"-Synchronized-Data."

2025-05-06 02:32:02 +00:00 · 2019-06-24 21:00:47 +00:00 · 2019-06-24 21:00:47 +00:00 · 8436e99542
commit 8436e99542
parent ecb68356a2
12 changed files with 161 additions and 8 deletions
--- a/2014/3xxx/CVE-2014-3637.json
+++ b/2014/3xxx/CVE-2014-3637.json
@ -96,6 +96,11 @@
                "name": "MDVSA-2015:176",
                "refsource": "MANDRIVA",
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20190624 Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz",
                "url": "http://www.openwall.com/lists/oss-security/2019/06/24/13"
            }
        ]
    }
--- a/2014/9xxx/CVE-2014-9699.json
+++ b/2014/9xxx/CVE-2014-9699.json
@ -2,7 +2,30 @@
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-9699",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
@ -11,7 +34,33 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "name": "https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520",
                "url": "https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520"
            },
            {
                "refsource": "MISC",
                "name": "https://secur3.us/index.php/vulnerabilities/",
                "url": "https://secur3.us/index.php/vulnerabilities/"
            }
        ]
    }
--- a/2016/10xxx/CVE-2016-10745.json
+++ b/2016/10xxx/CVE-2016-10745.json
@ -91,6 +91,11 @@
                "refsource": "UBUNTU",
                "name": "USN-4011-2",
                "url": "https://usn.ubuntu.com/4011-2/"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1614",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html"
            }
        ]
    }
--- a/2017/18xxx/CVE-2017-18376.json
+++ b/2017/18xxx/CVE-2017-18376.json
@ -61,6 +61,11 @@
                "url": "https://github.com/TheHive-Project/TheHive/releases/tag/3.3.1",
                "refsource": "MISC",
                "name": "https://github.com/TheHive-Project/TheHive/releases/tag/3.3.1"
            },
            {
                "refsource": "MISC",
                "name": "https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591",
                "url": "https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591"
            }
        ]
    }
--- a/2018/12xxx/CVE-2018-12056.json
+++ b/2018/12xxx/CVE-2018-12056.json
@ -56,6 +56,11 @@
                "name": "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40",
                "refsource": "MISC",
                "url": "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40"
            },
            {
                "refsource": "MLIST",
                "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
                "url": "https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E"
            }
        ]
    }
--- a/2018/19xxx/CVE-2018-19800.json
+++ b/2018/19xxx/CVE-2018-19800.json
@ -56,6 +56,11 @@
                "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog",
                "refsource": "MISC",
                "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1618",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html"
            }
        ]
    }
--- a/2018/19xxx/CVE-2018-19801.json
+++ b/2018/19xxx/CVE-2018-19801.json
@ -56,6 +56,11 @@
                "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog",
                "refsource": "MISC",
                "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1618",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html"
            }
        ]
    }
--- a/2018/19xxx/CVE-2018-19802.json
+++ b/2018/19xxx/CVE-2018-19802.json
@ -56,6 +56,11 @@
                "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog",
                "refsource": "MISC",
                "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1618",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html"
            }
        ]
    }
--- a/2019/10xxx/CVE-2019-10906.json
+++ b/2019/10xxx/CVE-2019-10906.json
@ -141,6 +141,11 @@
                "refsource": "UBUNTU",
                "name": "USN-4011-2",
                "url": "https://usn.ubuntu.com/4011-2/"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1614",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html"
            }
        ]
    }
--- a/2019/12xxx/CVE-2019-12346.json
+++ b/2019/12xxx/CVE-2019-12346.json
@ -1,17 +1,61 @@
 {
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2019-12346",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2019-12346",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "name": "https://zeroauth.ltd/blog/2019/05/27/cve-2019-12346-miniorange-saml-sp-single-sign-on-wordpress-plugin-xss/",
                "url": "https://zeroauth.ltd/blog/2019/05/27/cve-2019-12346-miniorange-saml-sp-single-sign-on-wordpress-plugin-xss/"
            }
        ]
    }
--- a/2019/12xxx/CVE-2019-12814.json
+++ b/2019/12xxx/CVE-2019-12814.json
@ -81,6 +81,21 @@
                "refsource": "MLIST",
                "name": "[zookeeper-dev] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
                "url": "https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E"
            },
            {
                "refsource": "MLIST",
                "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli closed pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
                "url": "https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E"
            },
            {
                "refsource": "MLIST",
                "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
                "url": "https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E"
            },
            {
                "refsource": "MLIST",
                "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli commented on issue #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
                "url": "https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E"
            }
        ]
    }
--- a/2019/8xxx/CVE-2019-8341.json
+++ b/2019/8xxx/CVE-2019-8341.json
@ -66,6 +66,11 @@
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1395",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2019:1614",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html"
            }
        ]
    }