admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-10-24 13:01:06 +00:00
parent 1ef6b8a121
commit d27cdfa963
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 495 additions and 490 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2019/17xxx/CVE-2019-17540.json
View File

@ -53,9 +53,9 @@
"references": {
"reference_data": [
{
"url": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-16%7D",
"url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54",
"refsource": "MISC",
"name": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-16%7D"
"name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54"
},
{
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826",
@ -63,14 +63,19 @@
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826"
},
{
"refsource": "SECTRACK",
"name": "Security Tracker",
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578"
},
{
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2019-17540",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-17540"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578"
"name": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D",
"url": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D"
}
]
}

136
2019/4xxx/CVE-2019-4397.json
View File

@ -1,134 +1,134 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM" : {
"AC" : "H",
"UI" : "N",
"S" : "U",
"PR" : "L",
"C" : "H",
"A" : "N",
"SCORE" : "5.300",
"I" : "N",
"AV" : "N"
"BM": {
"AC": "H",
"UI": "N",
"S": "U",
"PR": "L",
"C": "H",
"A": "N",
"SCORE": "5.300",
"I": "N",
"AV": "N"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2019-10-23T00:00:00",
"ID" : "CVE-2019-4397",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"DATE_PUBLIC": "2019-10-23T00:00:00",
"ID": "CVE-2019-4397",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239"
"lang": "eng",
"value": "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cloud Orchestrator",
"version" : {
"version_data" : [
"product_name": "Cloud Orchestrator",
"version": {
"version_data": [
{
"version_value" : "2.4"
"version_value": "2.4"
},
{
"version_value" : "2.4.0.1"
"version_value": "2.4.0.1"
},
{
"version_value" : "2.4.0.2"
"version_value": "2.4.0.2"
},
{
"version_value" : "2.5"
"version_value": "2.5"
},
{
"version_value" : "2.5.0.1"
"version_value": "2.5.0.1"
},
{
"version_value" : "2.4.0.3"
"version_value": "2.4.0.3"
},
{
"version_value" : "2.5.0.2"
"version_value": "2.5.0.2"
},
{
"version_value" : "2.4.0.4"
"version_value": "2.4.0.4"
},
{
"version_value" : "2.5.0.3"
"version_value": "2.5.0.3"
},
{
"version_value" : "2.5.0.4"
"version_value": "2.5.0.4"
},
{
"version_value" : "2.4.0.5"
"version_value": "2.4.0.5"
},
{
"version_value" : "2.5.0.5"
"version_value": "2.5.0.5"
},
{
"version_value" : "2.5.0.6"
"version_value": "2.5.0.6"
},
{
"version_value" : "2.5.0.7"
"version_value": "2.5.0.7"
},
{
"version_value" : "2.5.0.8"
"version_value": "2.5.0.8"
},
{
"version_value" : "2.5.0.9"
"version_value": "2.5.0.9"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/1077147",
"title" : "IBM Security Bulletin 1077147 (Cloud Orchestrator)",
"name" : "https://www.ibm.com/support/pages/node/1077147"
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/1077147",
"title": "IBM Security Bulletin 1077147 (Cloud Orchestrator)",
"name": "https://www.ibm.com/support/pages/node/1077147"
},
{
"name" : "ibm-co-cve20194397-info-disc (162239)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162239",
"refsource" : "XF"
"name": "ibm-co-cve20194397-info-disc (162239)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/162239",
"refsource": "XF"
}
]
}

136
2019/4xxx/CVE-2019-4398.json
View File

@ -1,135 +1,135 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"I" : "N",
"AV" : "L",
"A" : "N",
"SCORE" : "4.000",
"C" : "L",
"S" : "U",
"PR" : "N",
"AC" : "L",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"I": "N",
"AV": "L",
"A": "N",
"SCORE": "4.000",
"C": "L",
"S": "U",
"PR": "N",
"AC": "L",
"UI": "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cloud Orchestrator",
"version" : {
"version_data" : [
"product_name": "Cloud Orchestrator",
"version": {
"version_data": [
{
"version_value" : "2.4"
"version_value": "2.4"
},
{
"version_value" : "2.4.0.1"
"version_value": "2.4.0.1"
},
{
"version_value" : "2.4.0.2"
"version_value": "2.4.0.2"
},
{
"version_value" : "2.5"
"version_value": "2.5"
},
{
"version_value" : "2.5.0.1"
"version_value": "2.5.0.1"
},
{
"version_value" : "2.4.0.3"
"version_value": "2.4.0.3"
},
{
"version_value" : "2.5.0.2"
"version_value": "2.5.0.2"
},
{
"version_value" : "2.4.0.4"
"version_value": "2.4.0.4"
},
{
"version_value" : "2.5.0.3"
"version_value": "2.5.0.3"
},
{
"version_value" : "2.5.0.4"
"version_value": "2.5.0.4"
},
{
"version_value" : "2.4.0.5"
"version_value": "2.4.0.5"
},
{
"version_value" : "2.5.0.5"
"version_value": "2.5.0.5"
},
{
"version_value" : "2.5.0.6"
"version_value": "2.5.0.6"
},
{
"version_value" : "2.5.0.7"
"version_value": "2.5.0.7"
},
{
"version_value" : "2.5.0.8"
"version_value": "2.5.0.8"
},
{
"version_value" : "2.5.0.9"
"version_value": "2.5.0.9"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259."
"lang": "eng",
"value": "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259."
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 1077123 (Cloud Orchestrator)",
"url" : "https://www.ibm.com/support/pages/node/1077123",
"name" : "https://www.ibm.com/support/pages/node/1077123"
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1077123 (Cloud Orchestrator)",
"url": "https://www.ibm.com/support/pages/node/1077123",
"name": "https://www.ibm.com/support/pages/node/1077123"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162259",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-co-cve20194398-info-disc (162259)"
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/162259",
"title": "X-Force Vulnerability Report",
"name": "ibm-co-cve20194398-info-disc (162259)"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Obtain Information",
"lang" : "eng"
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2019-10-23T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4398"
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2019-10-23T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2019-4398"
}
}

