admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-17 16:00:54 +00:00
parent 20112a458d
commit 69bfb0a9d9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 2405 additions and 474 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2018/17xxx/CVE-2018-17179.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17179",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task function in /interface/forms/eye_mag/php/taskman_functions.php via /interface/forms/eye_mag/taskman.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/3e22d11c7175c1ebbf3d862545ce6fee18f70617"
},
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
}
]
}

53
2018/17xxx/CVE-2018-17180.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17180",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. Directory Traversal exists via docid=../ to /portal/lib/download_template.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
},
{
"url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541"
}
]
}

53
2018/17xxx/CVE-2018-17181.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17181",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29",
"refsource": "MISC",
"name": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#5.0.1_Patch_.289.2F9.2F18.29"
},
{
"url": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541",
"refsource": "MISC",
"name": "https://github.com/openemr/openemr/commit/4963fe4932a0a4e1e982642226174e9931d09541"
}
]
}

53
2018/19xxx/CVE-2018-19585.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19585",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/"
}
]
}

53
2018/20xxx/CVE-2018-20500.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20500",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/",
"url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/"
}
]
}

58
2018/3xxx/CVE-2018-3701.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-3701",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-3701",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) PROSet/Wireless WiFi Software Advisory",
"version": {
"version_data": [
{
"version_value": "Versions 20.100 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00204.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0086.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0086",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0086",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME) Dynamic Application Loader, Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0089.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0089",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0089",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "Versions before SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0090.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0090",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0090",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

58
2019/0xxx/CVE-2019-0091.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0091",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0091",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before CSME 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0092.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0092",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0092",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

58
2019/0xxx/CVE-2019-0093.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0093",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0093",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel(R) Server Platform Services (SPS)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access."
}
]
}

58
2019/0xxx/CVE-2019-0094.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0094",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0094",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access."
}
]
}

58
2019/0xxx/CVE-2019-0096.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0096",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0096",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 11.8.65, 11.11.65, 11.22.65, 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access."
}
]
}

58
2019/0xxx/CVE-2019-0097.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0097",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0097",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Active Management Technology (AMT)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access."
}
]
}

58
2019/0xxx/CVE-2019-0098.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0098",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0098",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before Intel (R) CSME 12.0.35 and Intel(R) TXE before 3.1.65, 4.0.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

58
2019/0xxx/CVE-2019-0099.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0099",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0099",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Server Platform Services (SPS), Intel (R) Trusted Execution Engine Interface (TXE)",
"version": {
"version_data": [
{
"version_value": "Versions before SPS_E3_05.00.04.027.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
}
]
}

58
2019/0xxx/CVE-2019-0113.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0113",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0113",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0114.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0114",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0114",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Drivers",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0115.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0115",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0115",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Driver KMD module",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0116.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0116",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0116",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Driver KMD module",
"version": {
"version_data": [
{
"version_value": "Versions before 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069)."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0119.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0119",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0119",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0120.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0120",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0120",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0126.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0126",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0126",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Unified Extensible Firmware Interface (UEFI)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege, Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00223.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control in silicon reference firmware for Intel(R) Xeon(R) Scalable Processor, Intel(R) Xeon(R) Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access."
}
]
}

58
2019/0xxx/CVE-2019-0132.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0132",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0132",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel Unite(R) Client",
"version": {
"version_data": [
{
"version_value": "Versions before 3.3.176.13."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00228.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may allow an unauthenticated user to potentially cause a denial of service via network access."
}
]
}

58
2019/0xxx/CVE-2019-0138.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0138",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0138",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) ACU Wizard",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0153.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0153",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0153",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Converged Security & Management Engine (CSME)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
]
}

58
2019/0xxx/CVE-2019-0170.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0170",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0170",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Dynamic Application Loader (DAL)",
"version": {
"version_data": [
{
"version_value": "Versions before 12.0.35."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0171.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0171",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0171",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Quartus(R)",
"version": {
"version_data": [
{
"version_value": "Intel(R) Quartus(R) Prime all versions 15.1 to 18.1, and Intel(R) Quartus(R) II versions 9.1 to 15.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00244.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

58
2019/0xxx/CVE-2019-0172.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0172",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0172",
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel Unite(R) Client for Android",
"version": {
"version_data": [
{
"version_value": "Versions prior to 4.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00245.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access."
}
]
}

3
2019/10xxx/CVE-2019-10139.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10139",
"ASSIGNER": "mrehak@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

