"-Synchronized-Data."

2025-05-06 18:53:08 +00:00 · 2019-09-26 18:00:59 +00:00 · 2019-09-26 18:00:59 +00:00 · ee8ce0e777
commit ee8ce0e777
parent 21087a44f0
6 changed files with 160 additions and 1 deletions
--- a/2011/5xxx/CVE-2011-5327.json
+++ b/2011/5xxx/CVE-2011-5327.json
@ -66,6 +66,11 @@
                "url": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1",
                "refsource": "MISC",
                "name": "https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
            },
            {
                "refsource": "CONFIRM",
                "name": "https://support.f5.com/csp/article/K42315210",
                "url": "https://support.f5.com/csp/article/K42315210"
            }
        ]
    }
--- a/2019/11xxx/CVE-2019-11496.json
+++ b/2019/11xxx/CVE-2019-11496.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "An issue was discovered in Couchbase Server 5.0.0. Editing bucket settings resets credentials, and leads to authorization without credentials."
+                "value": "In versions of Couchbase Server prior to 5.0, the bucket named \"default\" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including \"default\" were changed to only allow access by authenticated users with sufficient authorization. However, users were allowed unauthenticated and unauthorized access to the \"default\" bucket if the properties of this bucket were edited. This has been fixed in versions 5.1.0 and 5.5.0."
            }
        ]
    },
--- a/2019/14xxx/CVE-2019-14540.json
+++ b/2019/14xxx/CVE-2019-14540.json
@ -86,6 +86,11 @@
                "refsource": "MLIST",
                "name": "[hbase-issues] 20190926 [GitHub] [hbase-connectors] SteNicholas opened a new pull request #45: HBASE-23075 Upgrade jackson version",
                "url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E"
            },
            {
                "refsource": "MLIST",
                "name": "[hbase-issues] 20190926 [jira] [Updated] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540",
                "url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E"
            }
        ]
    }
--- a/2019/16xxx/CVE-2019-16335.json
+++ b/2019/16xxx/CVE-2019-16335.json
@ -71,6 +71,11 @@
                "refsource": "MLIST",
                "name": "[hbase-issues] 20190926 [GitHub] [hbase-connectors] SteNicholas opened a new pull request #45: HBASE-23075 Upgrade jackson version",
                "url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E"
            },
            {
                "refsource": "MLIST",
                "name": "[hbase-issues] 20190926 [jira] [Updated] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540",
                "url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E"
            }
        ]
    }
--- a/2019/16xxx/CVE-2019-16914.json
+++ b/2019/16xxx/CVE-2019-16914.json
@ -0,0 +1,72 @@
 {
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-16914",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "url": "https://redmine.pfsense.org/issues/9609",
                "refsource": "MISC",
                "name": "https://redmine.pfsense.org/issues/9609"
            },
            {
                "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f",
                "refsource": "MISC",
                "name": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f"
            },
            {
                "url": "https://www.seebug.org/vuldb/ssvid-98023",
                "refsource": "MISC",
                "name": "https://www.seebug.org/vuldb/ssvid-98023"
            }
        ]
    }
 }
--- a/2019/16xxx/CVE-2019-16915.json
+++ b/2019/16xxx/CVE-2019-16915.json
@ -0,0 +1,72 @@
 {
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-16915",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "url": "https://redmine.pfsense.org/issues/9610",
                "refsource": "MISC",
                "name": "https://redmine.pfsense.org/issues/9610"
            },
            {
                "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5",
                "refsource": "MISC",
                "name": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5"
            },
            {
                "url": "https://www.seebug.org/vuldb/ssvid-98024",
                "refsource": "MISC",
                "name": "https://www.seebug.org/vuldb/ssvid-98024"
            }
        ]
    }
 }