admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-17 16:00:54 +00:00
parent 20112a458d
commit 69bfb0a9d9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 2405 additions and 474 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2018/17xxx/CVE-2018-17179.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17179",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617"
},
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
}
]
}

53
2018/17xxx/CVE-2018-17180.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17180",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. Directory Traversal exists via docid=../ to /portal/lib/download_template.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
},
{
"url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541"
}
]
}

53
2018/17xxx/CVE-2018-17181.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17181",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
},
{
"url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541"
}
]
}

53
2018/19xxx/CVE-2018-19585.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19585",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/"
}
]
}

53
2018/20xxx/CVE-2018-20500.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20500",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/",
"url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/"
}
]
}

64
2018/3xxx/CVE-2018-3701.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3701",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2018-3701",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) PROSet/Wireless WiFi Software Advisory",
"version": {
"version_data": [
{
"version_value": "Versions 20.100 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0086.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0086",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0086",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0089.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0089",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0089",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "Versions before SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0090.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0090",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0090",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

64
2019/0xxx/CVE-2019-0091.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0091",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0091",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0092.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0092",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0092",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

64
2019/0xxx/CVE-2019-0093.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0093",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0093",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access."
}
]
}

64
2019/0xxx/CVE-2019-0094.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0094",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0094",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access."
}
]
}

64
2019/0xxx/CVE-2019-0096.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0096",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0096",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access."
}
]
}

64
2019/0xxx/CVE-2019-0097.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0097",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0097",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access."
}
]
}

64
2019/0xxx/CVE-2019-0098.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0098",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0098",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

64
2019/0xxx/CVE-2019-0099.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0099",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0099",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Platform Services (SPS), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before SPS_E3_05.00.04.027.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

64
2019/0xxx/CVE-2019-0113.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0113",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0113",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0114.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0114",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0114",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0115.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0115",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0115",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Driver KMD module",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0116.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0116",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0116",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Driver KMD module",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0119.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0119",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0119",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0120.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0120",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0120",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0126.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0126",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0126",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}

64
2019/0xxx/CVE-2019-0132.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0132",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0132",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel Unite(R) Client",
"version": {
"version_data": [
{
"version_value": "Versions before 3.3.176.13."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access."
}
]
}

64
2019/0xxx/CVE-2019-0138.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0138",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0138",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) ACU Wizard",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0153.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0153",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0153",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
]
}

64
2019/0xxx/CVE-2019-0170.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0170",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0170",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Dynamic Application Loader (DAL)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0171.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0171",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0171",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Quartus(R)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Quartus(R) Prime all versions 15.1 to 18.1, and Intel(R) Quartus(R) II versions 9.1 to 15.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

64
2019/0xxx/CVE-2019-0172.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0172",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta": {
"ID": "CVE-2019-0172",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel Unite(R) Client for Android",
"version": {
"version_data": [
{
"version_value": "Versions prior to 4.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access."
}
]
}

3
2019/10xxx/CVE-2019-10139.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10139",
"ASSIGNER": "mrehak@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

50
2019/11xxx/CVE-2019-11085.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11085",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) i915 Graphics for Linux",
"version": {
"version_data": [
{
"version_value": "Versions before 5.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

50
2019/11xxx/CVE-2019-11093.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) SCS Discovery Utility",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

50
2019/11xxx/CVE-2019-11094.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel (R) NUC",
"version": {
"version_data": [
{
"version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
}
]
}

50
2019/11xxx/CVE-2019-11095.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11095",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Driver & Support Assistant",
"version": {
"version_data": [
{
"version_value": "Version 19.3.12.3 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
}
]
}

50
2019/11xxx/CVE-2019-11114.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11114",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Driver & Support Assistant",
"version": {
"version_data": [
{
"version_value": "Version 19.3.12.3 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access."
}
]
}

48
2019/5xxx/CVE-2019-5883.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5883",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/"
}
]
}

11
2019/5xxx/CVE-2019-5928.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34279/"
"url": "https://kb.cybozu.support/article/34279/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34279/"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5928",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5929.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34277/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34277/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34277/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5929",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5930.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34227/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34227/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34227/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5930",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5931.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34283/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34283/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34283/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5931",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5932.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34276/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34276/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34276/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5932",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5933.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35307/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35307/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35307/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5933",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5934.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35306/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35306/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35306/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5934",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5935.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35497/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35497/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35497/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5935",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5936.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35484/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35484/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35484/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5936",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5937.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35493/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35493/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35493/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5937",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5938.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35494/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35494/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35494/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5938",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5939.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35495/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35495/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35495/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5939",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5940.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35490/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35490/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35490/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5940",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5941.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35489/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35489/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35489/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5941",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5942.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35485/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35485/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35485/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5942",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5943.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35486/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35486/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35486/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5943",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5944.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35487/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35487/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35487/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5944",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5945.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35488/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35488/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35488/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5945",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5946.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35492/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35492/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35492/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5946",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5947.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35496/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35496/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35496/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5947",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5953.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.gnu.org/software/wget/"
"url": "https://www.gnu.org/software/wget/",
"refsource": "MISC",
"name": "https://www.gnu.org/software/wget/"
},
{
"url": "http://jvn.jp/en/jp/JVN25261088/index.html"
"url": "http://jvn.jp/en/jp/JVN25261088/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN25261088/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5953",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5954.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.jreast.co.jp/press/2018/20190310.pdf"
"url": "https://www.jreast.co.jp/press/2018/20190310.pdf",
"refsource": "MISC",
"name": "https://www.jreast.co.jp/press/2018/20190310.pdf"
},
{
"url": "http://jvn.jp/en/jp/JVN01119243/index.html"
"url": "http://jvn.jp/en/jp/JVN01119243/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN01119243/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5954",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5955.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf"
"url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf",
"refsource": "MISC",
"name": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf"
},
{
"url": "http://jvn.jp/en/jp/JVN87655507/index.html"
"url": "http://jvn.jp/en/jp/JVN87655507/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN87655507/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5955",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5957.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html"
"url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html",
"refsource": "MISC",
"name": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html"
},
{
"url": "http://jvn.jp/en/jp/JVN91361851/index.html"
"url": "http://jvn.jp/en/jp/JVN91361851/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN91361851/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5957",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5958.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html"
"url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html",
"refsource": "MISC",
"name": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html"
},
{
"url": "http://jvn.jp/en/jp/JVN69903953/index.html"
"url": "http://jvn.jp/en/jp/JVN69903953/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN69903953/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5958",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

53
2019/6xxx/CVE-2019-6781.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6781",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6787.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6787",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6790.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6790",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6797.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6797",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}