- Synchronized data.

2025-06-08 14:08:13 +00:00 · 2019-02-20 15:03:42 -05:00 · 2019-02-20 15:03:42 -05:00 · e40ce1bf99
commit e40ce1bf99
parent 1e720eb6da
11 changed files with 21 additions and 19 deletions
--- a/2015/5xxx/CVE-2015-5454.json
+++ b/2015/5xxx/CVE-2015-5454.json
@ -58,9 +58,9 @@
            "url" : "http://packetstormsecurity.com/files/132461/Nucleus-CMS-3.65-Cross-Site-Scripting.html"
         },
         {
-            "name" : "https://github.com/security-provensec/CVE-2015-5454/blob/master/nucleus.pdf",
+            "name" : "https://github.com/security-breachlock/CVE-2015-5454/blob/master/nucleus.pdf",
            "refsource" : "MISC",
-            "url" : "https://github.com/security-provensec/CVE-2015-5454/blob/master/nucleus.pdf"
+            "url" : "https://github.com/security-breachlock/CVE-2015-5454/blob/master/nucleus.pdf"
         },
         {
            "name" : "https://github.com/NucleusCMS/NucleusCMS/issues/83",
--- a/2016/8xxx/CVE-2016-8745.json
+++ b/2016/8xxx/CVE-2016-8745.json
@ -16,19 +16,19 @@
                        "version" : {
                           "version_data" : [
                              {
-                                  "version_value" : "9.0.0.M1 to 9.0.0.M13"
+                                 "version_value" : "9.0.0.M1 to 9.0.0.M13"
                              },
                              {
-                                  "version_value" : "8.5.0 to 8.5.8"
+                                 "version_value" : "8.5.0 to 8.5.8"
                              },
                              {
-                                  "version_value" : "8.0.0.RC1 to 8.0.39"
+                                 "version_value" : "8.0.0.RC1 to 8.0.39"
                              },
                              {
-                                  "version_value" : "7.0.0 to 7.0.73"
+                                 "version_value" : "7.0.0 to 7.0.73"
                              },
                              {
-                                  "version_value" : "6.0.16 to 6.0.48"
+                                 "version_value" : "6.0.16 to 6.0.48"
                              }
                           ]
                        }
--- a/2017/12xxx/CVE-2017-12625.json
+++ b/2017/12xxx/CVE-2017-12625.json
@ -19,7 +19,7 @@
                                 "version_value" : "2.1.x before 2.1.2"
                              },
                              {
-                                  "version_value" : "2.2.x before 2.2.1"
+                                 "version_value" : "2.2.x before 2.2.1"
                              },
                              {
                                 "version_value" : "2.3.0"
--- a/2017/15xxx/CVE-2017-15701.json
+++ b/2017/15xxx/CVE-2017-15701.json
@ -35,7 +35,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate.  Older AMQP protocols are not affected."
+            "value" : "In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected."
         }
      ]
   },
--- a/2018/16xxx/CVE-2018-16447.json
+++ b/2018/16xxx/CVE-2018-16447.json
@ -58,9 +58,9 @@
            "url" : "https://github.com/philippe/FrogCMS/issues/12"
         },
         {
-            "name" : "https://github.com/security-provensec/CVE-2018-16447/blob/master/frog_CSRF.pdf",
+            "name" : "https://github.com/security-breachlock/CVE-2018-16447/blob/master/frog_CSRF.pdf",
            "refsource" : "MISC",
-            "url" : "https://github.com/security-provensec/CVE-2018-16447/blob/master/frog_CSRF.pdf"
+            "url" : "https://github.com/security-breachlock/CVE-2018-16447/blob/master/frog_CSRF.pdf"
         }
      ]
   }
--- a/2018/19xxx/CVE-2018-19844.json
+++ b/2018/19xxx/CVE-2018-19844.json
@ -53,9 +53,9 @@
   "references" : {
      "reference_data" : [
         {
-            "name" : "https://github.com/security-provensec/CVE-2018-19844/blob/master/frog_CMS.pdf",
+            "name" : "https://github.com/security-breachlock/CVE-2018-19844/blob/master/frog_CMS.pdf",
            "refsource" : "MISC",
-            "url" : "https://github.com/security-provensec/CVE-2018-19844/blob/master/frog_CMS.pdf"
+            "url" : "https://github.com/security-breachlock/CVE-2018-19844/blob/master/frog_CMS.pdf"
         }
      ]
   }
--- a/2018/19xxx/CVE-2018-19845.json
+++ b/2018/19xxx/CVE-2018-19845.json
@ -53,9 +53,9 @@
   "references" : {
      "reference_data" : [
         {
-            "name" : "https://github.com/security-provensec/CVE-2018-19845/blob/master/XSS.pdf",
+            "name" : "https://github.com/security-breachlock/CVE-2018-19845/blob/master/XSS.pdf",
            "refsource" : "MISC",
-            "url" : "https://github.com/security-provensec/CVE-2018-19845/blob/master/XSS.pdf"
+            "url" : "https://github.com/security-breachlock/CVE-2018-19845/blob/master/XSS.pdf"
         }
      ]
   }
--- a/2018/19xxx/CVE-2018-19918.json
+++ b/2018/19xxx/CVE-2018-19918.json
@ -53,9 +53,9 @@
   "references" : {
      "reference_data" : [
         {
-            "name" : "https://github.com/security-provensec/CVE-2018-19918/blob/master/cuppa_svg.pdf",
+            "name" : "https://github.com/security-breachlock/CVE-2018-19918/blob/master/cuppa_svg.pdf",
            "refsource" : "MISC",
-            "url" : "https://github.com/security-provensec/CVE-2018-19918/blob/master/cuppa_svg.pdf"
+            "url" : "https://github.com/security-breachlock/CVE-2018-19918/blob/master/cuppa_svg.pdf"
         },
         {
            "name" : "https://github.com/CuppaCMS/CuppaCMS/issues/3",
--- a/2018/8xxx/CVE-2018-8018.json
+++ b/2018/8xxx/CVE-2018-8018.json
@ -38,7 +38,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization  mechanism does not have a list of classes allowed for  serialization/deserialization, which makes it possible to run arbitrary  code when 3-rd party vulnerable classes are present in Ignite classpath.  The vulnerability can be exploited if the one sends a specially prepared  form of a serialized object to GridClientJdkMarshaller deserialization  endpoint."
+            "value" : "In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to GridClientJdkMarshaller deserialization endpoint."
         }
      ]
   },
--- a/2018/8xxx/CVE-2018-8024.json
+++ b/2018/8xxx/CVE-2018-8024.json
@ -41,7 +41,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible  for a malicious user to construct a URL pointing to a Spark cluster's UI's  job and stage info pages, and if a user can be tricked into accessing  the URL, can be used to cause script to execute and expose information  from the user's view of the Spark UI. While some browsers like recent  versions of Chrome and Safari are able to block this type of attack,  current versions of Firefox (and possibly others) do not."
+            "value" : "In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user's view of the Spark UI. While some browsers like recent versions of Chrome and Safari are able to block this type of attack, current versions of Firefox (and possibly others) do not."
         }
      ]
   },
--- a/2019/3xxx/CVE-2019-3924.json
+++ b/2019/3xxx/CVE-2019-3924.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://www.tenable.com/security/research/tra-2019-07",
+            "refsource" : "MISC",
            "url" : "https://www.tenable.com/security/research/tra-2019-07"
         }
      ]