From 84107d220aeb1c6e4d7d8559c8a66ca88ccf7931 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 25 Jul 2019 17:00:53 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/19xxx/CVE-2018-19857.json | 5 +++ 2019/12xxx/CVE-2019-12874.json | 5 +++ 2019/13xxx/CVE-2019-13602.json | 5 +++ 2019/13xxx/CVE-2019-13615.json | 17 +++++++++- 2019/14xxx/CVE-2019-14270.json | 62 ++++++++++++++++++++++++++++++++++ 2019/5xxx/CVE-2019-5439.json | 5 +++ 2019/9xxx/CVE-2019-9885.json | 2 +- 7 files changed, 99 insertions(+), 2 deletions(-) create mode 100644 2019/14xxx/CVE-2019-14270.json diff --git a/2018/19xxx/CVE-2018-19857.json b/2018/19xxx/CVE-2018-19857.json index 5c159aaf323..aad3dc7b19c 100644 --- a/2018/19xxx/CVE-2018-19857.json +++ b/2018/19xxx/CVE-2018-19857.json @@ -71,6 +71,11 @@ "name": "DSA-4366", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4366" + }, + { + "refsource": "UBUNTU", + "name": "USN-4074-1", + "url": "https://usn.ubuntu.com/4074-1/" } ] } diff --git a/2019/12xxx/CVE-2019-12874.json b/2019/12xxx/CVE-2019-12874.json index 168d7d2edaf..d22a04bcaba 100644 --- a/2019/12xxx/CVE-2019-12874.json +++ b/2019/12xxx/CVE-2019-12874.json @@ -61,6 +61,11 @@ "refsource": "BID", "name": "108882", "url": "http://www.securityfocus.com/bid/108882" + }, + { + "refsource": "UBUNTU", + "name": "USN-4074-1", + "url": "https://usn.ubuntu.com/4074-1/" } ] } diff --git a/2019/13xxx/CVE-2019-13602.json b/2019/13xxx/CVE-2019-13602.json index 2a3193bf0fe..94fc519cf4b 100644 --- a/2019/13xxx/CVE-2019-13602.json +++ b/2019/13xxx/CVE-2019-13602.json @@ -66,6 +66,11 @@ "refsource": "BID", "name": "109158", "url": "http://www.securityfocus.com/bid/109158" + }, + { + "refsource": "UBUNTU", + "name": "USN-4074-1", + "url": "https://usn.ubuntu.com/4074-1/" } ] } diff --git a/2019/13xxx/CVE-2019-13615.json b/2019/13xxx/CVE-2019-13615.json index 0d62bffbeb0..c545ede306d 100644 --- a/2019/13xxx/CVE-2019-13615.json +++ b/2019/13xxx/CVE-2019-13615.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in mkv::demux_sys_t::FreeUnused() in modules/demux/mkv/demux.cpp when called from mkv::Open in modules/demux/mkv/mkv.cpp. NOTE: It has been reported that the vulnerability originates in libebml before 1.3.6 and was fixed in the 3.0.3 binary version of VLC." + "value": "libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement." } ] }, @@ -61,6 +61,21 @@ "refsource": "BID", "name": "109304", "url": "http://www.securityfocus.com/bid/109304" + }, + { + "refsource": "MISC", + "name": "https://github.com/Matroska-Org/libebml/commit/05beb69ba60acce09f73ed491bb76f332849c3a0", + "url": "https://github.com/Matroska-Org/libebml/commit/05beb69ba60acce09f73ed491bb76f332849c3a0" + }, + { + "refsource": "MISC", + "name": "https://github.com/Matroska-Org/libebml/compare/release-1.3.5...release-1.3.6", + "url": "https://github.com/Matroska-Org/libebml/compare/release-1.3.5...release-1.3.6" + }, + { + "refsource": "UBUNTU", + "name": "USN-4073-1", + "url": "https://usn.ubuntu.com/4073-1/" } ] } diff --git a/2019/14xxx/CVE-2019-14270.json b/2019/14xxx/CVE-2019-14270.json new file mode 100644 index 00000000000..4101cd638fe --- /dev/null +++ b/2019/14xxx/CVE-2019-14270.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gaissecurity.com/yazi/discovery-of-sandbox-escape-on-comodo-container-antivirus-amp-firewall", + "refsource": "MISC", + "name": "https://gaissecurity.com/yazi/discovery-of-sandbox-escape-on-comodo-container-antivirus-amp-firewall" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5439.json b/2019/5xxx/CVE-2019-5439.json index 145e410be8b..4b7a4c62dee 100644 --- a/2019/5xxx/CVE-2019-5439.json +++ b/2019/5xxx/CVE-2019-5439.json @@ -53,6 +53,11 @@ "refsource": "BID", "name": "108769", "url": "http://www.securityfocus.com/bid/108769" + }, + { + "refsource": "UBUNTU", + "name": "USN-4074-1", + "url": "https://usn.ubuntu.com/4074-1/" } ] }, diff --git a/2019/9xxx/CVE-2019-9885.json b/2019/9xxx/CVE-2019-9885.json index 2ebdd6613d2..fc031f6f460 100644 --- a/2019/9xxx/CVE-2019-9885.json +++ b/2019/9xxx/CVE-2019-9885.json @@ -44,7 +44,7 @@ "description_data": [ { "lang": "eng", - "value": "eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter. " + "value": "eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenview_left.php StudentID parameter." } ] },