diff --git a/2017/15xxx/CVE-2017-15029.json b/2017/15xxx/CVE-2017-15029.json index bf6047b0ae9..85a663a4ca0 100644 --- a/2017/15xxx/CVE-2017-15029.json +++ b/2017/15xxx/CVE-2017-15029.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15029", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html" } ] } diff --git a/2017/15xxx/CVE-2017-15030.json b/2017/15xxx/CVE-2017-15030.json index 6188f513f65..fbac7205c69 100644 --- a/2017/15xxx/CVE-2017-15030.json +++ b/2017/15xxx/CVE-2017-15030.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15030", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html" } ] } diff --git a/2017/15xxx/CVE-2017-15652.json b/2017/15xxx/CVE-2017-15652.json index 09e92798e96..28fc4a85c00 100644 --- a/2017/15xxx/CVE-2017-15652.json +++ b/2017/15xxx/CVE-2017-15652.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15652", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=698676", + "refsource": "MISC", + "name": "https://bugs.ghostscript.com/show_bug.cgi?id=698676" + }, + { + "refsource": "CONFIRM", + "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2fc463d0e", + "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2fc463d0e" } ] } diff --git a/2017/17xxx/CVE-2017-17060.json b/2017/17xxx/CVE-2017-17060.json index 7e82d813001..293d20ffb16 100644 --- a/2017/17xxx/CVE-2017-17060.json +++ b/2017/17xxx/CVE-2017-17060.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17060", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/components/releasenotes/7.8.3/", + "url": "https://documentation.open-xchange.com/components/releasenotes/7.8.3/" } ] } diff --git a/2017/17xxx/CVE-2017-17061.json b/2017/17xxx/CVE-2017-17061.json index 4ff93cfc05b..bd7ddf5b8ef 100644 --- a/2017/17xxx/CVE-2017-17061.json +++ b/2017/17xxx/CVE-2017-17061.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17061", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/components/releasenotes/7.8.3/", + "url": "https://documentation.open-xchange.com/components/releasenotes/7.8.3/" } ] } diff --git a/2017/5xxx/CVE-2017-5210.json b/2017/5xxx/CVE-2017-5210.json index 66d0cbbb5f3..75eb8a6d06c 100644 --- a/2017/5xxx/CVE-2017-5210.json +++ b/2017/5xxx/CVE-2017-5210.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5210", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html" } ] } diff --git a/2017/5xxx/CVE-2017-5211.json b/2017/5xxx/CVE-2017-5211.json index 80104f11d6c..9c31e2aa2d0 100644 --- a/2017/5xxx/CVE-2017-5211.json +++ b/2017/5xxx/CVE-2017-5211.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5211", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html" } ] } diff --git a/2017/5xxx/CVE-2017-5212.json b/2017/5xxx/CVE-2017-5212.json index 030a8836cf4..3533825e980 100644 --- a/2017/5xxx/CVE-2017-5212.json +++ b/2017/5xxx/CVE-2017-5212.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5212", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html" } ] } diff --git a/2017/5xxx/CVE-2017-5213.json b/2017/5xxx/CVE-2017-5213.json index 7d07c242e5a..486eead21d3 100644 --- a/2017/5xxx/CVE-2017-5213.json +++ b/2017/5xxx/CVE-2017-5213.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5213", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "url": "http://open-xchange.com", + "refsource": "MISC", + "name": "http://open-xchange.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html" } ] } diff --git a/2018/11xxx/CVE-2018-11212.json b/2018/11xxx/CVE-2018-11212.json index 6f8e9121b16..bb42c800ed5 100644 --- a/2018/11xxx/CVE-2018-11212.json +++ b/2018/11xxx/CVE-2018-11212.json @@ -121,6 +121,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1238", "url": "https://access.redhat.com/errata/RHSA-2019:1238" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" } ] } diff --git a/2018/3xxx/CVE-2018-3639.json b/2018/3xxx/CVE-2018-3639.json index 559affbf375..1d5efce3b6f 100644 --- a/2018/3xxx/CVE-2018-3639.json +++ b/2018/3xxx/CVE-2018-3639.json @@ -742,6 +742,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:1046", "url": "https://access.redhat.com/errata/RHSA-2019:1046" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1438", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" } ] } diff --git a/2019/12xxx/CVE-2019-12272.json b/2019/12xxx/CVE-2019-12272.json index 60bbba84d54..d0de2290cc8 100644 --- a/2019/12xxx/CVE-2019-12272.json +++ b/2019/12xxx/CVE-2019-12272.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12272", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12272", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openwrt/luci/commits/master", + "refsource": "MISC", + "name": "https://github.com/openwrt/luci/commits/master" + }, + { + "refsource": "MISC", + "name": "https://github.com/openwrt/luci/commit/9e4b8a91384562e3baee724a52b72e30b1aa006d", + "url": "https://github.com/openwrt/luci/commit/9e4b8a91384562e3baee724a52b72e30b1aa006d" } ] } diff --git a/2019/12xxx/CVE-2019-12300.json b/2019/12xxx/CVE-2019-12300.json new file mode 100644 index 00000000000..273cab5fdf6 --- /dev/null +++ b/2019/12xxx/CVE-2019-12300.