diff --git a/2015/9xxx/CVE-2015-9463.json b/2015/9xxx/CVE-2015-9463.json new file mode 100644 index 00000000000..70e04284044 --- /dev/null +++ b/2015/9xxx/CVE-2015-9463.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9463", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/s3bubble-amazon-s3-audio-streaming/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/s3bubble-amazon-s3-audio-streaming/#developers" + }, + { + "url": "http://packetstormsecurity.com/files/132578/", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/132578/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9465.json b/2015/9xxx/CVE-2015-9465.json new file mode 100644 index 00000000000..eae72608a23 --- /dev/null +++ b/2015/9xxx/CVE-2015-9465.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8309", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8309" + }, + { + "url": "https://wordpress.org/plugins/yet-another-stars-rating/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/yet-another-stars-rating/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_041b796c7533880df03a43895fed5f00.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_041b796c7533880df03a43895fed5f00.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9466.json b/2015/9xxx/CVE-2015-9466.json new file mode 100644 index 00000000000..477fd139b55 --- /dev/null +++ b/2015/9xxx/CVE-2015-9466.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8318", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8318" + }, + { + "url": "https://wordpress.org/plugins/wti-like-post/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wti-like-post/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_576345187f5867ec8921b12de5884fb1.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_576345187f5867ec8921b12de5884fb1.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9467.json b/2015/9xxx/CVE-2015-9467.json new file mode 100644 index 00000000000..a5804e6864a --- /dev/null +++ b/2015/9xxx/CVE-2015-9467.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9467", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8320", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8320" + }, + { + "url": "https://wordpress.org/plugins/broken-link-manager/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/broken-link-manager/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_604dd4c86dca013f6e5e89751352f36d.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_604dd4c86dca013f6e5e89751352f36d.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9468.json b/2015/9xxx/CVE-2015-9468.json new file mode 100644 index 00000000000..93cd077ec78 --- /dev/null +++ b/2015/9xxx/CVE-2015-9468.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9468", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/broken-link-manager/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/broken-link-manager/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_604dd4c86dca013f6e5e89751352f36d.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_604dd4c86dca013f6e5e89751352f36d.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9469.json b/2015/9xxx/CVE-2015-9469.json new file mode 100644 index 00000000000..7c95417eb49 --- /dev/null +++ b/2015/9xxx/CVE-2015-9469.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/content-grabber/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/content-grabber/#developers" + }, + { + "url": "https://packetstormsecurity.com/files/132910/", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/132910/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9470.json b/2015/9xxx/CVE-2015-9470.json new file mode 100644 index 00000000000..32ebb00337c --- /dev/null +++ b/2015/9xxx/CVE-2015-9470.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/history-collection/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/history-collection/#developers" + }, + { + "url": "https://packetstormsecurity.com/files/132279/", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/132279/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9471.json b/2015/9xxx/CVE-2015-9471.json new file mode 100644 index 00000000000..0825bb7b9a9 --- /dev/null +++ b/2015/9xxx/CVE-2015-9471.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9471", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8019", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8019" + }, + { + "url": "https://wordpress.org/plugins/dzs-zoomsounds/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/dzs-zoomsounds/#developers" + }, + { + "url": "https://packetstormsecurity.com/files/132124/", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/132124/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9472.json b/2015/9xxx/CVE-2015-9472.json new file mode 100644 index 00000000000..1e2d43ddc8f --- /dev/null +++ b/2015/9xxx/CVE-2015-9472.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8015", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8015" + }, + { + "url": "https://wordpress.org/plugins/incoming-links/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/incoming-links/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/1080044/incoming-links", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/1080044/incoming-links" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9473.json b/2015/9xxx/CVE-2015-9473.json new file mode 100644 index 00000000000..de8097c5087 --- /dev/null +++ b/2015/9xxx/CVE-2015-9473.