admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #105 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2019-02-19 11:21:06 -05:00 committed by GitHub
commit f0748ac437
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
688 changed files with 15801 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
2013/2xxx/CVE-2013-2516.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2013-02-24",
"ID" : "CVE-2013-2516",
"STATE" : "RESERVED"
"REQUESTER" : "cve-assign@mtire.org",
"STATE" : "PUBLIC",
"UPDATED" : "2019-02-12T11:31Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "FileUtils",
"version" : {
"version_data" : [
{
"version_affected" : "<=",
"version_value" : "0.7"
}
]
}
}
]
},
"vendor_name" : "Stefaan Colman"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Fileutils 0.7 Ruby Gem remote command execution and insecure file handling in /tmp"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://rubygems.org/gems/fileutils",
"refsource" : "MISC",
"url" : "http://rubygems.org/gems/fileutils"
},
{
"name" : "http://www.vapidlabs.com/advisory.php?v=36",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=36"
}
]
}

59
2013/2xxx/CVE-2013-2565.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2012-01-02",
"ID" : "CVE-2013-2565",
"STATE" : "RESERVED"
"REQUESTER" : "cve-assign@mitre.org",
"STATE" : "PUBLIC",
"UPDATED" : "2019-02-11T10:41Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Mambo CMS",
"version" : {
"version_data" : [
{
"version_affected" : "<=",
"version_value" : "4.6.5"
}
]
}
}
]
},
"vendor_name" : "Mambo"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Mambo CMS vulnerabilities"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://sourceforge.net/projects/mambo/",
"refsource" : "MISC",
"url" : "http://sourceforge.net/projects/mambo/"
},
{
"name" : "http://www.vapidlabs.com/advisory.php?v=75",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=75"
}
]
}

59
2013/5xxx/CVE-2013-5654.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2014-05-14",
"ID" : "CVE-2013-5654",
"STATE" : "RESERVED"
"REQUESTER" : "cve-assign@mitre.org",
"STATE" : "PUBLIC",
"UPDATED" : "2019-02-13T14:41Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "YingZhi Python Programming Language",
"version" : {
"version_data" : [
{
"version_affected" : "<=",
"version_value" : "1.9"
}
]
}
}
]
},
"vendor_name" : "YingZhi"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary file upload vulnerability in YingZhi Python Programming Language for iOS"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744",
"refsource" : "MISC",
"url" : "http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744"
},
{
"name" : "http://www.vapidlabs.com/advisory.php?v=94",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=94"
}
]
}

18
2013/7xxx/CVE-2013-7469.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-7469",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2014/1000xxx/CVE-2014-1000000.json
View File

@ -1,8 +1,9 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_ASSIGNED" : "2019-02-04",
"ID" : "CVE-2014-1000000",
"STATE" : "RESERVED"
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +12,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. This CVE id is an example number in https://cve.mitre.org/cve/identifiers/syntaxchange.html. Notes: none."
}
]
}

59
2015/4xxx/CVE-2015-4615.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2015-06-08",
"ID" : "CVE-2015-4615",
"STATE" : "RESERVED"
"REQUESTER" : "cve-assign@mitre.org",
"STATE" : "PUBLIC",
"UPDATED" : "2019-02-13T10:41Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Easy2map-photos WordPress Plugin",
"version" : {
"version_data" : [
{
"version_affected" : "1.09",
"version_value" : "1.09"
}
]
}
}
]
},
"vendor_name" : "Steven Ellis"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection in easy2map-photos wordpress plugin v1.09"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.vapid.dhs.org/advisory.php?v=130",
"refsource" : "MISC",
"url" : "http://www.vapid.dhs.org/advisory.php?v=130"
},
{
"name" : "https://wordpress.org/plugins/easy2map-photos",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/easy2map-photos"
}
]
}

