diff --git a/2019/6xxx/CVE-2019-6438.json b/2019/6xxx/CVE-2019-6438.json index 2da914f443a..5592954d397 100644 --- a/2019/6xxx/CVE-2019-6438.json +++ b/2019/6xxx/CVE-2019-6438.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6438", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html", + "refsource" : "CONFIRM", + "url" : "https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html" + }, + { + "name" : "https://www.schedmd.com/news.php?id=213", + "refsource" : "CONFIRM", + "url" : "https://www.schedmd.com/news.php?id=213" } ] } diff --git a/2019/7xxx/CVE-2019-7216.json b/2019/7xxx/CVE-2019-7216.json index a77ad5bcb02..cc598561564 100644 --- a/2019/7xxx/CVE-2019-7216.json +++ b/2019/7xxx/CVE-2019-7216.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-7216", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://encodable.com/filechucker/changelog/", + "refsource" : "MISC", + "url" : "https://encodable.com/filechucker/changelog/" + }, + { + "name" : "https://github.com/ekultek/cve-2019-7216", + "refsource" : "MISC", + "url" : "https://github.com/ekultek/cve-2019-7216" } ] } diff --git a/2019/7xxx/CVE-2019-7249.json b/2019/7xxx/CVE-2019-7249.json new file mode 100644 index 00000000000..e6273b4c403 --- /dev/null +++ b/2019/7xxx/CVE-2019-7249.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7249", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackerone.com/reports/471739", + "refsource" : "MISC", + "url" : "https://hackerone.com/reports/471739" + }, + { + "name" : "https://keybase.io/docs/secadv/kb004", + "refsource" : "MISC", + "url" : "https://keybase.io/docs/secadv/kb004" + } + ] + } +} diff --git a/2019/7xxx/CVE-2019-7250.json b/2019/7xxx/CVE-2019-7250.json new file mode 100644 index 00000000000..54a2db2628f --- /dev/null +++ b/2019/7xxx/CVE-2019-7250.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7250", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Stored XSS in the preview boxes in the configuration panel may allow a malicious user to use both label text and references text to inject arbitrary JavaScript code (via SCRIPT elements, event handlers, etc.). Since this code is stored by the plugin, the attacker may be able to target anyone who opens the configuration panel of the plugin." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/davidrthorn/cross_reference/issues/32", + "refsource" : "MISC", + "url" : "https://github.com/davidrthorn/cross_reference/issues/32" + } + ] + } +}