50
2019/11xxx/CVE-2019-11085.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11085",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) i915 Graphics for Linux",
"version": {
"version_data": [
{
"version_value": "Versions before 5.0."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

50
2019/11xxx/CVE-2019-11093.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) SCS Discovery Utility",
"version": {
"version_data": [
{
"version_value": "Versions 12.0.0.129 and earlier."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00234.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
}

50
2019/11xxx/CVE-2019-11094.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel (R) NUC",
"version": {
"version_data": [
{
"version_value": "Kit NUC8i7HNK BIOS and Kit NUC8i7HVK BIOS before version 0054. Kit NUC7i7DNHE BIOS, Kit NUC7i7DNKE BIOS, Kit NUC7i5DNHE, Kit NUC7i5DNHE and Board NUC7i7DNBE BIOS before version 0062."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00251.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access."
}
]
}

50
2019/11xxx/CVE-2019-11095.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11095",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Driver & Support Assistant",
"version": {
"version_data": [
{
"version_value": "Version 19.3.12.3 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access."
}
]
}

50
2019/11xxx/CVE-2019-11114.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-11114",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@intel.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Intel(R) Driver & Support Assistant",
"version": {
"version_data": [
{
"version_value": "Version 19.3.12.3 and before."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00252.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access."
}
]
}

190
2019/4xxx/CVE-2019-4119.json
View File

@ -1,99 +1,99 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"A" : "N",
"AC" : "H",
"I" : "L",
"C" : "N",
"AV" : "N",
"UI" : "N",
"PR" : "L",
"SCORE" : "3.100"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cloud Private",
"version" : {
"version_data" : [
{
"version_value" : "2.1.0"
},
{
"version_value" : "3.1.0"
},
{
"version_value" : "3.1.1"
},
{
"version_value" : "3.1.2"
}
]
}
}
]
}
"value": "IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 can be used as an HTTP proxy to not only cluster internal but also external target IP addresses. IBM X-Force ID: 158145.",
"lang": "eng"
}
]
}
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-05-15T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4119"
},
"references" : {
"reference_data" : [
{
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10878460",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 878460 (Cloud Private)",
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10878460"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-cloud-cve20194119-proxy (158145)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158145",
"refsource" : "XF"
}
]
},
"data_format" : "MITRE"
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"A": "N",
"AC": "H",
"I": "L",
"C": "N",
"AV": "N",
"UI": "N",
"PR": "L",
"SCORE": "3.100"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Cloud Private",
"version": {
"version_data": [
{
"version_value": "2.1.0"
},
{
"version_value": "3.1.0"
},
{
"version_value": "3.1.1"
},
{
"version_value": "3.1.2"
}
]
}
}
]
}
}
]
}
},
"data_type": "CVE",
"CVE_data_meta": {
"DATE_PUBLIC": "2019-05-15T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2019-4119"
},
"references": {
"reference_data": [
{
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10878460",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 878460 (Cloud Private)",
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10878460"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-cloud-cve20194119-proxy (158145)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158145",
"refsource": "XF"
}
]
},
"data_format": "MITRE"
}

178
2019/4xxx/CVE-2019-4279.json
View File

@ -1,93 +1,93 @@
{
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10883628",
"title" : "IBM Security Bulletin 883628 (WebSphere Application Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10883628"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/160445",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-websphere-cve20194279-code-exec (160445)"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2019-4279",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-05-16T00:00:00"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "C",
"A" : "H",
"AC" : "H",
"I" : "H",
"C" : "H",
"AV" : "N",
"PR" : "N",
"UI" : "N",
"SCORE" : "9.000"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "WebSphere Application Server",
"version" : {
"version_data" : [
{
"version_value" : "8.5"
},
{
"version_value" : "9.0"
}
]
}
}
]
}
"value": "IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.",
"lang": "eng"
}
]
}
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10883628",
"title": "IBM Security Bulletin 883628 (WebSphere Application Server)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10883628"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/160445",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-websphere-cve20194279-code-exec (160445)"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2019-4279",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-05-16T00:00:00"
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"S": "C",
"A": "H",
"AC": "H",
"I": "H",
"C": "H",
"AV": "N",
"PR": "N",
"UI": "N",
"SCORE": "9.000"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "WebSphere Application Server",
"version": {
"version_data": [
{
"version_value": "8.5"
},
{
"version_value": "9.0"
}
]
}
}
]
}
}
]
}
}
}

48
2019/5xxx/CVE-2019-5883.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5883",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition 6.0 and later but before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. The issue comments feature could allow a user to comment on an issue which they shouldn't be allowed to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/"
}
]
}