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/132042/", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/132042/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9474.json b/2015/9xxx/CVE-2015-9474.json new file mode 100644 index 00000000000..8f7a5b962ce --- /dev/null +++ b/2015/9xxx/CVE-2015-9474.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9474", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8061", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8061" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9475.json b/2015/9xxx/CVE-2015-9475.json new file mode 100644 index 00000000000..c03dd2007db --- /dev/null +++ b/2015/9xxx/CVE-2015-9475.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Pont theme 1.5 for WordPress has insufficient restrictions on option updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8061", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8061" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9476.json b/2015/9xxx/CVE-2015-9476.json new file mode 100644 index 00000000000..cbbc060b503 --- /dev/null +++ b/2015/9xxx/CVE-2015-9476.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9476", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8061", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8061" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9477.json b/2015/9xxx/CVE-2015-9477.json new file mode 100644 index 00000000000..e9a91867292 --- /dev/null +++ b/2015/9xxx/CVE-2015-9477.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8061", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8061" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9478.json b/2015/9xxx/CVE-2015-9478.json new file mode 100644 index 00000000000..4682145c15d --- /dev/null +++ b/2015/9xxx/CVE-2015-9478.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9478", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/scaron/prettyphoto/releases/tag/3.1.6", + "refsource": "MISC", + "name": "https://github.com/scaron/prettyphoto/releases/tag/3.1.6" + }, + { + "url": "https://github.com/scaron/prettyphoto/issues/149", + "refsource": "MISC", + "name": "https://github.com/scaron/prettyphoto/issues/149" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9479.json b/2015/9xxx/CVE-2015-9479.json new file mode 100644 index 00000000000..fdc791512dc --- /dev/null +++ b/2015/9xxx/CVE-2015-9479.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9479", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/132590/", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/132590/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9480.json b/2015/9xxx/CVE-2015-9480.json new file mode 100644 index 00000000000..b4e26dd58f7 --- /dev/null +++ b/2015/9xxx/CVE-2015-9480.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "Exploit Database", + "url": "https://www.exploit-db.com/exploits/37252" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15221.json b/2017/15xxx/CVE-2017-15221.json index 3da3d8858df..e46eb456713 100644 --- a/2017/15xxx/CVE-2017-15221.json +++ b/2017/15xxx/CVE-2017-15221.json @@ -61,6 +61,11 @@ "name": "42974", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/42974/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154788/ASX-To-MP3-Converter-3.1.3.7-Stack-Overflow.html", + "url": "http://packetstormsecurity.com/files/154788/ASX-To-MP3-Converter-3.1.3.7-Stack-Overflow.html" } ] } diff --git a/2018/11xxx/CVE-2018-11307.json b/2018/11xxx/CVE-2018-11307.json index 4d821807d79..e485ba901c7 100644 --- a/2018/11xxx/CVE-2018-11307.json +++ b/2018/11xxx/CVE-2018-11307.json @@ -101,6 +101,11 @@ "refsource": "MLIST", "name": "[lucene-issues] 20191004 [GitHub] [lucene-solr] marungo opened a new pull request #925: SOLR-13818: Upgrade jackson to 2.10.0", "url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/12xxx/CVE-2018-12022.json b/2018/12xxx/CVE-2018-12022.json index c86253f8c5e..517a53c2a62 100644 --- a/2018/12xxx/CVE-2018-12022.json +++ b/2018/12xxx/CVE-2018-12022.json @@ -181,6 +181,11 @@ "refsource": "MLIST", "name": "[lucene-issues] 20191004 [GitHub] [lucene-solr] marungo opened a new pull request #925: SOLR-13818: Upgrade jackson to 2.10.0", "url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/12xxx/CVE-2018-12023.json b/2018/12xxx/CVE-2018-12023.json index cad28345270..a087ba4989e 100644 --- a/2018/12xxx/CVE-2018-12023.json +++ b/2018/12xxx/CVE-2018-12023.json @@ -181,6 +181,11 @@ "refsource": "MLIST", "name": "[lucene-issues] 20191004 [GitHub] [lucene-solr] marungo opened a new pull request #925: SOLR-13818: Upgrade jackson to 2.10.0", "url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/14xxx/CVE-2018-14718.json b/2018/14xxx/CVE-2018-14718.json index 5ea27cc6a13..9b1e5074623 100644 --- a/2018/14xxx/CVE-2018-14718.json +++ b/2018/14xxx/CVE-2018-14718.