From e2129e516d408f1df8a58425740315f7196fce5b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 7 Oct 2019 15:01:03 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2015/9xxx/CVE-2015-9450.json | 72 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9451.json | 72 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9452.json | 72 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9453.json | 72 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9454.json | 72 +++++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9455.json | 67 +++++++++++++++++++++++++++++ 2015/9xxx/CVE-2015-9456.json | 77 ++++++++++++++++++++++++++++++++++ 2019/12xxx/CVE-2019-12811.json | 56 ++++++++++++++++++++++--- 2019/12xxx/CVE-2019-12812.json | 56 ++++++++++++++++++++++--- 2019/15xxx/CVE-2019-15746.json | 5 --- 2019/15xxx/CVE-2019-15749.json | 5 --- 2019/15xxx/CVE-2019-15751.json | 5 --- 2019/17xxx/CVE-2019-17315.json | 62 +++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17316.json | 62 +++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17317.json | 62 +++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17318.json | 62 +++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17319.json | 62 +++++++++++++++++++++++++++ 2019/3xxx/CVE-2019-3688.json | 4 +- 18 files changed, 916 insertions(+), 29 deletions(-) create mode 100644 2015/9xxx/CVE-2015-9450.json create mode 100644 2015/9xxx/CVE-2015-9451.json create mode 100644 2015/9xxx/CVE-2015-9452.json create mode 100644 2015/9xxx/CVE-2015-9453.json create mode 100644 2015/9xxx/CVE-2015-9454.json create mode 100644 2015/9xxx/CVE-2015-9455.json create mode 100644 2015/9xxx/CVE-2015-9456.json create mode 100644 2019/17xxx/CVE-2019-17315.json create mode 100644 2019/17xxx/CVE-2019-17316.json create mode 100644 2019/17xxx/CVE-2019-17317.json create mode 100644 2019/17xxx/CVE-2019-17318.json create mode 100644 2019/17xxx/CVE-2019-17319.json diff --git a/2015/9xxx/CVE-2015-9450.json b/2015/9xxx/CVE-2015-9450.json new file mode 100644 index 00000000000..e9d0e76898c --- /dev/null +++ b/2015/9xxx/CVE-2015-9450.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8340", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8340" + }, + { + "url": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9451.json b/2015/9xxx/CVE-2015-9451.json new file mode 100644 index 00000000000..1895f6bbfed --- /dev/null +++ b/2015/9xxx/CVE-2015-9451.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_mailchimp pmfb_tid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8340", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8340" + }, + { + "url": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/plugmatter-optin-feature-box-lite/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_ec951d52aa603c9caaca8c7005b84004.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9452.json b/2015/9xxx/CVE-2015-9452.json new file mode 100644 index 00000000000..d210c9ef987 --- /dev/null +++ b/2015/9xxx/CVE-2015-9452.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nex_forms_Id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8336", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8336" + }, + { + "url": "https://wordpress.org/plugins/nex-forms-express-wp-form-builder/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/nex-forms-express-wp-form-builder/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_cb24b6204803e8e94943b198edc37af7.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_cb24b6204803e8e94943b198edc37af7.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9453.json b/2015/9xxx/CVE-2015-9453.json new file mode 100644 index 00000000000..a875a632be0 --- /dev/null +++ b/2015/9xxx/CVE-2015-9453.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8333", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8333" + }, + { + "url": "https://wordpress.org/plugins/broken-link-manager/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/broken-link-manager/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_b677bb83a6c1495f85f76faa5b13011d.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_b677bb83a6c1495f85f76faa5b13011d.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9454.json b/2015/9xxx/CVE-2015-9454.json new file mode 100644 index 00000000000..5b0dcc71773 --- /dev/null +++ b/2015/9xxx/CVE-2015-9454.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8284", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8284" + }, + { + "url": "https://wordpress.org/plugins/smooth-slider/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/smooth-slider/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_36e814da6ac4dd903be2c77cfbdd0afd.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_36e814da6ac4dd903be2c77cfbdd0afd.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9455.json b/2015/9xxx/CVE-2015-9455.json new file mode 100644 index 00000000000..c021f4cced4 --- /dev/null +++ b/2015/9xxx/CVE-2015-9455.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security.dxw.com/advisories/csrf-and-arbitrary-file-deletion-in-buddypress-activity-plus-1-5/", + "refsource": "MISC", + "name": "https://security.dxw.com/advisories/csrf-and-arbitrary-file-deletion-in-buddypress-activity-plus-1-5/" + }, + { + "url": "https://wordpress.org/plugins/buddypress-activity-plus/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/buddypress-activity-plus/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9456.json b/2015/9xxx/CVE-2015-9456.json new file mode 100644 index 00000000000..5edd1f87a1c --- /dev/null +++ b/2015/9xxx/CVE-2015-9456.