admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-05-15 16:00:58 +00:00
parent 28a947b876
commit e4addc1db5
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
12 changed files with 279 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
2016/7xxx/CVE-2016-7043.json
View File

@ -4,7 +4,8 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7043",
"ASSIGNER": "lpardo@redhat.com"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

2
2019/3xxx/CVE-2019-3586.json
View File

@ -37,7 +37,7 @@
"description_data": [
{
"lang": "eng",
"value": "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.\n"
"value": "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection."
}
]
},

2
2019/3xxx/CVE-2019-3602.json
View File

@ -37,7 +37,7 @@
"description_data": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML.\n"
"value": "Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML."
}
]
},

4
2019/3xxx/CVE-2019-3724.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-05-09T05:00:00.000Z",
"ID": "CVE-2019-3724",
"STATE": "PUBLIC",
@ -51,7 +51,7 @@
"credit": [
{
"lang": "eng",
"value": "\t\nRSA would like to thank Mantas Juškauskas for reporting CVE-2019-3724."
"value": "\t\nRSA would like to thank Mantas Ju\u0161kauskas for reporting CVE-2019-3724."
}
],
"data_format": "MITRE",

2
2019/3xxx/CVE-2019-3725.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-05-09T05:00:00.000Z",
"ID": "CVE-2019-3725",
"STATE": "PUBLIC",

7
2019/3xxx/CVE-2019-3727.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-05-14T05:00:00.000Z",
"ID": "CVE-2019-3727",
"STATE": "PUBLIC",
@ -81,8 +81,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability"
"refsource": "MISC",
"url": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability",
"name": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability"
}
]
},

58
2019/5xxx/CVE-2019-5526.json
View File

@ -1,17 +1,61 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5526",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5526",
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware Workstation",
"version": {
"version_data": [
{
"version_value": "VMware Workstation (15.x before 15.1.0)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL hijacking vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0007.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0007.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed."
}
]
}

63
2019/5xxx/CVE-2019-5597.json
View File

@ -1,17 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5597",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5597",
"ASSIGNER": "secteam@freebsd.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "FreeBSD",
"version": {
"version_data": [
{
"version_value": "FreeBSD 11.2 before 11.2-RELEASE-p10 and 12.0 before 12.0-RELEASE-p4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc"
},
{
"refsource": "MISC",
"name": "https://www.synacktiv.com/ressources/Synacktiv_OpenBSD_PacketFilter_CVE-2019-5597_ipv6_frag.pdf",
"url": "https://www.synacktiv.com/ressources/Synacktiv_OpenBSD_PacketFilter_CVE-2019-5597_ipv6_frag.pdf"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of the first packet allowing maliciously crafted IPv6 packets to cause a crash or potentially bypass the packet filter."
}
]
}

63
2019/5xxx/CVE-2019-5598.json
View File

@ -1,17 +1,66 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5598",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-5598",
"ASSIGNER": "secteam@freebsd.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "FreeBSD",
"version": {
"version_data": [
{
"version_value": "FreeBSD 11.2 before 11.2-RELEASE-p10 and 12.0 before 12.0-RELEASE-p4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc"
},
{
"refsource": "MISC",
"name": "https://www.synacktiv.com/posts/systems/icmp-reachable.html",
"url": "https://www.synacktiv.com/posts/systems/icmp-reachable.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable."
}
]
}

5
2019/6xxx/CVE-2019-6578.json
View File

@ -58,6 +58,11 @@
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
},
{
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-134-05",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-134-05"
}
]
},

98
2019/8xxx/CVE-2019-8936.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8936",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,78 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NTP through 4.2.8p12 has a NULL Pointer Dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "GENTOO",
"name": "GLSA-201903-15",
"url": "https://security.gentoo.org/glsa/201903-15"
},
{
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice",
"refsource": "MISC",
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1143",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1158",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-b0c7f0d94a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-694e3aa4e8",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2019-f781d5c4c6",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190503-0001/",
"url": "https://security.netapp.com/advisory/ntap-20190503-0001/"
},
{
"refsource": "FREEBSD",
"name": "FreeBSD-SA-19:04",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc"
},
{
"refsource": "BUGTRAQ",
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:04.ntp",
"url": "https://seclists.org/bugtraq/2019/May/39"
},
{
"refsource": "CONFIRM",
"name": "http://bugs.ntp.org/show_bug.cgi?id=3565",
"url": "http://bugs.ntp.org/show_bug.cgi?id=3565"
}
]
}