admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-22 18:00:50 +00:00
parent d072123511
commit 96fa767e2c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
28 changed files with 1537 additions and 529 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
2017/6xxx/CVE-2017-6514.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6514", "ID": "CVE-2017-6514",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the \"author_name\":\" substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/CFSECURITE/wordpress",
"refsource": "MISC",
"name": "https://github.com/CFSECURITE/wordpress"
},
{
"url": "https://web.archive.org/web/20180612235401/https://github.com/CFSECURITE/wordpress",
"refsource": "MISC",
"name": "https://web.archive.org/web/20180612235401/https://github.com/CFSECURITE/wordpress"
} }
] ]
} }

63
2018/14xxx/CVE-2018-14729.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14729", "ID": "CVE-2018-14729",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://tencent.com",
"refsource": "MISC",
"name": "http://tencent.com"
},
{
"url": "http://discuz.com",
"refsource": "MISC",
"name": "http://discuz.com"
},
{
"refsource": "MISC",
"name": "https://github.com/FoolMitAh/CVE-2018-14729/blob/master/Discuz_backend_getshell.md",
"url": "https://github.com/FoolMitAh/CVE-2018-14729/blob/master/Discuz_backend_getshell.md"
},
{
"refsource": "MISC",
"name": "http://www.cnvd.org.cn/flaw/show/CNVD-2018-17059",
"url": "http://www.cnvd.org.cn/flaw/show/CNVD-2018-17059"
} }
] ]
} }

48
2018/7xxx/CVE-2018-7202.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7202", "ID": "CVE-2018-7202",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in ProjectSend before r1053. XSS exists in the \"Name\" field on the My Account page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.projectsend.org/change-log-detail/r1053/",
"refsource": "MISC",
"name": "https://www.projectsend.org/change-log-detail/r1053/"
} }
] ]
} }

9
2019/10xxx/CVE-2019-10132.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-10132", "ID": "CVE-2019-10132",
"ASSIGNER": "lpardo@redhat.com" "ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -44,7 +45,9 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://security.libvirt.org/2019/0003.html" "url": "https://security.libvirt.org/2019/0003.html",
"refsource": "MISC",
"name": "https://security.libvirt.org/2019/0003.html"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132",
@ -71,4 +74,4 @@
] ]
] ]
} }
} }

61
2019/11xxx/CVE-2019-11231.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-11231",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-11231",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content (PHP code, for example). This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to the official documentation for installation step 10, an admin is required to upload all the files, including the .htaccess files, and run a health check. However, what is overlooked is that the Apache HTTP Server by default no longer enables the AllowOverride directive, leading to data/users/admin.xml password exposure. The passwords are hashed but this can be bypassed by starting with the data/other/authorization.xml API key. This allows one to target the session state, since they decided to roll their own implementation. The cookie_name is crafted information that can be leaked from the frontend (site name and version). If a someone leaks the API key and the admin username, then they can bypass authentication. To do so, they need to supply a cookie based on an SHA-1 computation of this known information. The vulnerability exists in the admin/theme-edit.php file. This file checks for forms submissions via POST requests, and for the csrf nonce. If the nonce sent is correct, then the file provided by the user is uploaded. There is a path traversal allowing write access outside the jailed themes directory root. Exploiting the traversal is not necessary because the .htaccess file is ignored. A contributing factor is that there isn't another check on the extension before saving the file, with the assumption that the parameter content is safe. This allows the creation of web accessible and executable files with arbitrary content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ssd-disclosure.com/?p=3899&preview=true",
"refsource": "MISC",
"name": "https://ssd-disclosure.com/?p=3899&preview=true"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152961/GetSimpleCMS-3.3.15-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/152961/GetSimpleCMS-3.3.15-Remote-Code-Execution.html"
} }
] ]
} }

61
2019/11xxx/CVE-2019-11536.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-11536",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-11536",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3.0.0, 3.1.0, 3.1.16, 3.2.3, 3.2.6, 3.5.0, 3.6.0, and 3.6.1, when WebHMI is not installed, allows an attacker to inject client-side commands or scripts to be executed on the device with privileged access, aka CYB/2019/19561. The attack requires network connectivity to the device and exploits the webserver interface, typically through a browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.kalkitech.com/cybersecurity/",
"refsource": "MISC",
"name": "https://www.kalkitech.com/cybersecurity/"
},
{
"refsource": "MISC",
"name": "https://www.kalkitech.com/wp-content/uploads/CYB_19561_Advisory.pdf",
"url": "https://www.kalkitech.com/wp-content/uploads/CYB_19561_Advisory.pdf"
} }
] ]
} }

5
2019/12xxx/CVE-2019-12163.json
View File

@ -57,6 +57,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://seclists.org/fulldisclosure/2019/May/29" "name": "https://seclists.org/fulldisclosure/2019/May/29"
}, },
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152964/GAT-Ship-Web-Module-1.30-Information-Disclosure.html",
"url": "http://packetstormsecurity.com/files/152964/GAT-Ship-Web-Module-1.30-Information-Disclosure.html"
},
{ {
"refsource": "FULLDISC", "refsource": "FULLDISC",
"name": "20190521 Re: GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability", "name": "20190521 Re: GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability",