59
2015/4xxx/CVE-2015-4617.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "larry0@me.com",
"DATE_ASSIGNED" : "2015-06-08",
"ID" : "CVE-2015-4617",
"STATE" : "RESERVED"
"REQUESTER" : "cve-assign@mitre.org",
"STATE" : "PUBLIC",
"UPDATED" : "2019-02-13T10:41Z"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Easy2map-photos WordPress Plugin",
"version" : {
"version_data" : [
{
"version_affected" : "1.09",
"version_value" : "1.09"
}
]
}
}
]
},
"vendor_name" : "Steven Ellis"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Path traversal in easy2map-photos wordpress plugin v1.09"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.vapidlabs.com/advisory.php?v=130",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=130"
},
{
"name" : "https://wordpress.org/plugins/easy2map-photos",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/easy2map-photos"
}
]
}

67
2016/10xxx/CVE-2016-10742.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10742",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.zabbix.com/browse/ZBX-10272",
"refsource" : "MISC",
"url" : "https://support.zabbix.com/browse/ZBX-10272"
},
{
"name" : "https://support.zabbix.com/browse/ZBX-13133",
"refsource" : "MISC",
"url" : "https://support.zabbix.com/browse/ZBX-13133"
}
]
}
}

5
2017/1000xxx/CVE-2017-1000000.json
View File

@ -1,8 +1,9 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"DATE_ASSIGNED" : "2019-02-04",
"ID" : "CVE-2017-1000000",
"STATE" : "RESERVED"
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +12,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. This issue lacks details and cannot be determined if it is a security issue or not. Notes: none."
}
]
}

5
2017/10xxx/CVE-2017-10140.json
View File

@ -61,6 +61,11 @@
"name" : "http://www.postfix.org/announcements/postfix-3.2.2.html",
"refsource" : "CONFIRM",
"url" : "http://www.postfix.org/announcements/postfix-3.2.2.html"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
}
]
}

10
2017/15xxx/CVE-2017-15710.json
View File

@ -94,6 +94,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

10
2017/15xxx/CVE-2017-15715.json
View File

@ -83,6 +83,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

84
2017/1xxx/CVE-2017-1695.json
View File

@ -1,8 +1,35 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-06T00:00:00",
"ID" : "CVE-2017-1695",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
{
"version_value" : "7.2"
},
{
"version_value" : "7.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +38,58 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 134177."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.900",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10719107"
},
{
"name" : "107060",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107060"
},
{
"name" : "ibm-qradar-cve20171695-info-disc(134177)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134177"
}
]
}

5
2018/0xxx/CVE-2018-0495.json
View File

@ -117,6 +117,11 @@
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3850-1/"
},
{
"name" : "USN-3850-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3850-2/"
},
{
"name" : "1041144",
"refsource" : "SECTRACK",

10
2018/0xxx/CVE-2018-0739.json
View File

@ -175,6 +175,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3611-1",
"refsource" : "UBUNTU",

10
2018/1000xxx/CVE-2018-1000168.json
View File

@ -65,6 +65,16 @@
"refsource" : "CONFIRM",
"url" : "https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "103952",
"refsource" : "BID",

15
2018/1000xxx/CVE-2018-1000632.json
View File

@ -79,6 +79,21 @@
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "RHSA-2019:0362",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0362"
},
{
"name" : "RHSA-2019:0364",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0364"
},
{
"name" : "RHSA-2019:0365",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0365"
}
]
}

5
2018/10xxx/CVE-2018-10561.json
View File

@ -61,6 +61,11 @@
"name" : "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/",
"refsource" : "MISC",
"url" : "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/"
},
{
"name" : "107053",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107053"
}
]
}

5
2018/10xxx/CVE-2018-10562.json
View File

@ -61,6 +61,11 @@
"name" : "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/",
"refsource" : "MISC",
"url" : "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/"
},
{
"name" : "107053",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107053"
}
]
}

10
2018/11xxx/CVE-2018-11759.json
View File

@ -67,6 +67,16 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4357"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "105888",
"refsource" : "BID",

10
2018/11xxx/CVE-2018-11763.json
View File

@ -78,6 +78,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3783-1",
"refsource" : "UBUNTU",

50
2018/12xxx/CVE-2018-12159.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2018-12159",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Buffer overflow in the command-line interface for Intel(R) PROSet Wireless v20.50 and before may allow an authenticated user to potentially enable denial of service via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00169.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00169.html"
}
]
}

