From 86c2d1ef2f63e015dfc625930e95d6104055c4df Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 4 Apr 2019 18:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/17xxx/CVE-2018-17189.json | 5 +++ 2018/17xxx/CVE-2018-17199.json | 5 +++ 2019/10xxx/CVE-2019-10863.json | 67 ++++++++++++++++++++++++++++++++++ 2019/10xxx/CVE-2019-10864.json | 18 +++++++++ 2019/10xxx/CVE-2019-10865.json | 18 +++++++++ 2019/10xxx/CVE-2019-10866.json | 18 +++++++++ 2019/10xxx/CVE-2019-10867.json | 67 ++++++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9210.json | 5 +++ 8 files changed, 203 insertions(+) create mode 100644 2019/10xxx/CVE-2019-10863.json create mode 100644 2019/10xxx/CVE-2019-10864.json create mode 100644 2019/10xxx/CVE-2019-10865.json create mode 100644 2019/10xxx/CVE-2019-10866.json create mode 100644 2019/10xxx/CVE-2019-10867.json diff --git a/2018/17xxx/CVE-2018-17189.json b/2018/17xxx/CVE-2018-17189.json index 4926bba06df..1294c50e6b5 100644 --- a/2018/17xxx/CVE-2018-17189.json +++ b/2018/17xxx/CVE-2018-17189.json @@ -87,6 +87,11 @@ "refsource": "BUGTRAQ", "name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update", "url": "https://seclists.org/bugtraq/2019/Apr/5" + }, + { + "refsource": "UBUNTU", + "name": "USN-3937-1", + "url": "https://usn.ubuntu.com/3937-1/" } ] } diff --git a/2018/17xxx/CVE-2018-17199.json b/2018/17xxx/CVE-2018-17199.json index 24d44cbc9d0..e93414e8e60 100644 --- a/2018/17xxx/CVE-2018-17199.json +++ b/2018/17xxx/CVE-2018-17199.json @@ -82,6 +82,11 @@ "refsource": "BUGTRAQ", "name": "20190403 [SECURITY] [DSA 4422-1] apache2 security update", "url": "https://seclists.org/bugtraq/2019/Apr/5" + }, + { + "refsource": "UBUNTU", + "name": "USN-3937-1", + "url": "https://usn.ubuntu.com/3937-1/" } ] } diff --git a/2019/10xxx/CVE-2019-10863.json b/2019/10xxx/CVE-2019-10863.json new file mode 100644 index 00000000000..4084bcd89ee --- /dev/null +++ b/2019/10xxx/CVE-2019-10863.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10863", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/46641", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/46641" + }, + { + "url": "https://pentest.com.tr/exploits/TeemIp-IPAM-2-4-0-new-config-Command-Injection-Metasploit.html", + "refsource": "MISC", + "name": "https://pentest.com.tr/exploits/TeemIp-IPAM-2-4-0-new-config-Command-Injection-Metasploit.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10864.json b/2019/10xxx/CVE-2019-10864.json new file mode 100644 index 00000000000..eca78b314ee --- /dev/null +++ b/2019/10xxx/CVE-2019-10864.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10864", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10865.json b/2019/10xxx/CVE-2019-10865.json new file mode 100644 index 00000000000..aabf12a73f7 --- /dev/null +++ b/2019/10xxx/CVE-2019-10865.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10865", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10866.json b/2019/10xxx/CVE-2019-10866.json new file mode 100644 index 00000000000..1e667e69978 --- /dev/null +++ b/2019/10xxx/CVE-2019-10866.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10866", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10867.json b/2019/10xxx/CVE-2019-10867.json new file mode 100644 index 00000000000..5abcdef7e98 --- /dev/null +++ b/2019/10xxx/CVE-2019-10867.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-173998", + "refsource": "MISC", + "name": "https://snyk.io/vuln/SNYK-PHP-PIMCOREPIMCORE-173998" + }, + { + "url": "https://github.com/pimcore/pimcore/commit/38a29e2f4f5f060a73974626952501cee05fda73", + "refsource": "MISC", + "name": "https://github.com/pimcore/pimcore/commit/38a29e2f4f5f060a73974626952501cee05fda73" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9210.json b/2019/9xxx/CVE-2019-9210.json index b1dce40ed3c..d1bd9b91526 100644 --- a/2019/9xxx/CVE-2019-9210.json +++ b/2019/9xxx/CVE-2019-9210.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-ee98058a22", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4/" + }, + { + "refsource": "UBUNTU", + "name": "USN-3936-1", + "url": "https://usn.ubuntu.com/3936-1/" } ] }