From 8cdeae38b650f353331a6d7f401c065320e4f8b5 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 27 Mar 2019 17:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/6xxx/CVE-2016-6827.json | 5 -- 2017/18xxx/CVE-2017-18364.json | 76 ++++++++++++++++++++++++ 2017/2xxx/CVE-2017-2748.json | 76 +++++++++++++++++++++--- 2017/2xxx/CVE-2017-2752.json | 67 +++++++++++++++++++--- 2017/9xxx/CVE-2017-9233.json | 5 ++ 2018/19xxx/CVE-2018-19466.json | 58 ++++++++++++++++++- 2018/19xxx/CVE-2018-19641.json | 102 ++++++++++++++++++++++++++++++--- 2018/19xxx/CVE-2018-19642.json | 86 ++++++++++++++++++++++++++- 2018/1xxx/CVE-2018-1060.json | 5 ++ 2018/1xxx/CVE-2018-1061.json | 5 ++ 2018/20xxx/CVE-2018-20406.json | 5 ++ 2019/10xxx/CVE-2019-10231.json | 67 ++++++++++++++++++++++ 2019/10xxx/CVE-2019-10232.json | 62 ++++++++++++++++++++ 2019/10xxx/CVE-2019-10233.json | 67 ++++++++++++++++++++++ 2019/10xxx/CVE-2019-10234.json | 18 ++++++ 2019/3xxx/CVE-2019-3871.json | 5 ++ 2019/9xxx/CVE-2019-9636.json | 5 ++ 2019/9xxx/CVE-2019-9894.json | 5 ++ 2019/9xxx/CVE-2019-9895.json | 5 ++ 2019/9xxx/CVE-2019-9897.json | 5 ++ 2019/9xxx/CVE-2019-9898.json | 5 ++ 21 files changed, 702 insertions(+), 32 deletions(-) create mode 100644 2017/18xxx/CVE-2017-18364.json create mode 100644 2019/10xxx/CVE-2019-10231.json create mode 100644 2019/10xxx/CVE-2019-10232.json create mode 100644 2019/10xxx/CVE-2019-10233.json create mode 100644 2019/10xxx/CVE-2019-10234.json diff --git a/2016/6xxx/CVE-2016-6827.json b/2016/6xxx/CVE-2016-6827.json index 71fb4951048..f6efab1105b 100644 --- a/2016/6xxx/CVE-2016-6827.json +++ b/2016/6xxx/CVE-2016-6827.json @@ -61,11 +61,6 @@ "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-en" - }, - { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-EN", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160815-01-fusioncompute-EN" } ] } diff --git a/2017/18xxx/CVE-2017-18364.json b/2017/18xxx/CVE-2017-18364.json new file mode 100644 index 00000000000..c9d36249a82 --- /dev/null +++ b/2017/18xxx/CVE-2017-18364.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18364", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netsparker.com/web-applications-advisories/ns-17-030-multiple-reflected-xss-vulnerabilities-in-phpfkl-lite/", + "refsource": "MISC", + "name": "https://www.netsparker.com/web-applications-advisories/ns-17-030-multiple-reflected-xss-vulnerabilities-in-phpfkl-lite/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2748.json b/2017/2xxx/CVE-2017-2748.json index bdc1f41c050..ed2a9b7abca 100644 --- a/2017/2xxx/CVE-2017-2748.json +++ b/2017/2xxx/CVE-2017-2748.json @@ -1,17 +1,79 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-2748", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-2748", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Isaac Mizrahi", + "product": { + "product_data": [ + { + "product_name": "Isaac Mizrahi Smartwatch Mobile App", + "version": { + "version_data": [ + { + "version_value": "Isaac Mizrahi iOS app versions 1.0.2.10" + }, + { + "version_value": "1.2.2.12" + }, + { + "version_value": "1.3.7" + }, + { + "version_value": "and 1.4.8. Isaac Mizrahi Android app versions 1.0.201601214" + }, + { + "version_value": "1.2.2016040820" + }, + { + "version_value": "1.3.2016052319" + }, + { + "version_value": "1.4.2016072601" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insecure HTTP during login." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/us-en/document/c05976868", + "url": "https://support.hp.com/us-en/document/c05976868" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue." } ] } diff --git a/2017/2xxx/CVE-2017-2752.json b/2017/2xxx/CVE-2017-2752.json index 99be302edc3..154740068a3 100644 --- a/2017/2xxx/CVE-2017-2752.json +++ b/2017/2xxx/CVE-2017-2752.json @@ -1,17 +1,70 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2017-2752", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-2752", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tommy Hilfiger", + "product": { + "product_data": [ + { + "product_name": "Tommy Hilfiger TH24/7 Android app", + "version": { + "version_data": [ + { + "version_value": "Tommy Hilfiger TH24/7 Android app versions 2.0.0.11" + }, + { + "version_value": "2.0.1.14" + }, + { + "version_value": "2.1.0.16" + }, + { + "version_value": "and 2.2.0.19." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information exposure of application configuration" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/us-en/document/c05904705", + "url": "https://support.hp.com/us-en/document/c05904705" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. HP has no access to customer data as a result of this issue." } ] } diff --git a/2017/9xxx/CVE-2017-9233.json b/2017/9xxx/CVE-2017-9233.json index a48cbac6516..536338f4225 100644 --- a/2017/9xxx/CVE-2017-9233.json +++ b/2017/9xxx/CVE-2017-9233.json @@ -101,6 +101,11 @@ "name": "[oss-security] 20170618 Expat 2.2.1 security fixes", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/06/17/7" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K03244804", + "url": "https://support.f5.com/csp/article/K03244804" } ] } diff --git a/2018/19xxx/CVE-2018-19466.json b/2018/19xxx/CVE-2018-19466.json index 8fb97fb2146..06c52909067 100644 --- a/2018/19xxx/CVE-2018-19466.json +++ b/2018/19xxx/CVE-2018-19466.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19466", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/portainer/portainer/pull/2488", + "refsource": "MISC", + "name": "https://github.com/portainer/portainer/pull/2488" + }, + { + "refsource": "MISC", + "name": "https://github.com/portainer/portainer/releases", + "url": "https://github.com/portainer/portainer/releases" + }, + { + "refsource": "MISC", + "name": "https://github.com/MauroEldritch/lempo", + "url": "https://github.com/MauroEldritch/lempo" } ] } diff --git a/2018/19xxx/CVE-2018-19641.json b/2018/19xxx/CVE-2018-19641.json index 76bdf09dc13..0ff4170bb6c 100644 --- a/2018/19xxx/CVE-2018-19641.json +++ b/2018/19xxx/CVE-2018-19641.json @@ -1,18 +1,104 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-19641", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "generator": { + "engine": "Vulnogram 0.0.5" + }, + "CVE_data_meta": { + "ID": "CVE-2018-19641", + "ASSIGNER": "security@suse.com", + "DATE_PUBLIC": "2019-01-23T01:00:00.000Z", + "TITLE": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5", + "AKA": "", + "STATE": "PUBLIC" + }, + "source": { + "defect": [], + "advisory": "", + "discovery": "EXTERNAL" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Micro Focus", + "product": { + "product_data": [ + { + "product_name": "Solutions Business Manager (SBM)", + "version": { + "version_data": [ + { + "version_value": "< 11.5" + } + ] + } + } + ] + } + } + ] + } + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unauthenticated remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm", + "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm" + } + ] + }, + "configuration": [], + "impact": { + "cvss": { + "version": "3.0", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + } + }, + "exploit": [], + "work_around": [], + "solution": [ + { + "lang": "eng", + "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5" + } + ], + "credit": [ + { + "lang": "eng", + "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE. \n\n" + } + ] } \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19642.json b/2018/19xxx/CVE-2018-19642.json index 38ebaedcf3f..ab7bc3665a0 100644 --- a/2018/19xxx/CVE-2018-19642.json +++ b/2018/19xxx/CVE-2018-19642.json @@ -1,9 +1,40 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "security@suse.com", + "DATE_PUBLIC": "2019-01-23T01:00:00.000Z", "ID": "CVE-2018-19642", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Micro Focus", + "product": { + "product_data": [ + { + "product_name": "Solutions Business Manager (SBM)", + "version": { + "version_data": [ + { + "version_value": "< 11.5" + } + ] + } + } + ] + } + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE. \n\n" + } + ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", @@ -11,8 +42,57 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.5" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm", + "refsource": "CONFIRM", + "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5" + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1060.json b/2018/1xxx/CVE-2018-1060.json index 1426a4ee40c..d116a5838aa 100644 --- a/2018/1xxx/CVE-2018-1060.json +++ b/2018/1xxx/CVE-2018-1060.json @@ -135,6 +135,11 @@ "name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-6e1938a3c5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" } ] } diff --git a/2018/1xxx/CVE-2018-1061.json b/2018/1xxx/CVE-2018-1061.json index 0581ec744e2..0cd006ad27e 100644 --- a/2018/1xxx/CVE-2018-1061.json +++ b/2018/1xxx/CVE-2018-1061.json @@ -135,6 +135,11 @@ "name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-6e1938a3c5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" } ] } diff --git a/2018/20xxx/CVE-2018-20406.json b/2018/20xxx/CVE-2018-20406.json index faa36eb3cf3..5f159a3e8ea 100644 --- a/2018/20xxx/CVE-2018-20406.json +++ b/2018/20xxx/CVE-2018-20406.json @@ -66,6 +66,11 @@ "name": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd", "refsource": "MISC", "url": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-6e1938a3c5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" } ] } diff --git a/2019/10xxx/CVE-2019-10231.json b/2019/10xxx/CVE-2019-10231.json new file mode 100644 index 00000000000..764a06b06c4 --- /dev/null +++ b/2019/10xxx/CVE-2019-10231.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi/pull/5520", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/pull/5520" + }, + { + "url": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10232.json b/2019/10xxx/CVE-2019-10232.json new file mode 100644 index 00000000000..20bf4c8da04 --- /dev/null +++ b/2019/10xxx/CVE-2019-10232.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10232", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Teclib GLPI through 9.3.3 has SQL injection via the \"cycle\" parameter in /scripts/unlock_tasks.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10233.json b/2019/10xxx/CVE-2019-10233.json new file mode 100644 index 00000000000..0f48b69edca --- /dev/null +++ b/2019/10xxx/CVE-2019-10233.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/releases/tag/9.4.1.1" + }, + { + "url": "https://github.com/glpi-project/glpi/pull/5562", + "refsource": "MISC", + "name": "https://github.com/glpi-project/glpi/pull/5562" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10234.json b/2019/10xxx/CVE-2019-10234.json new file mode 100644 index 00000000000..a981b800198 --- /dev/null +++ b/2019/10xxx/CVE-2019-10234.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10234", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3871.json b/2019/3xxx/CVE-2019-3871.json index acc90d3feaf..3764969ee3e 100644 --- a/2019/3xxx/CVE-2019-3871.json +++ b/2019/3xxx/CVE-2019-3871.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-b85d4171d4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9993d32c48", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/" } ] }, diff --git a/2019/9xxx/CVE-2019-9636.json b/2019/9xxx/CVE-2019-9636.json index fe0a1a811ae..f140932f362 100644 --- a/2019/9xxx/CVE-2019-9636.json +++ b/2019/9xxx/CVE-2019-9636.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-243442e600", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-6e1938a3c5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" } ] } diff --git a/2019/9xxx/CVE-2019-9894.json b/2019/9xxx/CVE-2019-9894.json index 7542c48d1f4..6eaf4216d2b 100644 --- a/2019/9xxx/CVE-2019-9894.json +++ b/2019/9xxx/CVE-2019-9894.json @@ -56,6 +56,11 @@ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "refsource": "MISC", "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-5776dfe300", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" } ] } diff --git a/2019/9xxx/CVE-2019-9895.json b/2019/9xxx/CVE-2019-9895.json index 844a03def79..1e6fa903c65 100644 --- a/2019/9xxx/CVE-2019-9895.json +++ b/2019/9xxx/CVE-2019-9895.json @@ -56,6 +56,11 @@ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "refsource": "MISC", "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-5776dfe300", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" } ] } diff --git a/2019/9xxx/CVE-2019-9897.json b/2019/9xxx/CVE-2019-9897.json index 2eaa93fba6e..457806f9ecf 100644 --- a/2019/9xxx/CVE-2019-9897.json +++ b/2019/9xxx/CVE-2019-9897.json @@ -56,6 +56,11 @@ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "refsource": "MISC", "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-5776dfe300", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" } ] } diff --git a/2019/9xxx/CVE-2019-9898.json b/2019/9xxx/CVE-2019-9898.json index a0093ea8560..2ffe1eaa857 100644 --- a/2019/9xxx/CVE-2019-9898.json +++ b/2019/9xxx/CVE-2019-9898.json @@ -61,6 +61,11 @@ "refsource": "BID", "name": "107523", "url": "http://www.securityfocus.com/bid/107523" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-5776dfe300", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" } ] }