"-Synchronized-Data."

2025-05-07 19:17:10 +00:00 · 2019-04-18 20:00:46 +00:00 · 2019-04-18 20:00:46 +00:00 · acc7061e32
commit acc7061e32
parent fe877eb4d6
8 changed files with 97 additions and 17 deletions
--- a/2018/20xxx/CVE-2018-20341.json
+++ b/2018/20xxx/CVE-2018-20341.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "WINMAGIC SecureDoc Disk Encryption before 8.3 has an Unquoted Search Path or Element."
+                "value": "WINMAGIC SecureDoc Disk Encryption software before 8.3 has an Unquoted Service Path vulnerability, which could allow an attacker to execute arbitrary code on a target system. If the executable is enclosed in quote tags \"\" then the system will know where to find it. However if the path of where the application binary is located doesn't contain any quotes then Windows will try to find it and execute it inside every folder of this path until they reach the executable."
            }
        ]
    },
--- a/2019/10xxx/CVE-2019-10893.json
+++ b/2019/10xxx/CVE-2019-10893.json
@ -1,17 +1,71 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2019-10893",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2019-10893",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the \"CWP Settings > \"Edit Settings\" screen. By changing the email ID to any XSS Payload and clicking on Save Changes, the XSS Payload will execute."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "http://forum.centos-webpanel.com/informations/",
+                "refsource": "MISC",
+                "name": "http://forum.centos-webpanel.com/informations/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/152437/CentOS-Web-Panel-0.9.8.793-Free-0.9.8.753-Pro-Cross-Site-Scripting.html",
+                "url": "http://packetstormsecurity.com/files/152437/CentOS-Web-Panel-0.9.8.793-Free-0.9.8.753-Pro-Cross-Site-Scripting.html"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://packetstormsecurity.com/files/152437/centoswp098email-xss.txt",
+                "url": "https://packetstormsecurity.com/files/152437/centoswp098email-xss.txt"
            }
        ]
    }
--- a/2019/11xxx/CVE-2019-11035.json
+++ b/2019/11xxx/CVE-2019-11035.json
@ -105,4 +105,4 @@
        ],
        "discovery": "INTERNAL"
    }
-}
+}
--- a/2019/11xxx/CVE-2019-11213.json
+++ b/2019/11xxx/CVE-2019-11213.json
@ -52,6 +52,11 @@
    },
    "references": {
        "reference_data": [
+            {
+                "refsource": "CERT-VN",
+                "name": "VU#192371",
+                "url": "https://www.kb.cert.org/vuls/id/192371"
+            },
            {
                "refsource": "CONFIRM",
                "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44114",
--- a/2019/11xxx/CVE-2019-11323.json
+++ b/2019/11xxx/CVE-2019-11323.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-11323",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2019/3xxx/CVE-2019-3710.json
+++ b/2019/3xxx/CVE-2019-3710.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "secure@dell.com",
+        "ASSIGNER": "security_alert@emc.com",
        "ID": "CVE-2019-3710",
        "STATE": "PUBLIC",
        "TITLE": "DSA-2019-034: Dell EMC Networking OS10 Undocumented Default Cryptographic Key Vulnerability"
@ -74,8 +74,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.dell.com/support/article/SLN316558/"
+                "refsource": "MISC",
+                "url": "https://www.dell.com/support/article/SLN316558/",
+                "name": "https://www.dell.com/support/article/SLN316558/"
            }
        ]
    },
--- a/2019/3xxx/CVE-2019-3718.json
+++ b/2019/3xxx/CVE-2019-3718.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "secure@dell.com",
+        "ASSIGNER": "security_alert@emc.com",
        "DATE_PUBLIC": "2019-04-17T17:04:00.000Z",
        "ID": "CVE-2019-3718",
        "STATE": "PUBLIC"
@ -80,8 +80,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "FULLDISC",
-                "url": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en"
+                "refsource": "MISC",
+                "url": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en",
+                "name": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en"
            }
        ]
    },
--- a/2019/3xxx/CVE-2019-3719.json
+++ b/2019/3xxx/CVE-2019-3719.json
@ -1,6 +1,6 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "secure@dell.com",
+        "ASSIGNER": "security_alert@emc.com",
        "DATE_PUBLIC": "2019-04-17T17:04:00.000Z",
        "ID": "CVE-2019-3719",
        "STATE": "PUBLIC"
@ -80,8 +80,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "FULLDISC",
-                "url": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en"
+                "refsource": "MISC",
+                "url": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en",
+                "name": "https://www.dell.com/support/article/us/en/19/sln316857/dsa-2019-051-dell-supportassist-client-multiple-vulnerabilities?lang=en"
            }
        ]
    },