From 94f427f36bf44b85a3d5fa0da4fe77033c3dd00a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sat, 17 Aug 2019 18:00:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/14xxx/CVE-2019-14318.json | 5 +++ 2019/15xxx/CVE-2019-15132.json | 62 ++++++++++++++++++++++++++++++++++ 2019/15xxx/CVE-2019-15133.json | 62 ++++++++++++++++++++++++++++++++++ 2019/15xxx/CVE-2019-15134.json | 62 ++++++++++++++++++++++++++++++++++ 4 files changed, 191 insertions(+) create mode 100644 2019/15xxx/CVE-2019-15132.json create mode 100644 2019/15xxx/CVE-2019-15133.json create mode 100644 2019/15xxx/CVE-2019-15134.json diff --git a/2019/14xxx/CVE-2019-14318.json b/2019/14xxx/CVE-2019-14318.json index 443bfa8e97a..6e888a1c98e 100644 --- a/2019/14xxx/CVE-2019-14318.json +++ b/2019/14xxx/CVE-2019-14318.json @@ -61,6 +61,11 @@ "url": "https://tches.iacr.org/index.php/TCHES/article/view/7337", "refsource": "MISC", "name": "https://tches.iacr.org/index.php/TCHES/article/view/7337" + }, + { + "refsource": "MISC", + "name": "https://github.com/weidai11/cryptopp/issues/869", + "url": "https://github.com/weidai11/cryptopp/issues/869" } ] } diff --git a/2019/15xxx/CVE-2019-15132.json b/2019/15xxx/CVE-2019-15132.json new file mode 100644 index 00000000000..8085b99bd5e --- /dev/null +++ b/2019/15xxx/CVE-2019-15132.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15132", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the \"Login name or password is incorrect\" and \"No permissions for system access\" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.zabbix.com/browse/ZBX-16532", + "refsource": "MISC", + "name": "https://support.zabbix.com/browse/ZBX-16532" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15133.json b/2019/15xxx/CVE-2019-15133.json new file mode 100644 index 00000000000..69a483bc1af --- /dev/null +++ b/2019/15xxx/CVE-2019-15133.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13008", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13008" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15134.json b/2019/15xxx/CVE-2019-15134.json new file mode 100644 index 00000000000..afd38721b8f --- /dev/null +++ b/2019/15xxx/CVE-2019-15134.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15134", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RIOT through 2019.07 contains a memory leak in the TCP implementation (gnrc_tcp), allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to _receive in sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c upon receiving an ACK before a SYN." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/RIOT-OS/RIOT/pull/12001", + "refsource": "MISC", + "name": "https://github.com/RIOT-OS/RIOT/pull/12001" + } + ] + } +} \ No newline at end of file