11
2019/5xxx/CVE-2019-5928.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34279/"
"url": "https://kb.cybozu.support/article/34279/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34279/"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5928",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5929.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34277/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34277/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34277/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5929",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5930.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34227/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34227/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34227/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5930",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5931.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34283/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34283/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34283/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5931",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5932.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/34276/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/34276/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/34276/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5932",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5933.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35307/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35307/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35307/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5933",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5934.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35306/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35306/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35306/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5934",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5935.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35497/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35497/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35497/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5935",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5936.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35484/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35484/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35484/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5936",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5937.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35493/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35493/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35493/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5937",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5938.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35494/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35494/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35494/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5938",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5939.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35495/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35495/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35495/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5939",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5940.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35490/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35490/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35490/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5940",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5941.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35489/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35489/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35489/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5941",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5942.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35485/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35485/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35485/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5942",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5943.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35486/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35486/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35486/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5943",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5944.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35487/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35487/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35487/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5944",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5945.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35488/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35488/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35488/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5945",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5946.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35492/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35492/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35492/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5946",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5947.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://kb.cybozu.support/article/35496/"
"url": "http://jvn.jp/en/jp/JVN58849431/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN58849431/index.html"
},
{
"url": "http://jvn.jp/en/jp/JVN58849431/index.html"
"url": "https://kb.cybozu.support/article/35496/",
"refsource": "MISC",
"name": "https://kb.cybozu.support/article/35496/"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5947",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5953.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.gnu.org/software/wget/"
"url": "https://www.gnu.org/software/wget/",
"refsource": "MISC",
"name": "https://www.gnu.org/software/wget/"
},
{
"url": "http://jvn.jp/en/jp/JVN25261088/index.html"
"url": "http://jvn.jp/en/jp/JVN25261088/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN25261088/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5953",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5954.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.jreast.co.jp/press/2018/20190310.pdf"
"url": "https://www.jreast.co.jp/press/2018/20190310.pdf",
"refsource": "MISC",
"name": "https://www.jreast.co.jp/press/2018/20190310.pdf"
},
{
"url": "http://jvn.jp/en/jp/JVN01119243/index.html"
"url": "http://jvn.jp/en/jp/JVN01119243/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN01119243/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5954",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5955.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf"
"url": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf",
"refsource": "MISC",
"name": "https://www.create-sd.co.jp/Portals/0/pdf/appsec_en.pdf"
},
{
"url": "http://jvn.jp/en/jp/JVN87655507/index.html"
"url": "http://jvn.jp/en/jp/JVN87655507/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN87655507/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5955",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5957.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html"
"url": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html",
"refsource": "MISC",
"name": "https://www.denpa.soumu.go.jp/public/prog/onlineInstaller_download.html"
},
{
"url": "http://jvn.jp/en/jp/JVN91361851/index.html"
"url": "http://jvn.jp/en/jp/JVN91361851/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN91361851/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5957",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

11
2019/5xxx/CVE-2019-5958.json
View File

@ -3,10 +3,14 @@
"references": {
"reference_data": [
{
"url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html"
"url": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html",
"refsource": "MISC",
"name": "https://www.denpa.soumu.go.jp/public/prog/offlineInstaller_download.html"
},
{
"url": "http://jvn.jp/en/jp/JVN69903953/index.html"
"url": "http://jvn.jp/en/jp/JVN69903953/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN69903953/index.html"
}
]
},
@ -44,7 +48,8 @@
},
"CVE_data_meta": {
"ID": "CVE-2019-5958",
"ASSIGNER": "vultures@jpcert.or.jp"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"problemtype": {

53
2019/6xxx/CVE-2019-6781.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6781",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It was possible to use the profile name to inject a potentially malicious link into notification emails."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6787.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6787",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitLab API allowed project Maintainers and Owners to view the trigger tokens of other project users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6790.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6790",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Incorrect Access Control (issue 2 of 3) issue was discovered in GitLab Community and Enterprise Edition 8.14 and later but before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. Guest users were able to view the list of a group's merge requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}

53
2019/6xxx/CVE-2019-6797.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6797",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information disclosure issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The GitHub token used in CI/CD for External Repos was being leaked to project maintainers in the UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://about.gitlab.com/blog/categories/releases/",
"refsource": "MISC",
"name": "https://about.gitlab.com/blog/categories/releases/"
},
{
"url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/",
"refsource": "MISC",
"name": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/"
}
]
}