15
2018/14xxx/CVE-2018-14642.json
View File

@ -66,6 +66,21 @@
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642"
},
{
"name" : "RHSA-2019:0362",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0362"
},
{
"name" : "RHSA-2019:0364",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0364"
},
{
"name" : "RHSA-2019:0365",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0365"
}
]
}

5
2018/15xxx/CVE-2018-15319.json
View File

@ -56,6 +56,11 @@
"name" : "https://support.f5.com/csp/article/K64208870",
"refsource" : "CONFIRM",
"url" : "https://support.f5.com/csp/article/K64208870"
},
{
"name" : "107052",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107052"
}
]
}

5
2018/16xxx/CVE-2018-16864.json
View File

@ -107,6 +107,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0342"
},
{
"name" : "RHSA-2019:0361",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0361"
},
{
"name" : "USN-3855-1",
"refsource" : "UBUNTU",

5
2018/16xxx/CVE-2018-16865.json
View File

@ -107,6 +107,11 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0342"
},
{
"name" : "RHSA-2019:0361",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0361"
},
{
"name" : "USN-3855-1",
"refsource" : "UBUNTU",

5
2018/17xxx/CVE-2018-17000.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190218 [SECURITY] [DLA 1680-1] tiff security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00026.html"
},
{
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2811",
"refsource" : "MISC",

5
2018/17xxx/CVE-2018-17481.json
View File

@ -73,6 +73,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4352"
},
{
"name" : "DSA-4395",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4395"
},
{
"name" : "RHSA-2018:3803",
"refsource" : "REDHAT",

20
2018/18xxx/CVE-2018-18356.json
View File

@ -53,6 +53,16 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190215 [SECURITY] [DLA 1677-1] firefox-esr security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00023.html"
},
{
"name" : "[debian-lts-announce] 20190216 [SECURITY] [DLA 1678-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html"
},
{
"name" : "https://crbug.com/883666",
"refsource" : "MISC",
@ -68,6 +78,16 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4352"
},
{
"name" : "DSA-4391",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4391"
},
{
"name" : "DSA-4392",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4392"
},
{
"name" : "RHSA-2018:3803",
"refsource" : "REDHAT",

10
2018/18xxx/CVE-2018-18500.json
View File

@ -80,6 +80,11 @@
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html"
},
{
"name" : "[debian-lts-announce] 20190216 [SECURITY] [DLA 1678-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2019-01/",
"refsource" : "CONFIRM",
@ -100,6 +105,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4376"
},
{
"name" : "DSA-4392",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4392"
},
{
"name" : "RHSA-2019:0218",
"refsource" : "REDHAT",

10
2018/18xxx/CVE-2018-18501.json
View File

@ -80,6 +80,11 @@
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html"
},
{
"name" : "[debian-lts-announce] 20190216 [SECURITY] [DLA 1678-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2019-01/",
"refsource" : "CONFIRM",
@ -100,6 +105,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4376"
},
{
"name" : "DSA-4392",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4392"
},
{
"name" : "RHSA-2019:0218",
"refsource" : "REDHAT",

10
2018/18xxx/CVE-2018-18505.json
View File

@ -80,6 +80,11 @@
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html"
},
{
"name" : "[debian-lts-announce] 20190216 [SECURITY] [DLA 1678-1] thunderbird security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1087565",
"refsource" : "CONFIRM",
@ -105,6 +110,11 @@
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4376"
},
{
"name" : "DSA-4392",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4392"
},
{
"name" : "RHSA-2019:0218",
"refsource" : "REDHAT",

5
2018/19xxx/CVE-2018-19210.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190218 [SECURITY] [DLA 1680-1] tiff security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00026.html"
},
{
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2820",
"refsource" : "MISC",

5
2018/19xxx/CVE-2018-19908.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "46401",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46401/"
},
{
"name" : "https://github.com/MISP/MISP/commit/211ac0737281b65e7da160f0aac52f401a94e1a3",
"refsource" : "MISC",

10
2018/1xxx/CVE-2018-1283.json
View File

@ -83,6 +83,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

10
2018/1xxx/CVE-2018-1301.json
View File

@ -88,6 +88,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

10
2018/1xxx/CVE-2018-1302.json
View File

@ -73,6 +73,16 @@
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3783-1",
"refsource" : "UBUNTU",

