From 9f3ccb9a478c33751c511465e7ad387f4c29df5e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 31 Oct 2019 16:01:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2009/5xxx/CVE-2009-5041.json | 48 ++++++++++++++++++++++++-- 2009/5xxx/CVE-2009-5042.json | 48 ++++++++++++++++++++++++-- 2009/5xxx/CVE-2009-5043.json | 48 ++++++++++++++++++++++++-- 2010/2xxx/CVE-2010-2490.json | 60 ++++++++++++++++++++++++++++++-- 2019/16xxx/CVE-2019-16278.json | 5 +++ 2019/16xxx/CVE-2019-16884.json | 5 +++ 2019/18xxx/CVE-2019-18365.json | 62 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18366.json | 62 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18367.json | 62 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18368.json | 62 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18369.json | 62 ++++++++++++++++++++++++++++++++++ 2019/3xxx/CVE-2019-3419.json | 58 +++++++++++++++++++++++++++---- 2019/3xxx/CVE-2019-3421.json | 58 +++++++++++++++++++++++++++---- 2019/3xxx/CVE-2019-3978.json | 5 +++ 14 files changed, 622 insertions(+), 23 deletions(-) create mode 100644 2019/18xxx/CVE-2019-18365.json create mode 100644 2019/18xxx/CVE-2019-18366.json create mode 100644 2019/18xxx/CVE-2019-18367.json create mode 100644 2019/18xxx/CVE-2019-18368.json create mode 100644 2019/18xxx/CVE-2019-18369.json diff --git a/2009/5xxx/CVE-2009-5041.json b/2009/5xxx/CVE-2009-5041.json index c050cc7ffa2..bbc4b1dfb95 100644 --- a/2009/5xxx/CVE-2009-5041.json +++ b/2009/5xxx/CVE-2009-5041.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-5041", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "overkill has buffer overflow via long player names that can corrupt data on the server machine" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2009-5041", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2009-5041" } ] } diff --git a/2009/5xxx/CVE-2009-5042.json b/2009/5xxx/CVE-2009-5042.json index 495c6b9cfba..95a6380fb77 100644 --- a/2009/5xxx/CVE-2009-5042.json +++ b/2009/5xxx/CVE-2009-5042.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-5042", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "python-docutils allows insecure usage of temporary files" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2009-5042", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2009-5042" } ] } diff --git a/2009/5xxx/CVE-2009-5043.json b/2009/5xxx/CVE-2009-5043.json index a57e7d4e26f..ff06664bd7e 100644 --- a/2009/5xxx/CVE-2009-5043.json +++ b/2009/5xxx/CVE-2009-5043.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-5043", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "burn allows file names to escape via mishandled quotation marks" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2009-5043", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2009-5043" } ] } diff --git a/2010/2xxx/CVE-2010-2490.json b/2010/2xxx/CVE-2010-2490.json index de7d6934e3d..f16bc794b11 100644 --- a/2010/2xxx/CVE-2010-2490.json +++ b/2010/2xxx/CVE-2010-2490.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-2490", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mumble", + "product": { + "product_data": [ + { + "product_name": "mumble", + "version": { + "version_data": [ + { + "version_value": "< 1.2.2-4" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mumble: murmur-server has DoS due to malformed client query" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS via malformed client query" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-2490", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-2490" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2490", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2490" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2010-2490", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2010-2490" } ] } diff --git a/2019/16xxx/CVE-2019-16278.json b/2019/16xxx/CVE-2019-16278.json index b8c530b1448..1c1762930d4 100644 --- a/2019/16xxx/CVE-2019-16278.json +++ b/2019/16xxx/CVE-2019-16278.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://git.sp0re.sh/sp0re/Nhttpd-exploits", "url": "https://git.sp0re.sh/sp0re/Nhttpd-exploits" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html", + "url": "http://packetstormsecurity.com/files/155045/Nostromo-1.9.6-Directory-Traversal-Remote-Command-Execution.html" } ] } diff --git a/2019/16xxx/CVE-2019-16884.json b/2019/16xxx/CVE-2019-16884.json index 5bb68b62e44..dea655ab6b7 100644 --- a/2019/16xxx/CVE-2019-16884.json +++ b/2019/16xxx/CVE-2019-16884.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-96946c39dd", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2418", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html" } ] } diff --git a/2019/18xxx/CVE-2019-18365.json b/2019/18xxx/CVE-2019-18365.json new file mode 100644 index 00000000000..ca81a3f9aa6 --- /dev/null +++ b/2019/18xxx/CVE-2019-18365.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/", + "url": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18366.json b/2019/18xxx/CVE-2019-18366.json new file mode 100644 index 00000000000..b41359b5aea --- /dev/null +++ b/2019/18xxx/CVE-2019-18366.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the \"View build runtime parameters and data\" permission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/", + "url": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18367.json b/2019/18xxx/CVE-2019-18367.json new file mode 100644 index 00000000000..bd2bf973234 --- /dev/null +++ b/2019/18xxx/CVE-2019-18367.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/", + "url": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18368.json b/2019/18xxx/CVE-2019-18368.json new file mode 100644 index 00000000000..d7432be247b --- /dev/null +++ b/2019/18xxx/CVE-2019-18368.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/", + "url": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18369.json b/2019/18xxx/CVE-2019-18369.json new file mode 100644 index 00000000000..1967370ff1c --- /dev/null +++ b/2019/18xxx/CVE-2019-18369.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/", + "url": "https://blog.jetbrains.com/blog/2019/10/29/jetbrains-security-bulletin-q3-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3419.json b/2019/3xxx/CVE-2019-3419.json index 3d56ada3a30..26999c3059a 100644 --- a/2019/3xxx/CVE-2019-3419.json +++ b/2019/3xxx/CVE-2019-3419.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3419", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3419", + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ZTE Corporation", + "product": { + "product_data": [ + { + "product_name": "ZXMP M721 DX", + "version": { + "version_data": [ + { + "version_value": "ZXMP M721V3.10P01B10_M2NCP" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Resource Management Error" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011542", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011542" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A security vulnerability exists in a management port in the version of ZTE's ZXMP M721V3.10P01B10_M2NCP. An attacker could exploit this vulnerability to build a link to the device and send specific packets to cause a denial of service." } ] } diff --git a/2019/3xxx/CVE-2019-3421.json b/2019/3xxx/CVE-2019-3421.json index 2b53c839f9d..c57e271c37a 100644 --- a/2019/3xxx/CVE-2019-3421.json +++ b/2019/3xxx/CVE-2019-3421.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3421", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3421", + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ZTE Corporation", + "product": { + "product_data": [ + { + "product_name": "ZX297520V3", + "version": { + "version_data": [ + { + "version_value": "All versions up to\u00a07520V3V1.0.0B09P27" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011643", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1011643" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system." } ] } diff --git a/2019/3xxx/CVE-2019-3978.json b/2019/3xxx/CVE-2019-3978.json index ec0ed68a6d0..28caf47daf2 100644 --- a/2019/3xxx/CVE-2019-3978.json +++ b/2019/3xxx/CVE-2019-3978.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.tenable.com/security/research/tra-2019-46", "url": "https://www.tenable.com/security/research/tra-2019-46" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.html", + "url": "http://packetstormsecurity.com/files/155036/MikroTik-RouterOS-6.45.6-DNS-Cache-Poisoning.html" } ] },