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2858", "url": "https://access.redhat.com/errata/RHSA-2019:2858" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/14xxx/CVE-2018-14719.json b/2018/14xxx/CVE-2018-14719.json index 2b7ea94864b..80148df3c18 100644 --- a/2018/14xxx/CVE-2018-14719.json +++ b/2018/14xxx/CVE-2018-14719.json @@ -151,6 +151,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2858", "url": "https://access.redhat.com/errata/RHSA-2019:2858" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/19xxx/CVE-2018-19360.json b/2018/19xxx/CVE-2018-19360.json index c92f1adeb86..234c41d0456 100644 --- a/2018/19xxx/CVE-2018-19360.json +++ b/2018/19xxx/CVE-2018-19360.json @@ -166,6 +166,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2858", "url": "https://access.redhat.com/errata/RHSA-2019:2858" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/19xxx/CVE-2018-19361.json b/2018/19xxx/CVE-2018-19361.json index 291eb042aac..c89cf70bb1b 100644 --- a/2018/19xxx/CVE-2018-19361.json +++ b/2018/19xxx/CVE-2018-19361.json @@ -166,6 +166,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2858", "url": "https://access.redhat.com/errata/RHSA-2019:2858" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2018/19xxx/CVE-2018-19362.json b/2018/19xxx/CVE-2018-19362.json index 16f6cfcbfaf..01512dddc31 100644 --- a/2018/19xxx/CVE-2018-19362.json +++ b/2018/19xxx/CVE-2018-19362.json @@ -166,6 +166,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2858", "url": "https://access.redhat.com/errata/RHSA-2019:2858" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3002", + "url": "https://access.redhat.com/errata/RHSA-2019:3002" } ] } diff --git a/2019/13xxx/CVE-2019-13529.json b/2019/13xxx/CVE-2019-13529.json index 0a61cfba43b..67d2619b59e 100644 --- a/2019/13xxx/CVE-2019-13529.json +++ b/2019/13xxx/CVE-2019-13529.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.us-cert.gov/ics/advisories/icsa-19-281-01", "url": "https://www.us-cert.gov/ics/advisories/icsa-19-281-01" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154789/SMA-Solar-Technology-AG-Sunny-WebBox-1.6-Cross-Site-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/154789/SMA-Solar-Technology-AG-Sunny-WebBox-1.6-Cross-Site-Request-Forgery.html" } ] }, diff --git a/2019/16xxx/CVE-2019-16905.json b/2019/16xxx/CVE-2019-16905.json index 3052f191959..fc1671e2b48 100644 --- a/2019/16xxx/CVE-2019-16905.json +++ b/2019/16xxx/CVE-2019-16905.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1153537", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1153537" + }, + { + "refsource": "MISC", + "name": "https://0day.life/exploits/0day-1009.html", + "url": "https://0day.life/exploits/0day-1009.html" } ] } diff --git a/2019/17xxx/CVE-2019-17264.json b/2019/17xxx/CVE-2019-17264.json index a0b2dab86f5..3085e35783f 100644 --- a/2019/17xxx/CVE-2019-17264.json +++ b/2019/17xxx/CVE-2019-17264.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset." + "value": "** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in the GitHub issue." } ] }, diff --git a/2019/17xxx/CVE-2019-17401.json b/2019/17xxx/CVE-2019-17401.json index 05006f24f82..0e4bf89bac6 100644 --- a/2019/17xxx/CVE-2019-17401.json +++ b/2019/17xxx/CVE-2019-17401.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264." + "value": "** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_location_information_read_data in liblnk_location_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue." } ] }, diff --git a/2019/17xxx/CVE-2019-17450.json b/2019/17xxx/CVE-2019-17450.json new file mode 100644 index 00000000000..d329e09201a --- /dev/null +++ b/2019/17xxx/CVE-2019-17450.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25078", + "refsource": "MISC", + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17451.json b/2019/17xxx/CVE-2019-17451.json new file mode 100644 index 00000000000..fc70fc7b157 --- /dev/null +++ b/2019/17xxx/CVE-2019-17451.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1", + "refsource": "MISC", + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "refsource": "MISC", + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=25070" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17452.json b/2019/17xxx/CVE-2019-17452.json new file mode 100644 index 00000000000..2a81c109c4c --- /dev/null +++ b/2019/17xxx/CVE-2019-17452.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/434", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/434" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17453.json b/2019/17xxx/CVE-2019-17453.json new file mode 100644 index 00000000000..42c73da01bc --- /dev/null +++ b/2019/17xxx/CVE-2019-17453.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/437", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/437" + }, + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/436", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/436" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17454.json b/2019/17xxx/CVE-2019-17454.json new file mode 100644 index 00000000000..39a9d22ff46 --- /dev/null +++ b/2019/17xxx/CVE-2019-17454.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/435", + "refsource": "MISC", + "name": "https://github.com/axiomatic-systems/Bento4/issues/435" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1343.json b/2019/1xxx/CVE-2019-1343.json index c2accc6711e..5b51e61daf7 100644 --- a/2019/1xxx/CVE-2019-1343.json +++ b/2019/1xxx/CVE-2019-1343.json @@ -181,6 +181,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1343", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1343" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154798/Microsoft-Windows-Kernel-nt-MiOffsetToProtos-NULL-Pointer-Dereference.html", + "url": "http://packetstormsecurity.com/files/154798/Microsoft-Windows-Kernel-nt-MiOffsetToProtos-NULL-Pointer-Dereference.html" } ] } diff --git a/2019/1xxx/CVE-2019-1344.json b/2019/1xxx/CVE-2019-1344.json index eabfa1517a7..f381826aefe 100644 --- a/2019/1xxx/CVE-2019-1344.json +++ b/2019/1xxx/CVE-2019-1344.