From ac6105a0f5724ac664c3faec47cd424c097256eb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 7 Jan 2020 18:01:12 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2014/8xxx/CVE-2014-8673.json | 63 ++++++++++++++++++++++++++++++++-- 2019/10xxx/CVE-2019-10216.json | 5 ++- 2019/14xxx/CVE-2019-14819.json | 7 ++-- 2019/17xxx/CVE-2019-17631.json | 5 +++ 2019/2xxx/CVE-2019-2945.json | 5 +++ 2019/2xxx/CVE-2019-2962.json | 5 +++ 2019/2xxx/CVE-2019-2964.json | 5 +++ 2019/2xxx/CVE-2019-2973.json | 5 +++ 2019/2xxx/CVE-2019-2975.json | 5 +++ 2019/2xxx/CVE-2019-2978.json | 5 +++ 2019/2xxx/CVE-2019-2981.json | 5 +++ 2019/2xxx/CVE-2019-2983.json | 5 +++ 2019/2xxx/CVE-2019-2988.json | 5 +++ 2019/2xxx/CVE-2019-2989.json | 5 +++ 2019/2xxx/CVE-2019-2992.json | 5 +++ 2019/2xxx/CVE-2019-2996.json | 5 +++ 2019/2xxx/CVE-2019-2999.json | 5 +++ 2019/3xxx/CVE-2019-3663.json | 39 ++++++++++----------- 2019/5xxx/CVE-2019-5064.json | 7 +++- 19 files changed, 162 insertions(+), 29 deletions(-) diff --git a/2014/8xxx/CVE-2014-8673.json b/2014/8xxx/CVE-2014-8673.json index 8c711bbe4b0..c57016a2672 100644 --- a/2014/8xxx/CVE-2014-8673.json +++ b/2014/8xxx/CVE-2014-8673.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-8673", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple SQL vulnerabilities exist in planning.php, user_list.php, projets.php, user_groupes.php, and groupe_list.php in Simple Online Planning (SOPPlanning)before 1.33." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/132654/Simple-Online-Planning-Tool-1.3.2-XSS-SQL-Injection-Traversal.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/132654/Simple-Online-Planning-Tool-1.3.2-XSS-SQL-Injection-Traversal.html" + }, + { + "url": "http://www.securityfocus.com/bid/75726", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/75726" + }, + { + "url": "http://seclists.org/fulldisclosure/2015/Jul/44", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2015/Jul/44" + }, + { + "url": "https://www.exploit-db.com/exploits/37604/", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/37604/" } ] } diff --git a/2019/10xxx/CVE-2019-10216.json b/2019/10xxx/CVE-2019-10216.json index a79cbe64e6b..c5d049d4a09 100644 --- a/2019/10xxx/CVE-2019-10216.json +++ b/2019/10xxx/CVE-2019-10216.json @@ -19,8 +19,7 @@ "version": { "version_data": [ { - "version_value": "9.50", - "version_affected": "<" + "version_value": "before 9.50" } ] } @@ -61,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "It was found that in ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas." + "value": "In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas." } ] }, diff --git a/2019/14xxx/CVE-2019-14819.json b/2019/14xxx/CVE-2019-14819.json index aac1128eee5..f826271b908 100644 --- a/2019/14xxx/CVE-2019-14819.json +++ b/2019/14xxx/CVE-2019-14819.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-14819", - "ASSIGNER": "msiddiqu@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -18,7 +19,7 @@ "version": { "version_data": [ { - "version_value": "n/a" + "version_value": "3.x" } ] } @@ -76,4 +77,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17631.json b/2019/17xxx/CVE-2019-17631.json index c727dfffcdb..c81b40557e5 100644 --- a/2019/17xxx/CVE-2019-17631.json +++ b/2019/17xxx/CVE-2019-17631.json @@ -71,6 +71,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2945.json b/2019/2xxx/CVE-2019-2945.json index 322f5a7ad7b..4fedc6f990d 100644 --- a/2019/2xxx/CVE-2019-2945.json +++ b/2019/2xxx/CVE-2019-2945.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2962.json b/2019/2xxx/CVE-2019-2962.json index d4b7fbd101e..933fd7c9889 100644 --- a/2019/2xxx/CVE-2019-2962.json +++ b/2019/2xxx/CVE-2019-2962.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2964.json b/2019/2xxx/CVE-2019-2964.json index 83982f0ce7e..1fe44ca5693 100644 --- a/2019/2xxx/CVE-2019-2964.json +++ b/2019/2xxx/CVE-2019-2964.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2973.json b/2019/2xxx/CVE-2019-2973.json index 67580e9e8e0..2166f979427 100644 --- a/2019/2xxx/CVE-2019-2973.json +++ b/2019/2xxx/CVE-2019-2973.