61
2019/12xxx/CVE-2019-12167.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-12167",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-12167",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "httpGetSet/httpGet.htm on Emerson Network Power Liebert Challenger 5.1E0.5 devices allows XSS via the statusstr parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.emerson.com/en-us/support",
"refsource": "MISC",
"name": "https://www.emerson.com/en-us/support"
},
{
"refsource": "MISC",
"name": "https://seclists.org/bugtraq/2019/May/51",
"url": "https://seclists.org/bugtraq/2019/May/51"
} }
] ]
} }

132
2019/3xxx/CVE-2019-3401.json
View File

@ -1,70 +1,66 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-05-08T00:00:00", "DATE_PUBLIC": "2019-05-08T00:00:00",
"ID": "CVE-2019-3401", "ID": "CVE-2019-3401",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Atlassian",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Jira", {
"version": { "product_name": "Jira",
"version_data": [ "version": {
{ "version_data": [
"version_value": "7.13.3", {
"version_affected": "<" "version_value": "versions prior to 7.13.3"
}, },
{ {
"version_value": "8.0.0", "version_value": "from version 8.0.0 to versions before 8.1.1"
"version_affected": ">=" }
}, ]
{ }
"version_value": "8.1.1", }
"version_affected": "<" ]
} }
] }
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization (CWE-863)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-69244" "description_data": [
} {
] "lang": "eng",
} "value": "The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check."
} }
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization (CWE-863)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69244",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69244"
}
]
}
}

132
2019/3xxx/CVE-2019-3402.json
View File

@ -1,70 +1,66 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-05-08T00:00:00", "DATE_PUBLIC": "2019-05-08T00:00:00",
"ID": "CVE-2019-3402", "ID": "CVE-2019-3402",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Atlassian",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Jira", {
"version": { "product_name": "Jira",
"version_data": [ "version": {
{ "version_data": [
"version_value": "7.13.3", {
"version_affected": "<" "version_value": "before 7.13.3"
}, },
{ {
"version_value": "8.0.0", "version_value": "from version 8.0.0 to versions before 8.1.1"
"version_affected": ">=" }
}, ]
{ }
"version_value": "8.1.1", }
"version_affected": "<" ]
} }
] }
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-69243" "description_data": [
} {
] "lang": "eng",
} "value": "The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the searchOwnerUserName parameter."
} }
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69243",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69243"
}
]
}
}

143
2019/3xxx/CVE-2019-3403.json
View File

@ -1,78 +1,69 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-05-08T00:00:00", "DATE_PUBLIC": "2019-05-08T00:00:00",
"ID": "CVE-2019-3403", "ID": "CVE-2019-3403",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Atlassian",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Jira", {
"version": { "product_name": "Jira",
"version_data": [ "version": {
{ "version_data": [
"version_value": "7.13.3", {
"version_affected": "<" "version_value": "before 7.13.3"
}, },
{ {
"version_value": "8.0.0", "version_value": "from 8.0.0 to versions before 8.0.4"
"version_affected": ">=" },
}, {
{ "version_value": "from 8.1.0 to versions before 8.1.1"
"version_value": "8.0.4", }
"version_affected": "<" ]
}, }
{ }
"version_value": "8.1.0", ]
"version_affected": ">=" }
}, }
{
"version_value": "8.1.1",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization (CWE-863)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-69242" "description_data": [
} {
] "lang": "eng",
} "value": "The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check."
} }
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Authorization (CWE-863)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69242",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69242"
}
]
}
}

14
2019/3xxx/CVE-2019-3724.json
View File

@ -43,7 +43,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security Analytics versions prior to 10.6.6.1 are vulnerable to an Authorization Bypass vulnerability. A remote low privileged attacker could potentially exploit this vulnerability to gain access to administrative information including credentials." "value": "RSA Netwitness Platform versions prior to 11.2.1.1 is vulnerable to an Authorization Bypass vulnerability. A remote low privileged attacker could potentially exploit this vulnerability to gain access to administrative information including credentials."
} }
] ]
}, },
@ -84,20 +84,10 @@
"name": "https://community.rsa.com/docs/DOC-104202", "name": "https://community.rsa.com/docs/DOC-104202",
"refsource": "CONFIRM", "refsource": "CONFIRM",
"url": "https://community.rsa.com/docs/DOC-104202" "url": "https://community.rsa.com/docs/DOC-104202"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152943/RSA-NetWitness-Authorization-Bypass.html",
"url": "http://packetstormsecurity.com/files/152943/RSA-NetWitness-Authorization-Bypass.html"
},
{
"refsource": "BID",
"name": "108357",
"url": "http://www.securityfocus.com/bid/108357"
} }
] ]
}, },
"source": { "source": {
"discovery": "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

