diff --git a/2019/17xxx/CVE-2019-17501.json b/2019/17xxx/CVE-2019-17501.json new file mode 100644 index 00000000000..5a83bc8c3f1 --- /dev/null +++ b/2019/17xxx/CVE-2019-17501.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17501", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Centreon 19.04 allows attackers to execute arbitrary OS commands via the Command Line field of main.php?p=60807&type=4 (aka the Configuration > Commands > Discovery screen)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b", + "url": "https://gist.github.com/sinfulz/ef49270e245df050af59cc3dd3eefa6b" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17539.json b/2019/17xxx/CVE-2019-17539.json new file mode 100644 index 00000000000..602cf00cf96 --- /dev/null +++ b/2019/17xxx/CVE-2019-17539.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17539", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c", + "refsource": "MISC", + "name": "https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17540.json b/2019/17xxx/CVE-2019-17540.json new file mode 100644 index 00000000000..2bd39cf671a --- /dev/null +++ b/2019/17xxx/CVE-2019-17540.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-16%7D", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-16%7D" + }, + { + "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17541.json b/2019/17xxx/CVE-2019-17541.json new file mode 100644 index 00000000000..f3dde5cb30a --- /dev/null +++ b/2019/17xxx/CVE-2019-17541.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ImageMagick/ImageMagick/issues/1641", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/issues/1641" + }, + { + "url": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493" + }, + { + "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-54...7.0.8-55" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17542.json b/2019/17xxx/CVE-2019-17542.json new file mode 100644 index 00000000000..16a46c6cbef --- /dev/null +++ b/2019/17xxx/CVE-2019-17542.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2", + "refsource": "MISC", + "name": "https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17543.json b/2019/17xxx/CVE-2019-17543.json new file mode 100644 index 00000000000..563adc33e96 --- /dev/null +++ b/2019/17xxx/CVE-2019-17543.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/lz4/lz4/pull/756", + "refsource": "MISC", + "name": "https://github.com/lz4/lz4/pull/756" + }, + { + "url": "https://github.com/lz4/lz4/pull/760", + "refsource": "MISC", + "name": "https://github.com/lz4/lz4/pull/760" + }, + { + "url": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "refsource": "MISC", + "name": "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17544.json b/2019/17xxx/CVE-2019-17544.json new file mode 100644 index 00000000000..423d7091976 --- /dev/null +++ b/2019/17xxx/CVE-2019-17544.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17544", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \\ character." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GNUAspell/aspell/commit/80fa26c74279fced8d778351cff19d1d8f44fe4e", + "refsource": "MISC", + "name": "https://github.com/GNUAspell/aspell/commit/80fa26c74279fced8d778351cff19d1d8f44fe4e" + }, + { + "url": "https://github.com/GNUAspell/aspell/compare/rel-0.60.7...rel-0.60.8", + "refsource": "MISC", + "name": "https://github.com/GNUAspell/aspell/compare/rel-0.60.7...rel-0.60.8" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16109", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16109" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17545.json b/2019/17xxx/CVE-2019-17545.json new file mode 100644 index 00000000000..b9e2dae21de --- /dev/null +++ b/2019/17xxx/CVE-2019-17545.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17545", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb", + "refsource": "MISC", + "name": "https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17546.json b/2019/17xxx/CVE-2019-17546.json new file mode 100644 index 00000000000..c7f2e639b45 --- /dev/null +++ b/2019/17xxx/CVE-2019-17546.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17546", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a \"Negative-size-param\" condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf", + "refsource": "MISC", + "name": "https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf" + }, + { + "url": "https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145", + "refsource": "MISC", + "name": "https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17547.json b/2019/17xxx/CVE-2019-17547.json new file mode 100644 index 00000000000..afdc6e4a334 --- /dev/null +++ b/2019/17xxx/CVE-2019-17547.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537" + }, + { + "url": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62", + "refsource": "MISC", + "name": "https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62" + } + ] + } +} \ No newline at end of file