019/5xxx/CVE-2019-5946.json +++ b/2019/5xxx/CVE-2019-5946.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35492/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35492/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35492/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5946", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5947.json b/2019/5xxx/CVE-2019-5947.json index d2a16f5b1d4..40104cc1cfc 100644 --- a/2019/5xxx/CVE-2019-5947.json +++ b/2019/5xxx/CVE-2019-5947.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://kb.cybozu.support/article/35496/" + "url": "http://jvn.jp/en/jp/JVN58849431/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN58849431/index.html" }, { - "url": "http://jvn.jp/en/jp/JVN58849431/index.html" + "url": "https://kb.cybozu.support/article/35496/", + "refsource": "MISC", + "name": "https://kb.cybozu.support/article/35496/" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5947", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5953.json b/2019/5xxx/CVE-2019-5953.json index 987690e1a2c..be47ed32183 100644 --- a/2019/5xxx/CVE-2019-5953.json +++ b/2019/5xxx/CVE-2019-5953.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://www.gnu.org/software/wget/" + "url": "https://www.gnu.org/software/wget/", + "refsource": "MISC", + "name": "https://www.gnu.org/software/wget/" }, { - "url": "http://jvn.jp/en/jp/JVN25261088/index.html" + "url": "http://jvn.jp/en/jp/JVN25261088/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN25261088/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5953", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5954.json b/2019/5xxx/CVE-2019-5954.json index c099a41d0d5..93dcc034fd7 100644 --- a/2019/5xxx/CVE-2019-5954.json +++ b/2019/5xxx/CVE-2019-5954.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://www.jreast.co.jp/press/2018/20190310.pdf" + "url": "https://www.jreast.co.jp/press/2018/20190310.pdf", + "refsource": "MISC", + "name": "https://www.jreast.co.jp/press/2018/20190310.pdf" }, { - "url": "http://jvn.jp/en/jp/JVN01119243/index.html" + "url": "http://jvn.jp/en/jp/JVN01119243/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN01119243/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5954", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5955.json b/2019/5xxx/CVE-2019-5955.json index fd0f2940c2f..ab8ebd3fa6e 100644 --- a/2019/5xxx/CVE-2019-5955.json +++ b/2019/5xxx/CVE-2019-5955.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf" + "url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf", + "refsource": "MISC", + "name": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf" }, { - "url": "http://jvn.jp/en/jp/JVN87655507/index.html" + "url": "http://jvn.jp/en/jp/JVN87655507/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN87655507/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5955", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5957.json b/2019/5xxx/CVE-2019-5957.json index f1f98ffae54..dba7c621ff0 100644 --- a/2019/5xxx/CVE-2019-5957.json +++ b/2019/5xxx/CVE-2019-5957.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html" + "url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html", + "refsource": "MISC", + "name": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html" }, { - "url": "http://jvn.jp/en/jp/JVN91361851/index.html" + "url": "http://jvn.jp/en/jp/JVN91361851/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN91361851/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5957", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/5xxx/CVE-2019-5958.json b/2019/5xxx/CVE-2019-5958.json index 5bd2ee82425..9da8c049c0f 100644 --- a/2019/5xxx/CVE-2019-5958.json +++ b/2019/5xxx/CVE-2019-5958.json @@ -3,10 +3,14 @@ "references": { "reference_data": [ { - "url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html" + "url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html", + "refsource": "MISC", + "name": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html" }, { - "url": "http://jvn.jp/en/jp/JVN69903953/index.html" + "url": "http://jvn.jp/en/jp/JVN69903953/index.html", + "refsource": "MISC", + "name": "http://jvn.jp/en/jp/JVN69903953/index.html" } ] }, @@ -44,7 +48,8 @@ }, "CVE_data_meta": { "ID": "CVE-2019-5958", - "ASSIGNER": "vultures@jpcert.or.jp" + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { diff --git a/2019/6xxx/CVE-2019-6781.json b/2019/6xxx/CVE-2019-6781.json index bf618e3fbb5..93bdbd9f966 100644 --- a/2019/6xxx/CVE-2019-6781.json +++ b/2019/6xxx/CVE-2019-6781.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6781", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/" } ] } diff --git a/2019/6xxx/CVE-2019-6787.json b/2019/6xxx/CVE-2019-6787.json index c9088b21103..76407c78955 100644 --- a/2019/6xxx/CVE-2019-6787.json +++ b/2019/6xxx/CVE-2019-6787.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6787", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/" } ] } diff --git a/2019/6xxx/CVE-2019-6790.json b/2019/6xxx/CVE-2019-6790.json index da4c138c628..0250b767b50 100644 --- a/2019/6xxx/CVE-2019-6790.json +++ b/2019/6xxx/CVE-2019-6790.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6790", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/" } ] } diff --git a/2019/6xxx/CVE-2019-6797.json b/2019/6xxx/CVE-2019-6797.json index cbfd0f4969b..1ae2a0dc217 100644 --- a/2019/6xxx/CVE-2019-6797.json +++ b/2019/6xxx/CVE-2019-6797.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6797", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/" } ] }