From a7bf9abf5280669997cd270fdccccf4299d76379 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 8 Oct 2019 15:01:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/19xxx/CVE-2018-19961.json | 5 +++ 2018/19xxx/CVE-2018-19962.json | 5 +++ 2018/19xxx/CVE-2018-19966.json | 5 +++ 2018/21xxx/CVE-2018-21024.json | 67 ++++++++++++++++++++++++++++++++++ 2019/11xxx/CVE-2019-11041.json | 5 +++ 2019/11xxx/CVE-2019-11042.json | 5 +++ 2019/16xxx/CVE-2019-16866.json | 5 +++ 2019/16xxx/CVE-2019-16869.json | 5 +++ 2019/17xxx/CVE-2019-17105.json | 67 ++++++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17187.json | 62 +++++++++++++++++++++++++++++++ 10 files changed, 231 insertions(+) create mode 100644 2018/21xxx/CVE-2018-21024.json create mode 100644 2019/17xxx/CVE-2019-17105.json create mode 100644 2019/17xxx/CVE-2019-17187.json diff --git a/2018/19xxx/CVE-2018-19961.json b/2018/19xxx/CVE-2018-19961.json index a7aea51bf51..66f1f0f7dbb 100644 --- a/2018/19xxx/CVE-2018-19961.json +++ b/2018/19xxx/CVE-2018-19961.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1226", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html" } ] } diff --git a/2018/19xxx/CVE-2018-19962.json b/2018/19xxx/CVE-2018-19962.json index b16b1036587..b86f0acc066 100644 --- a/2018/19xxx/CVE-2018-19962.json +++ b/2018/19xxx/CVE-2018-19962.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1226", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html" } ] } diff --git a/2018/19xxx/CVE-2018-19966.json b/2018/19xxx/CVE-2018-19966.json index f42017e70a7..d7b92ba84b6 100644 --- a/2018/19xxx/CVE-2018-19966.json +++ b/2018/19xxx/CVE-2018-19966.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1226", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html" } ] } diff --git a/2018/21xxx/CVE-2018-21024.json b/2018/21xxx/CVE-2018-21024.json new file mode 100644 index 00000000000..96261c89b1b --- /dev/null +++ b/2018/21xxx/CVE-2018-21024.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-21024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "licenseUpload.php in Centreon Web before 2.8.27 allows attackers to upload arbitrary files via a POST request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2019/10/08/1", + "url": "https://www.openwall.com/lists/oss-security/2019/10/08/1" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/centreon/centreon/pull/7085", + "url": "https://github.com/centreon/centreon/pull/7085" + } + ] + } +} \ No newline at end of file diff --git a/2019/11xxx/CVE-2019-11041.json b/2019/11xxx/CVE-2019-11041.json index 4df9bbeae7e..36f22b474d0 100644 --- a/2019/11xxx/CVE-2019-11041.json +++ b/2019/11xxx/CVE-2019-11041.json @@ -125,6 +125,11 @@ "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT210634", "url": "https://support.apple.com/kb/HT210634" + }, + { + "refsource": "BUGTRAQ", + "name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", + "url": "https://seclists.org/bugtraq/2019/Oct/9" } ] }, diff --git a/2019/11xxx/CVE-2019-11042.json b/2019/11xxx/CVE-2019-11042.json index c017b8f77dc..12affe479df 100644 --- a/2019/11xxx/CVE-2019-11042.json +++ b/2019/11xxx/CVE-2019-11042.json @@ -125,6 +125,11 @@ "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT210634", "url": "https://support.apple.com/kb/HT210634" + }, + { + "refsource": "BUGTRAQ", + "name": "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", + "url": "https://seclists.org/bugtraq/2019/Oct/9" } ] }, diff --git a/2019/16xxx/CVE-2019-16866.json b/2019/16xxx/CVE-2019-16866.json index 62e8e6e8e54..77faff08ae5 100644 --- a/2019/16xxx/CVE-2019-16866.json +++ b/2019/16xxx/CVE-2019-16866.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt", "url": "https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt" + }, + { + "refsource": "UBUNTU", + "name": "USN-4149-1", + "url": "https://usn.ubuntu.com/4149-1/" } ] } diff --git a/2019/16xxx/CVE-2019-16869.json b/2019/16xxx/CVE-2019-16869.json index 1282ee47be1..455752c7520 100644 --- a/2019/16xxx/CVE-2019-16869.json +++ b/2019/16xxx/CVE-2019-16869.json @@ -131,6 +131,11 @@ "refsource": "MLIST", "name": "[zookeeper-issues] 20191003 [jira] [Commented] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty", "url": "https://lists.apache.org/thread.html/2e1cf538b502713c2c42ffa46d81f4688edb5676eb55bd9fc4b4fed7@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-issues] 20191008 [jira] [Resolved] (ZOOKEEPER-3563) dependency check failing on 3.4 and 3.5 branches - CVE-2019-16869 on Netty", + "url": "https://lists.apache.org/thread.html/a0f77c73af32cbe4ff0968bfcbbe80ae6361f3dccdd46f3177547266@%3Cissues.zookeeper.apache.org%3E" } ] } diff --git a/2019/17xxx/CVE-2019-17105.json b/2019/17xxx/CVE-2019-17105.json new file mode 100644 index 00000000000..a58a5cce58f --- /dev/null +++ b/2019/17xxx/CVE-2019-17105.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The token generator in index.php in Centreon Web before 2.8.27 is predictable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2019/10/08/1", + "url": "https://www.openwall.com/lists/oss-security/2019/10/08/1" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/centreon/centreon/pull/7100", + "url": "https://github.com/centreon/centreon/pull/7100" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17187.json b/2019/17xxx/CVE-2019-17187.json new file mode 100644 index 00000000000..fb383ea36c3 --- /dev/null +++ b/2019/17xxx/CVE-2019-17187.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17187", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gist.github.com/ztz472947849/d62e7b6f4831b55c338ef22432eca06d", + "refsource": "MISC", + "name": "https://gist.github.com/ztz472947849/d62e7b6f4831b55c338ef22432eca06d" + } + ] + } +} \ No newline at end of file