136
2019/4xxx/CVE-2019-4459.json
View File

@ -1,132 +1,132 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "H"
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "H"
},
"BM" : {
"AC" : "L",
"UI" : "R",
"C" : "L",
"PR" : "L",
"S" : "C",
"A" : "N",
"SCORE" : "5.400",
"I" : "L",
"AV" : "N"
"BM": {
"AC": "L",
"UI": "R",
"C": "L",
"PR": "L",
"S": "C",
"A": "N",
"SCORE": "5.400",
"I": "L",
"AV": "N"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "2.4"
"version_value": "2.4"
},
{
"version_value" : "2.4.0.1"
"version_value": "2.4.0.1"
},
{
"version_value" : "2.4.0.2"
"version_value": "2.4.0.2"
},
{
"version_value" : "2.5"
"version_value": "2.5"
},
{
"version_value" : "2.5.0.1"
"version_value": "2.5.0.1"
},
{
"version_value" : "2.4.0.3"
"version_value": "2.4.0.3"
},
{
"version_value" : "2.5.0.2"
"version_value": "2.5.0.2"
},
{
"version_value" : "2.4.0.4"
"version_value": "2.4.0.4"
},
{
"version_value" : "2.5.0.3"
"version_value": "2.5.0.3"
},
{
"version_value" : "2.5.0.4"
"version_value": "2.5.0.4"
},
{
"version_value" : "2.4.0.5"
"version_value": "2.4.0.5"
},
{
"version_value" : "2.5.0.5"
"version_value": "2.5.0.5"
},
{
"version_value" : "2.5.0.6"
"version_value": "2.5.0.6"
},
{
"version_value" : "2.5.0.7"
"version_value": "2.5.0.7"
},
{
"version_value" : "2.5.0.8"
"version_value": "2.5.0.8"
},
{
"version_value" : "2.5.0.9"
"version_value": "2.5.0.9"
}
]
},
"product_name" : "Cloud Orchestrator"
"product_name": "Cloud Orchestrator"
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163656."
"lang": "eng",
"value": "IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163656."
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/pages/node/1096342",
"url" : "https://www.ibm.com/support/pages/node/1096342",
"title" : "IBM Security Bulletin 1096342 (Cloud Orchestrator)",
"refsource" : "CONFIRM"
"name": "https://www.ibm.com/support/pages/node/1096342",
"url": "https://www.ibm.com/support/pages/node/1096342",
"title": "IBM Security Bulletin 1096342 (Cloud Orchestrator)",
"refsource": "CONFIRM"
},
{
"name" : "ibm-co-cve20194459-xss (163656)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/163656",
"refsource" : "XF"
"name": "ibm-co-cve20194459-xss (163656)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163656",
"refsource": "XF"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2019-4459",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-10-23T00:00:00",
"STATE" : "PUBLIC"
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-4459",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-10-23T00:00:00",
"STATE": "PUBLIC"
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}

106
2019/4xxx/CVE-2019-4486.json
View File

@ -1,36 +1,36 @@
{
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Cross-Site Scripting",
"lang" : "eng"
"value": "Cross-Site Scripting",
"lang": "eng"
}
]
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2019-4486",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-10-22T00:00:00"
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"ID": "CVE-2019-4486",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-10-22T00:00:00"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name" : "Maximo Asset Management",
"version" : {
"version_data" : [
"product_name": "Maximo Asset Management",
"version": {
"version_data": [
{
"version_value" : "7.6"
"version_value": "7.6"
}
]
}
@ -41,49 +41,49 @@
]
}
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164070.",
"lang" : "eng"
"value": "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164070.",
"lang": "eng"
}
]
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/pages/node/1075023",
"title" : "IBM Security Bulletin 1075023 (Maximo Asset Management)",
"url" : "https://www.ibm.com/support/pages/node/1075023",
"refsource" : "CONFIRM"
"name": "https://www.ibm.com/support/pages/node/1075023",
"title": "IBM Security Bulletin 1075023 (Maximo Asset Management)",
"url": "https://www.ibm.com/support/pages/node/1075023",
"refsource": "CONFIRM"
},
{
"name" : "ibm-maximo-cve20194486-xss (164070)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/164070",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
"name": "ibm-maximo-cve20194486-xss (164070)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/164070",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"AC" : "L",
"C" : "L",
"S" : "C",
"PR" : "L",
"SCORE" : "5.400",
"A" : "N",
"AV" : "N",
"I" : "L"
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"UI": "R",
"AC": "L",
"C": "L",
"S": "C",
"PR": "L",
"SCORE": "5.400",
"A": "N",
"AV": "N",
"I": "L"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "H"
"TM": {
"RC": "C",
"RL": "O",
"E": "H"
}
}
}