10
2018/1xxx/CVE-2018-1303.json
View File

@ -83,6 +83,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

10
2018/1xxx/CVE-2018-1312.json
View File

@ -88,6 +88,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3627-1",
"refsource" : "UBUNTU",

10
2018/1xxx/CVE-2018-1333.json
View File

@ -87,6 +87,16 @@
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "RHSA-2019:0366",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0366"
},
{
"name" : "RHSA-2019:0367",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2019:0367"
},
{
"name" : "USN-3783-1",
"refsource" : "UBUNTU",

76
2018/1xxx/CVE-2018-1701.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-16T00:00:00",
"ID" : "CVE-2018-1701",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,53 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"AC" : "H",
"AV" : "N",
"C" : "H",
"I" : "H",
"PR" : "L",
"S" : "C",
"SCORE" : "8.500",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10730555"
},
{
"name" : "ibm-infosphere-cve20181701-command-exec(145970)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/145970"
}
]
}

85
2018/1xxx/CVE-2018-1727.json
View File

@ -1,8 +1,41 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-08T00:00:00",
"ID" : "CVE-2018-1727",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "9.1"
},
{
"version_value" : "11.3"
},
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +44,53 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "L",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "7.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10718887"
},
{
"name" : "ibm-infosphere-cve20181727-xxe(147630)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147630"
}
]
}

82
2018/1xxx/CVE-2018-1895.json
View File

@ -1,8 +1,38 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-04T00:00:00",
"ID" : "CVE-2018-1895",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "InfoSphere Information Server",
"version" : {
"version_data" : [
{
"version_value" : "11.3"
},
{
"version_value" : "11.5"
},
{
"version_value" : "11.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +41,53 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10744013"
},
{
"name" : "ibm-infosphere-cve20181895-xss(152159)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/152159"
}
]
}

5
2018/20xxx/CVE-2018-20237.json
View File

@ -69,6 +69,11 @@
"name" : "https://jira.atlassian.com/browse/CONFSERVER-57814",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CONFSERVER-57814"
},
{
"name" : "107041",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107041"
}
]
}

5
2018/20xxx/CVE-2018-20238.json
View File

@ -66,6 +66,11 @@
"name" : "https://jira.atlassian.com/browse/CWD-5361",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CWD-5361"
},
{
"name" : "107036",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107036"
}
]
}

5
2018/20xxx/CVE-2018-20685.json
View File

@ -67,6 +67,11 @@
"refsource" : "MISC",
"url" : "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20190215-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190215-0001/"
},
{
"name" : "DSA-4387",
"refsource" : "DEBIAN",

5
2018/20xxx/CVE-2018-20721.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190218 [SECURITY] [DLA 1682-1] uriparser security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00028.html"
},
{
"name" : "https://github.com/uriparser/uriparser/blob/master/ChangeLog",
"refsource" : "CONFIRM",

67
2018/20xxx/CVE-2018-20782.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20782",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "46414",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46414/"
},
{
"name" : "https://github.com/GloBee-Official/woocommerce-payment-api-plugin/pull/2",
"refsource" : "MISC",
"url" : "https://github.com/GloBee-Official/woocommerce-payment-api-plugin/pull/2"
}
]
}
}

50
2018/3xxx/CVE-2018-3700.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2018-3700",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00200.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00200.html"
}
]
}

5
2018/8xxx/CVE-2018-8791.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8792.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8793.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8794.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8795.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8796.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8797.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8798.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8799.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

5
2018/8xxx/CVE-2018-8800.json
View File

@ -58,6 +58,11 @@
"refsource" : "MISC",
"url" : "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1"
},
{
"name" : "DSA-4394",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4394"
},
{
"name" : "106938",
"refsource" : "BID",

50
2019/0xxx/CVE-2019-0101.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0101",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00214.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00214.html"
}
]
}

50
2019/0xxx/CVE-2019-0102.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0102",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient session authentication in web server for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0103.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0103",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient file protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0104.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0104",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient file protection in uninstall routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0105.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0105",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0106.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0106",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0107.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0107",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient user prompt in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0108.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0108",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0109.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0109",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0110.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0110",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Insufficient key management for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0111.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0111",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0112.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0112",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}

