From ac095b39e2e5bc61156c77bdc76033a7e89328c9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 30 May 2019 18:00:48 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/0xxx/CVE-2017-0509.json | 5 ++++ 2018/0xxx/CVE-2018-0495.json | 10 +++++++ 2018/0xxx/CVE-2018-0732.json | 10 +++++++ 2018/10xxx/CVE-2018-10948.json | 48 ++++++++++++++++++++++++++++-- 2018/14xxx/CVE-2018-14425.json | 53 ++++++++++++++++++++++++++++++++-- 2019/0xxx/CVE-2019-0211.json | 10 +++++++ 2019/3xxx/CVE-2019-3839.json | 28 +++++++++++++++--- 2019/9xxx/CVE-2019-9723.json | 48 ++++++++++++++++++++++++++++-- 2019/9xxx/CVE-2019-9741.json | 5 ++++ 9 files changed, 207 insertions(+), 10 deletions(-) diff --git a/2017/0xxx/CVE-2017-0509.json b/2017/0xxx/CVE-2017-0509.json index d922946f037..5d04d1d95a2 100644 --- a/2017/0xxx/CVE-2017-0509.json +++ b/2017/0xxx/CVE-2017-0509.json @@ -66,6 +66,11 @@ "name": "96797", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96797" + }, + { + "refsource": "BID", + "name": "94943", + "url": "http://www.securityfocus.com/bid/94943" } ] } diff --git a/2018/0xxx/CVE-2018-0495.json b/2018/0xxx/CVE-2018-0495.json index c97c74829f8..6a6843e7869 100644 --- a/2018/0xxx/CVE-2018-0495.json +++ b/2018/0xxx/CVE-2018-0495.json @@ -136,6 +136,16 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1297", + "url": "https://access.redhat.com/errata/RHSA-2019:1297" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1296", + "url": "https://access.redhat.com/errata/RHSA-2019:1296" } ] } diff --git a/2018/0xxx/CVE-2018-0732.json b/2018/0xxx/CVE-2018-0732.json index 19ba414e5f1..d062e8fa040 100644 --- a/2018/0xxx/CVE-2018-0732.json +++ b/2018/0xxx/CVE-2018-0732.json @@ -199,6 +199,16 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1297", + "url": "https://access.redhat.com/errata/RHSA-2019:1297" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1296", + "url": "https://access.redhat.com/errata/RHSA-2019:1296" } ] } diff --git a/2018/10xxx/CVE-2018-10948.json b/2018/10xxx/CVE-2018-10948.json index cc57c9eed22..b04a6c33f84 100644 --- a/2018/10xxx/CVE-2018-10948.json +++ b/2018/10xxx/CVE-2018-10948.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-10948", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.zimbra.com/show_bug.cgi?id=107948", + "refsource": "MISC", + "name": "https://bugzilla.zimbra.com/show_bug.cgi?id=107948" } ] } diff --git a/2018/14xxx/CVE-2018-14425.json b/2018/14xxx/CVE-2018-14425.json index 2836fdf861b..06567711be3 100644 --- a/2018/14xxx/CVE-2018-14425.json +++ b/2018/14xxx/CVE-2018-14425.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14425", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", + "refsource": "MISC", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" + }, + { + "url": "https://bugzilla.zimbra.com/show_bug.cgi?id=108970", + "refsource": "MISC", + "name": "https://bugzilla.zimbra.com/show_bug.cgi?id=108970" } ] } diff --git a/2019/0xxx/CVE-2019-0211.json b/2019/0xxx/CVE-2019-0211.json index 380cd22c780..c497c8f0eee 100644 --- a/2019/0xxx/CVE-2019-0211.json +++ b/2019/0xxx/CVE-2019-0211.json @@ -188,6 +188,16 @@ "refsource": "FEDORA", "name": "FEDORA-2019-a4ed7400f4", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1297", + "url": "https://access.redhat.com/errata/RHSA-2019:1297" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1296", + "url": "https://access.redhat.com/errata/RHSA-2019:1296" } ] }, diff --git a/2019/3xxx/CVE-2019-3839.json b/2019/3xxx/CVE-2019-3839.json index 587e15fc2e1..da39aa2e64c 100644 --- a/2019/3xxx/CVE-2019-3839.json +++ b/2019/3xxx/CVE-2019-3839.json @@ -44,15 +44,35 @@ }, "references": { "reference_data": [ + { + "refsource": "REDHAT", + "name": "RHSA-2019:0971", + "url": "https://access.redhat.com/errata/RHSA-2019:0971" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3839", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3839", "refsource": "CONFIRM" }, { - "refsource": "CONFIRM", - "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=db24f253409d5d085c2760c814c3e1d3fa2dac59", - "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=db24f253409d5d085c2760c814c3e1d3fa2dac59" + "refsource": "REDHAT", + "name": "RHSA-2019:1017", + "url": "https://access.redhat.com/errata/RHSA-2019:1017" + }, + { + "refsource": "UBUNTU", + "name": "USN-3970-1", + "url": "https://usn.ubuntu.com/3970-1/" + }, + { + "refsource": "DEBIAN", + "name": "DSA-4442", + "url": "https://www.debian.org/security/2019/dsa-4442" + }, + { + "refsource": "BUGTRAQ", + "name": "20190512 [SECURITY] [DSA 4442-1] ghostscript security update", + "url": "https://seclists.org/bugtraq/2019/May/23" }, { "refsource": "CONFIRM", @@ -70,7 +90,7 @@ "description_data": [ { "lang": "eng", - "value": "It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.28 are vulnerable." + "value": "It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable." } ] }, diff --git a/2019/9xxx/CVE-2019-9723.json b/2019/9xxx/CVE-2019-9723.json index b1ceca47c98..ed600c3697c 100644 --- a/2019/9xxx/CVE-2019-9723.json +++ b/2019/9xxx/CVE-2019-9723.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9723", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://blog.ripstech.com/2019/logicaldoc-path-traversal/", + "url": "https://blog.ripstech.com/2019/logicaldoc-path-traversal/" } ] } diff --git a/2019/9xxx/CVE-2019-9741.json b/2019/9xxx/CVE-2019-9741.json index 29f1ef572f2..32749b95228 100644 --- a/2019/9xxx/CVE-2019-9741.json +++ b/2019/9xxx/CVE-2019-9741.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-d05bc7e3df", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TOOVCEPQM7TZA6VEZEEB7QZABXNHQEHH/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1300", + "url": "https://access.redhat.com/errata/RHSA-2019:1300" } ] }