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8315", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8315" + }, + { + "url": "https://wordpress.org/plugins/orbisius-child-theme-creator/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/orbisius-child-theme-creator/#developers" + }, + { + "url": "http://cinu.pl/research/wp-plugins/mail_28c91eee00e8e4b5868ebc58b5b1f730.html", + "refsource": "MISC", + "name": "http://cinu.pl/research/wp-plugins/mail_28c91eee00e8e4b5868ebc58b5b1f730.html" + }, + { + "refsource": "CONFIRM", + "name": "https://wpvulndb.com/vulnerabilities/8315", + "url": "https://wpvulndb.com/vulnerabilities/8315" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12811.json b/2019/12xxx/CVE-2019-12811.json index 7b07ed06524..1610ec4b670 100644 --- a/2019/12xxx/CVE-2019-12811.json +++ b/2019/12xxx/CVE-2019-12811.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "vuln@krcert.or.kr", "ID": "CVE-2019-12811", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MyBuilder", + "version": { + "version_data": [ + { + "version_value": "prior to 6.2.2019.814" + } + ] + } + } + ] + }, + "vendor_name": "ACTIVESOFT" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155", + "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155" } ] } diff --git a/2019/12xxx/CVE-2019-12812.json b/2019/12xxx/CVE-2019-12812.json index 83d4503d902..8ed03068bb4 100644 --- a/2019/12xxx/CVE-2019-12812.json +++ b/2019/12xxx/CVE-2019-12812.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "vuln@krcert.or.kr", "ID": "CVE-2019-12812", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MyBuilder", + "version": { + "version_data": [ + { + "version_value": "prior to 6.2.2019.814" + } + ] + } + } + ] + }, + "vendor_name": "ACTIVESOFT" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. This can be leveraged for code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155", + "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35155" } ] } diff --git a/2019/15xxx/CVE-2019-15746.json b/2019/15xxx/CVE-2019-15746.json index 29a3cd4aa3a..bcc33e94fe1 100644 --- a/2019/15xxx/CVE-2019-15746.json +++ b/2019/15xxx/CVE-2019-15746.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.sitos.at/sitossix/", - "refsource": "MISC", - "name": "https://www.sitos.at/sitossix/" - }, { "refsource": "MISC", "name": "https://www.contextis.com/en/resources/advisories/cve-2019-15746", diff --git a/2019/15xxx/CVE-2019-15749.json b/2019/15xxx/CVE-2019-15749.json index 0912a2cf7e0..b9e0263577d 100644 --- a/2019/15xxx/CVE-2019-15749.json +++ b/2019/15xxx/CVE-2019-15749.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.sitos.at/sitossix/", - "refsource": "MISC", - "name": "https://www.sitos.at/sitossix/" - }, { "refsource": "MISC", "name": "https://www.contextis.com/en/resources/advisories/cve-2019-15749", diff --git a/2019/15xxx/CVE-2019-15751.json b/2019/15xxx/CVE-2019-15751.json index 4e3f323a6f7..d3c09d1e822 100644 --- a/2019/15xxx/CVE-2019-15751.json +++ b/2019/15xxx/CVE-2019-15751.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.sitos.at/sitossix/", - "refsource": "MISC", - "name": "https://www.sitos.at/sitossix/" - }, { "refsource": "MISC", "name": "https://www.contextis.com/en/resources/advisories/cve-2019-15751", diff --git a/2019/17xxx/CVE-2019-17315.json b/2019/17xxx/CVE-2019-17315.json new file mode 100644 index 00000000000..7ff928ac5e6 --- /dev/null +++ b/2019/17xxx/CVE-2019-17315.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17315", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-042/", + "refsource": "MISC", + "name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-042/" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17316.json b/2019/17xxx/CVE-2019-17316.json new file mode 100644 index 00000000000..0195f8af6c3 --- /dev/null +++ b/2019/17xxx/CVE-2019-17316.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-043/", + "refsource": "MISC", + "name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-043/" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17317.json b/2019/17xxx/CVE-2019-17317.json new file mode 100644 index 00000000000..95599162ca2 --- /dev/null +++ b/2019/17xxx/CVE-2019-17317.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-044/", + "refsource": "MISC", + "name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-044/" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17318.json b/2019/17xxx/CVE-2019-17318.json new file mode 100644 index 00000000000..28286391e13 --- /dev/null +++ b/2019/17xxx/CVE-2019-17318.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-046/", + "refsource": "MISC", + "name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-046/" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17319.json b/2019/17xxx/CVE-2019-17319.json new file mode 100644 index 00000000000..80d862c635d --- /dev/null +++ b/2019/17xxx/CVE-2019-17319.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-047/", + "refsource": "MISC", + "name": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-047/" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3688.json b/2019/3xxx/CVE-2019-3688.json index 3de6fb3e767..bf46095730d 100644 --- a/2019/3xxx/CVE-2019-3688.json +++ b/2019/3xxx/CVE-2019-3688.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security@suse.de", + "ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2018-05-15T00:00:00.000Z", "ID": "CVE-2019-3688", "STATE": "PUBLIC", @@ -101,4 +101,4 @@ ], "discovery": "UNKNOWN" } -} +} \ No newline at end of file