From 7a790b72ac04763c089def7d45c6a8813e45f600 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 27 Mar 2019 15:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/14xxx/CVE-2018-14038.json | 63 ++++------------------------------ 2019/0xxx/CVE-2019-0192.json | 5 +++ 2019/10xxx/CVE-2019-10226.json | 18 ++++++++++ 2019/9xxx/CVE-2019-9860.json | 56 ++++++++++++++++++++++++++---- 4 files changed, 80 insertions(+), 62 deletions(-) create mode 100644 2019/10xxx/CVE-2019-10226.json diff --git a/2018/14xxx/CVE-2018-14038.json b/2018/14xxx/CVE-2018-14038.json index 181208c4c26..60bc04c2e4d 100644 --- a/2018/14xxx/CVE-2018-14038.json +++ b/2018/14xxx/CVE-2018-14038.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14038", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14038", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The aout_32_swap_std_reloc_out function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils before 2.31, allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file, as demonstrated by objcopy." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23405", - "refsource": "MISC", - "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23405" - }, - { - "name": "http://git.hunter-ht.cn/zhanggen/objcopy_crash_input_1", - "refsource": "MISC", - "url": "http://git.hunter-ht.cn/zhanggen/objcopy_crash_input_1" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7642. Reason: This candidate is a reservation duplicate of CVE-2018-7642. Notes: All CVE users should reference CVE-2018-7642 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2019/0xxx/CVE-2019-0192.json b/2019/0xxx/CVE-2019-0192.json index 75f699f8b56..6116defbb81 100644 --- a/2019/0xxx/CVE-2019-0192.json +++ b/2019/0xxx/CVE-2019-0192.json @@ -82,6 +82,11 @@ "refsource": "MLIST", "name": "[lucene-dev] 20190326 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl", "url": "https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d@%3Cdev.lucene.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[lucene-dev] 20190327 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl", + "url": "https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d@%3Cdev.lucene.apache.org%3E" } ] } diff --git a/2019/10xxx/CVE-2019-10226.json b/2019/10xxx/CVE-2019-10226.json new file mode 100644 index 00000000000..664194d9850 --- /dev/null +++ b/2019/10xxx/CVE-2019-10226.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10226", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9860.json b/2019/9xxx/CVE-2019-9860.json index fdb88d2d6c7..303c5ccab09 100644 --- a/2019/9xxx/CVE-2019-9860.json +++ b/2019/9xxx/CVE-2019-9860.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-9860", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-9860", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Due to unencrypted signal communication and predictability of rolling codes, an attacker can \"desynchronize\" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are not accepted anymore." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-036.txt", + "refsource": "MISC", + "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-036.txt" } ] }