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12300", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication", + "refsource": "MISC", + "name": "https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2422.json b/2019/2xxx/CVE-2019-2422.json index 6bace5aea57..451cdf617d1 100644 --- a/2019/2xxx/CVE-2019-2422.json +++ b/2019/2xxx/CVE-2019-2422.json @@ -166,6 +166,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1238", "url": "https://access.redhat.com/errata/RHSA-2019:1238" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" } ] } diff --git a/2019/2xxx/CVE-2019-2426.json b/2019/2xxx/CVE-2019-2426.json index fdd4fae30e0..a703a95566f 100644 --- a/2019/2xxx/CVE-2019-2426.json +++ b/2019/2xxx/CVE-2019-2426.json @@ -76,6 +76,11 @@ "name": "106590", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106590" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" } ] } diff --git a/2019/2xxx/CVE-2019-2602.json b/2019/2xxx/CVE-2019-2602.json index 206a2cc6410..8358548120f 100644 --- a/2019/2xxx/CVE-2019-2602.json +++ b/2019/2xxx/CVE-2019-2602.json @@ -111,6 +111,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:1238", "url": "https://access.redhat.com/errata/RHSA-2019:1238" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1438", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" } ] } diff --git a/2019/2xxx/CVE-2019-2684.json b/2019/2xxx/CVE-2019-2684.json index b45c723ad7f..824eca31e5c 100644 --- a/2019/2xxx/CVE-2019-2684.json +++ b/2019/2xxx/CVE-2019-2684.json @@ -111,6 +111,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:1238", "url": "https://access.redhat.com/errata/RHSA-2019:1238" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1438", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" } ] } diff --git a/2019/2xxx/CVE-2019-2698.json b/2019/2xxx/CVE-2019-2698.json index 8a1a8e99403..9dd951d5822 100644 --- a/2019/2xxx/CVE-2019-2698.json +++ b/2019/2xxx/CVE-2019-2698.json @@ -102,6 +102,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:1238", "url": "https://access.redhat.com/errata/RHSA-2019:1238" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1439", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1438", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html" } ] } diff --git a/2019/4xxx/CVE-2019-4039.json b/2019/4xxx/CVE-2019-4039.json index d3a6d52f596..b285dd5f230 100644 --- a/2019/4xxx/CVE-2019-4039.json +++ b/2019/4xxx/CVE-2019-4039.json @@ -1,150 +1,150 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MQ", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.1" - }, - { - "version_value" : "8.0.0.1" - }, - { - "version_value" : "8.0.0.2" - }, - { - "version_value" : "8.0.0.3" - }, - { - "version_value" : "8.0.0.4" - }, - { - "version_value" : "8.0.0.5" - }, - { - "version_value" : "8.0.0.6" - }, - { - "version_value" : "8.0.0.7" - }, - { - "version_value" : "9.0.0.2" - }, - { - "version_value" : "8.0.0.8" - }, - { - "version_value" : "8.0.0.9" - }, - { - "version_value" : "9.0.0.3" - }, - { - "version_value" : "8.0.0.0" - }, - { - "version_value" : "8.0.0.10" - }, - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "9.0.0.4" - }, - { - "version_value" : "9.0.0.5" - }, - { - "version_value" : "9.1.0.0" - }, - { - "version_value" : "9.1.0.1" - }, - { - "version_value" : "9.1.1" - }, - { - "version_value" : "8.0.0.11" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2019-05-21T00:00:00", - "ID" : "CVE-2019-4039", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_format" : "MITRE", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163." - } - ] - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 0870492 (MQ)", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870492", - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870492", - "refsource" : "CONFIRM" - }, - { - "name" : "ibm-websphere-cve20194039-dos (156163)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156163", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "I" : "N", - "S" : "U", - "UI" : "N", - "SCORE" : "6.200", - "AV" : "L", - "A" : "H", - "C" : "N", - "AC" : "L", - "PR" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MQ", + "version": { + "version_data": [ + { + "version_value": "9.0.0.1" + }, + { + "version_value": "8.0.0.1" + }, + { + "version_value": "8.0.0.2" + }, + { + "version_value": "8.0.0.3" + }, + { + "version_value": "8.0.0.4" + }, + { + "version_value": "8.0.0.5" + }, + { + "version_value": "8.0.0.6" + }, + { + "version_value": "8.0.0.7" + }, + { + "version_value": "9.0.0.2" + }, + { + "version_value": "8.0.0.8" + }, + { + "version_value": "8.0.0.9" + }, + { + "version_value": "9.0.0.3" + }, + { + "version_value": "8.0.0.0" + }, + { + "version_value": "8.0.0.10" + }, + { + "version_value": "9.0.0.0" + }, + { + "version_value": "9.0.0.4" + }, + { + "version_value": "9.0.0.5" + }, + { + "version_value": "9.1.0.0" + }, + { + "version_value": "9.1.0.1" + }, + { + "version_value": "9.1.1" + }, + { + "version_value": "8.0.0.11" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE", - "data_version" : "4.0" -} + } + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2019-05-21T00:00:00", + "ID": "CVE-2019-4039", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_format": "MITRE", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local