72
2019/7xxx/CVE-2019-7818.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7818",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Write"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108322",
"url": "http://www.securityfocus.com/bid/108322"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-503/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-503/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7818",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7821.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7821",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-506/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-506/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7821",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7822.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7822",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Write"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108322",
"url": "http://www.securityfocus.com/bid/108322"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-505/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-505/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7822",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7823.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7823",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-507/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-507/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7823",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7824.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7824",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Error"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108323",
"url": "http://www.securityfocus.com/bid/108323"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-508/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-508/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7824",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7825.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7825",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Write"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108322",
"url": "http://www.securityfocus.com/bid/108322"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-509/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-509/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7825",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7826.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7826",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Read\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108326",
"url": "http://www.securityfocus.com/bid/108326"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-510/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-510/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7826",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7827.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7827",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108325",
"url": "http://www.securityfocus.com/bid/108325"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-513/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-513/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7827",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7828.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7828",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108325",
"url": "http://www.securityfocus.com/bid/108325"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-512/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-512/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7828",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7829.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7829",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-Bounds Write"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108322",
"url": "http://www.securityfocus.com/bid/108322"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-511/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-511/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7829",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7830.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7830",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-514/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-514/"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7830",
"ASSIGNER": "psirt@adobe.com"
} }
} }

72
2019/7xxx/CVE-2019-7831.json
View File

@ -1,18 +1,72 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7831",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
},
{
"refsource": "MISC",
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0796",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0796"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7831",
"ASSIGNER": "psirt@adobe.com"
} }
} }

67
2019/7xxx/CVE-2019-7832.json
View File

@ -1,18 +1,67 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7832",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7832",
"ASSIGNER": "psirt@adobe.com"
} }
} }

67
2019/7xxx/CVE-2019-7833.json
View File

@ -1,18 +1,67 @@
{ {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7833",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
} }
] ]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions"
}
]
},
"product_name": "Adobe Acrobat and Reader"
}
]
},
"vendor_name": "Adobe"
}
]
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free\u202f\u202f"
}
]
}
]
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html",
"refsource": "CONFIRM",
"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html"
},
{
"refsource": "BID",
"name": "108320",
"url": "http://www.securityfocus.com/bid/108320"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-7833",
"ASSIGNER": "psirt@adobe.com"
} }
} }

143
2019/8xxx/CVE-2019-8442.json
View File

@ -1,78 +1,69 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-05-08T00:00:00", "DATE_PUBLIC": "2019-05-08T00:00:00",
"ID": "CVE-2019-8442", "ID": "CVE-2019-8442",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Atlassian",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Jira", {
"version": { "product_name": "Jira",
"version_data": [ "version": {
{ "version_data": [
"version_value": "7.13.4", {
"version_affected": "<" "version_value": "before 7.13.4"
}, },
{ {
"version_value": "8.0.0", "version_value": "from 8.0.0 to versions before 8.0.4"
"version_affected": ">=" },
}, {
{ "version_value": "from 8.1.0 to versions before 8.1.1"
"version_value": "8.0.4", }
"version_affected": "<" ]
}, }
{ }
"version_value": "8.1.0", ]
"version_affected": ">=" }
}, }
{
"version_value": "8.1.1",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-69241" "description_data": [
} {
] "lang": "eng",
} "value": "The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check."
} }
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69241",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69241"
}
]
}
}

143
2019/8xxx/CVE-2019-8443.json
View File

@ -1,78 +1,69 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2019-05-08T00:00:00", "DATE_PUBLIC": "2019-05-08T00:00:00",
"ID": "CVE-2019-8443", "ID": "CVE-2019-8443",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "Atlassian",
"product_data": [ "product": {
{ "product_data": [
"product_name": "Jira", {
"version": { "product_name": "Jira",
"version_data": [ "version": {
{ "version_data": [
"version_value": "7.13.4", {
"version_affected": "<" "version_value": "before 7.13.4"
}, },
{ {
"version_value": "8.0.0", "version_value": "from 8.0.0 to versions before 8.0.4"
"version_affected": ">=" },
}, {
{ "version_value": "from 8.1.0 to versions before 8.1.1"
"version_value": "8.0.4", }
"version_affected": "<" ]
}, }
{ }
"version_value": "8.1.0", ]
"version_affected": ">=" }
}, }
{
"version_value": "8.1.1",
"version_affected": "<"
}
]
}
}
]
},
"vendor_name": "Atlassian"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references": { "data_type": "CVE",
"reference_data": [ "data_version": "4.0",
{ "description": {
"url": "https://jira.atlassian.com/browse/JRASERVER-69240" "description_data": [
} {
] "lang": "eng",
} "value": "The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers who have obtained access to administrator's session to access the ViewUpgrades administrative resource without needing to re-authenticate to pass \"WebSudo\" through an improper access control vulnerability."
} }
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/JRASERVER-69240",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-69240"
}
]
}
}