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1344", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1344" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154799/Microsoft-Windows-Kernel-CI-CipFixImageType-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154799/Microsoft-Windows-Kernel-CI-CipFixImageType-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1345.json b/2019/1xxx/CVE-2019-1345.json index 743618a31e0..75124d68fa1 100644 --- a/2019/1xxx/CVE-2019-1345.json +++ b/2019/1xxx/CVE-2019-1345.json @@ -154,6 +154,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1345", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1345" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154800/Microsoft-Windows-Kernel-nt-MiParseImageLoadConfig-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154800/Microsoft-Windows-Kernel-nt-MiParseImageLoadConfig-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1346.json b/2019/1xxx/CVE-2019-1346.json index 82b534a75cd..9e2e2e2d7d1 100644 --- a/2019/1xxx/CVE-2019-1346.json +++ b/2019/1xxx/CVE-2019-1346.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1346", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1346" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154801/Microsoft-Windows-Kernel-CI-HashKComputeFirstPageHash-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154801/Microsoft-Windows-Kernel-CI-HashKComputeFirstPageHash-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1347.json b/2019/1xxx/CVE-2019-1347.json index 1394e33ae77..cbe68c2b907 100644 --- a/2019/1xxx/CVE-2019-1347.json +++ b/2019/1xxx/CVE-2019-1347.json @@ -175,6 +175,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1347", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1347" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154802/Microsoft-Windows-Kernel-nt-MiRelocateImage-Out-Of-Bounds-Read.html", + "url": "http://packetstormsecurity.com/files/154802/Microsoft-Windows-Kernel-nt-MiRelocateImage-Out-Of-Bounds-Read.html" } ] } diff --git a/2019/1xxx/CVE-2019-1361.json b/2019/1xxx/CVE-2019-1361.json index 31cdd399a21..6521e5d701d 100644 --- a/2019/1xxx/CVE-2019-1361.json +++ b/2019/1xxx/CVE-2019-1361.json @@ -75,6 +75,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1361", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1361" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-867/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-867/" } ] } diff --git a/2019/1xxx/CVE-2019-1362.json b/2019/1xxx/CVE-2019-1362.json index 3d34d050674..0b809c5d399 100644 --- a/2019/1xxx/CVE-2019-1362.json +++ b/2019/1xxx/CVE-2019-1362.json @@ -90,6 +90,16 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1362", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1362" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-869/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-869/" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-868/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-868/" } ] } diff --git a/2019/1xxx/CVE-2019-1364.json b/2019/1xxx/CVE-2019-1364.json index 039d567e6ec..fc8c1dcfaa2 100644 --- a/2019/1xxx/CVE-2019-1364.json +++ b/2019/1xxx/CVE-2019-1364.json @@ -90,6 +90,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1364", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1364" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154797/Microsoft-Windows-Kernel-win32k.sys-TTF-Font-Processing-win32k-ulClearTypeFilter-Pool-Corruption.html", + "url": "http://packetstormsecurity.com/files/154797/Microsoft-Windows-Kernel-win32k.sys-TTF-Font-Processing-win32k-ulClearTypeFilter-Pool-Corruption.html" } ] } diff --git a/2019/5xxx/CVE-2019-5527.json b/2019/5xxx/CVE-2019-5527.json index 7b7145a581c..1a00309f8bf 100644 --- a/2019/5xxx/CVE-2019-5527.json +++ b/2019/5xxx/CVE-2019-5527.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5527", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5527", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ESXi, Workstation, Fusion, VMRC and Horizon Client", + "version": { + "version_data": [ + { + "version_value": "ESXi 6.7. 6.5, 6.0, Workstation 15.x, Fusion 11.x, VMRC 10.x and Horizon Client 5.x and prior" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0014.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0014.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5." } ] } diff --git a/2019/5xxx/CVE-2019-5535.json b/2019/5xxx/CVE-2019-5535.json index 33d1f030939..601add00378 100644 --- a/2019/5xxx/CVE-2019-5535.json +++ b/2019/5xxx/CVE-2019-5535.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5535", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5535", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware Workstation and Fusion", + "version": { + "version_data": [ + { + "version_value": "VMware Workstation 15.x and Fusion 11.x" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Network denial-of-service vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0014.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0014.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7." } ] }