attacker to cause a denial of service within the error log reporting system. IBM X-Force ID: 156163." + } + ] + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 0870492 (MQ)", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10870492", + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10870492", + "refsource": "CONFIRM" + }, + { + "name": "ibm-websphere-cve20194039-dos (156163)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/156163", + "title": "X-Force Vulnerability Report" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "I": "N", + "S": "U", + "UI": "N", + "SCORE": "6.200", + "AV": "L", + "A": "H", + "C": "N", + "AC": "L", + "PR": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "data_type": "CVE", + "data_version": "4.0" +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4078.json b/2019/4xxx/CVE-2019-4078.json index 02eafd2469f..96b8e1cb29e 100644 --- a/2019/4xxx/CVE-2019-4078.json +++ b/2019/4xxx/CVE-2019-4078.json @@ -1,150 +1,150 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.1" - }, - { - "version_value" : "8.0.0.1" - }, - { - "version_value" : "8.0.0.2" - }, - { - "version_value" : "8.0.0.3" - }, - { - "version_value" : "8.0.0.4" - }, - { - "version_value" : "8.0.0.5" - }, - { - "version_value" : "8.0.0.6" - }, - { - "version_value" : "8.0.0.7" - }, - { - "version_value" : "9.0.0.2" - }, - { - "version_value" : "8.0.0.8" - }, - { - "version_value" : "8.0.0.9" - }, - { - "version_value" : "9.0.0.3" - }, - { - "version_value" : "8.0.0.0" - }, - { - "version_value" : "8.0.0.10" - }, - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "9.0.0.4" - }, - { - "version_value" : "9.0.0.5" - }, - { - "version_value" : "9.1.0.0" - }, - { - "version_value" : "9.1.0.1" - }, - { - "version_value" : "9.1.1" - }, - { - "version_value" : "8.0.0.11" - } - ] - }, - "product_name" : "MQ" - } - ] - } - } - ] - } - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2019-05-21T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2019-4078", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 0872876 (MQ)", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10872876", - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10872876", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/157190", - "name" : "ibm-websphere-cve20194078-priv-escalation (157190)", - "refsource" : "XF" - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190.", - "lang" : "eng" - } - ] - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Gain Privileges", - "lang" : "eng" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "9.0.0.1" + }, + { + "version_value": "8.0.0.1" + }, + { + "version_value": "8.0.0.2" + }, + { + "version_value": "8.0.0.3" + }, + { + "version_value": "8.0.0.4" + }, + { + "version_value": "8.0.0.5" + }, + { + "version_value": "8.0.0.6" + }, + { + "version_value": "8.0.0.7" + }, + { + "version_value": "9.0.0.2" + }, + { + "version_value": "8.0.0.8" + }, + { + "version_value": "8.0.0.9" + }, + { + "version_value": "9.0.0.3" + }, + { + "version_value": "8.0.0.0" + }, + { + "version_value": "8.0.0.10" + }, + { + "version_value": "9.0.0.0" + }, + { + "version_value": "9.0.0.4" + }, + { + "version_value": "9.0.0.5" + }, + { + "version_value": "9.1.0.0" + }, + { + "version_value": "9.1.0.1" + }, + { + "version_value": "9.1.1" + }, + { + "version_value": "8.0.0.11" + } + ] + }, + "product_name": "MQ" + } + ] + } + } ] - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "I" : "H", - "S" : "U", - "SCORE" : "7.400", - "UI" : "N", - "C" : "H", - "A" : "H", - "AV" : "L", - "AC" : "H", - "PR" : "N" - } - } - } -} + } + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2019-05-21T00:00:00", + "STATE": "PUBLIC", + "ID": "CVE-2019-4078", + "ASSIGNER": "psirt@us.ibm.com" + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 0872876 (MQ)", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10872876", + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10872876", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/157190", + "name": "ibm-websphere-cve20194078-priv-escalation (157190)", + "refsource": "XF" + } + ] + }, + "description": { + "description_data": [ + { + "value": "IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. IBM X-Force ID: 157190.", + "lang": "eng" + } + ] + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Gain Privileges", + "lang": "eng" + } + ] + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "I": "H", + "S": "U", + "SCORE": "7.400", + "UI": "N", + "C": "H", + "A": "H", + "AV": "L", + "AC": "H", + "PR": "N" + } + } + } +} \ No newline at end of file