mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
148d6ae902
commit
b41dad4af8
@ -214,6 +214,11 @@
|
||||
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
|
||||
},
|
||||
{
|
||||
"refsource": "REDHAT",
|
||||
"name": "RHSA-2019:1711",
|
||||
"url": "https://access.redhat.com/errata/RHSA-2019:1711"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -2,7 +2,30 @@
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2018-11307",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
@ -11,7 +34,43 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
|
||||
"refsource": "MISC",
|
||||
"name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
|
||||
},
|
||||
{
|
||||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
|
||||
"refsource": "MISC",
|
||||
"name": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://access.redhat.com/errata/RHSA-2019:0782",
|
||||
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/FasterXML/jackson-databind/issues/2032",
|
||||
"url": "https://github.com/FasterXML/jackson-databind/issues/2032"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-11019",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-11019",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08 allows anyone to remotely access all claim details by visiting easily guessable exportpdf/all_claim_detail.php?claim_id= URLs."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "http://ddrt.co.uk/complaint-handling-software/",
|
||||
"refsource": "MISC",
|
||||
"name": "http://ddrt.co.uk/complaint-handling-software/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://domdomegg.github.io/CVE-2019-11019.pdf",
|
||||
"url": "https://domdomegg.github.io/CVE-2019-11019.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,71 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-12782",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2019-12782",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An authorization bypass vulnerability in pinboard updates in ThoughtSpot 4.4.1 through 5.1.1 (before 5.1.2) allows a low-privilege user with write access to at least one pinboard to corrupt pinboards of another user in the application by spoofing GUIDs in pinboard update requests, effectively deleting them."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.vsecurity.com/resources/advisories.html",
|
||||
"url": "https://www.vsecurity.com/resources/advisories.html"
|
||||
},
|
||||
{
|
||||
"url": "https://docs.thoughtspot.com/5.1/release/notes.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://docs.thoughtspot.com/5.1/release/notes.html"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://www.vsecurity.com/download/advisories/201912782-1.txt",
|
||||
"url": "https://www.vsecurity.com/download/advisories/201912782-1.txt"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -77,6 +77,11 @@
|
||||
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10286",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10286"
|
||||
},
|
||||
{
|
||||
"refsource": "BID",
|
||||
"name": "109066",
|
||||
"url": "http://www.securityfocus.com/bid/109066"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -94,4 +99,4 @@
|
||||
],
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -3,7 +3,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution."
|
||||
"value": "Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user