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2975.json b/2019/2xxx/CVE-2019-2975.json index 4e2305920bd..82e230a7563 100644 --- a/2019/2xxx/CVE-2019-2975.json +++ b/2019/2xxx/CVE-2019-2975.json @@ -136,6 +136,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2978.json b/2019/2xxx/CVE-2019-2978.json index c73c3d83d3d..c3de89c2411 100644 --- a/2019/2xxx/CVE-2019-2978.json +++ b/2019/2xxx/CVE-2019-2978.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2981.json b/2019/2xxx/CVE-2019-2981.json index d6aa8632b58..67f3faa4a1b 100644 --- a/2019/2xxx/CVE-2019-2981.json +++ b/2019/2xxx/CVE-2019-2981.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2983.json b/2019/2xxx/CVE-2019-2983.json index 46b50f2e461..a06c676e8bc 100644 --- a/2019/2xxx/CVE-2019-2983.json +++ b/2019/2xxx/CVE-2019-2983.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2988.json b/2019/2xxx/CVE-2019-2988.json index 3cd8d90c3b3..25b4d7c325d 100644 --- a/2019/2xxx/CVE-2019-2988.json +++ b/2019/2xxx/CVE-2019-2988.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2989.json b/2019/2xxx/CVE-2019-2989.json index 9d22a75d215..c526223ef2c 100644 --- a/2019/2xxx/CVE-2019-2989.json +++ b/2019/2xxx/CVE-2019-2989.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2992.json b/2019/2xxx/CVE-2019-2992.json index 76c8bc7394b..0ea6ed0db6f 100644 --- a/2019/2xxx/CVE-2019-2992.json +++ b/2019/2xxx/CVE-2019-2992.json @@ -161,6 +161,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2996.json b/2019/2xxx/CVE-2019-2996.json index 2bea9d1f3ff..0a6894faa34 100644 --- a/2019/2xxx/CVE-2019-2996.json +++ b/2019/2xxx/CVE-2019-2996.json @@ -81,6 +81,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/2xxx/CVE-2019-2999.json b/2019/2xxx/CVE-2019-2999.json index f77d764e41a..550bcb25fd7 100644 --- a/2019/2xxx/CVE-2019-2999.json +++ b/2019/2xxx/CVE-2019-2999.json @@ -157,6 +157,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0006", "url": "https://access.redhat.com/errata/RHSA-2020:0006" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0046", + "url": "https://access.redhat.com/errata/RHSA-2020:0046" } ] } diff --git a/2019/3xxx/CVE-2019-3663.json b/2019/3xxx/CVE-2019-3663.json index 7c9be6aaa1d..d1050912cb6 100644 --- a/2019/3xxx/CVE-2019-3663.json +++ b/2019/3xxx/CVE-2019-3663.json @@ -9,6 +9,7 @@ "vendor": { "vendor_data": [ { + "vendor_name": "McAfee", "product": { "product_data": [ { @@ -16,15 +17,13 @@ "version": { "version_data": [ { - "version_affected": "<", - "version_value": "4.8" + "version_value": "prior to 4.8" } ] } } ] - }, - "vendor_name": "McAfee" + } } ] } @@ -36,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system.\nThis was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details" + "value": "Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details" } ] }, @@ -46,17 +45,17 @@ "impact": { "cvss": { "version": "3.1", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "baseScore": 9.8, - "baseSeverity": "CRITICAL" + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" } }, "problemtype": { @@ -74,9 +73,9 @@ "references": { "reference_data": [ { - "refsource": "MISC", - "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304", - "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304" + "refsource": "CONFIRM", + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10304" } ] }, @@ -84,4 +83,4 @@ "advisory": "SB10304", "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5064.json b/2019/5xxx/CVE-2019-5064.json index 492eb4f6ad5..c2e6002f4a7 100644 --- a/2019/5xxx/CVE-2019-5064.json +++ b/2019/5xxx/CVE-2019-5064.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853" + }, + { + "refsource": "MISC", + "name": "https://github.com/opencv/opencv/issues/15857", + "url": "https://github.com/opencv/opencv/issues/15857" } ] }, @@ -55,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability." + "value": "An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability." } ] }