50
2019/0xxx/CVE-2019-0127.json
View File

@ -1,9 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0127",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -12,7 +35,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and before for Linux may allow a privileged user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00222.html"
}
]
}

5
2019/0xxx/CVE-2019-0251.json
View File

@ -66,6 +66,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106993",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106993"
}
]
}

5
2019/0xxx/CVE-2019-0254.json
View File

@ -62,6 +62,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "107004",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107004"
}
]
}

5
2019/0xxx/CVE-2019-0255.json
View File

@ -96,6 +96,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106987",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106987"
}
]
}

5
2019/0xxx/CVE-2019-0256.json
View File

@ -62,6 +62,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106995",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106995"
}
]
}

5
2019/0xxx/CVE-2019-0257.json
View File

@ -86,6 +86,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106999",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106999"
}
]
}

5
2019/0xxx/CVE-2019-0258.json
View File

@ -62,6 +62,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106969",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106969"
}
]
}

5
2019/0xxx/CVE-2019-0259.json
View File

@ -66,6 +66,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106997",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106997"
}
]
}

5
2019/0xxx/CVE-2019-0261.json
View File

@ -62,6 +62,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106986",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106986"
}
]
}

5
2019/0xxx/CVE-2019-0262.json
View File

@ -66,6 +66,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106998",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106998"
}
]
}

5
2019/0xxx/CVE-2019-0265.json
View File

@ -186,6 +186,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106972",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106972"
}
]
}

5
2019/0xxx/CVE-2019-0266.json
View File

@ -62,6 +62,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106988",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106988"
}
]
}

5
2019/0xxx/CVE-2019-0267.json
View File

@ -70,6 +70,11 @@
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name" : "106990",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106990"
}
]
}

5
2019/3xxx/CVE-2019-3782.json
View File

@ -76,6 +76,11 @@
"name" : "https://www.cloudfoundry.org/blog/cve-2019-3782",
"refsource" : "CONFIRM",
"url" : "https://www.cloudfoundry.org/blog/cve-2019-3782"
},
{
"name" : "107038",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107038"
}
]
},

60
2019/3xxx/CVE-2019-3812.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psampaio@redhat.com",
"ID" : "CVE-2019-3812",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "qemu",
"version" : {
"version_data" : [
{
"version_value" : "through version 2.10 and through to 3.1.0"
}
]
}
}
]
},
"vendor_name" : "The QEMU Project"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "4.4/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-119"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812"
}
]
}

76
2019/4xxx/CVE-2019-4059.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-4059",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational ClearCase",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,53 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "7.500",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10870810"
},
{
"name" : "ibm-clearcase-cve20194059-info-disc(156583)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/156583"
}
]
}

15
2019/5xxx/CVE-2019-5736.json
View File

@ -87,6 +87,11 @@
"refsource" : "MISC",
"url" : "https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc"
},
{
"name" : "https://github.com/Frichetten/CVE-2019-5736-PoC",
"refsource" : "MISC",
"url" : "https://github.com/Frichetten/CVE-2019-5736-PoC"
},
{
"name" : "https://github.com/docker/docker-ce/releases/tag/v18.09.2",
"refsource" : "MISC",
@ -102,6 +107,11 @@
"refsource" : "MISC",
"url" : "https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d"
},
{
"name" : "https://github.com/q3k/cve-2019-5736-poc",
"refsource" : "MISC",
"url" : "https://github.com/q3k/cve-2019-5736-poc"
},
{
"name" : "https://github.com/rancher/runc-cve",
"refsource" : "MISC",
@ -122,6 +132,11 @@
"refsource" : "MISC",
"url" : "https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/"
},
{
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc",
"refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc"
},
{
"name" : "RHSA-2019:0303",
"refsource" : "REDHAT",

5
2019/6xxx/CVE-2019-6111.json
View File

@ -57,6 +57,11 @@
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46193/"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1677794",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1677794"
},
{
"name" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c",
"refsource" : "MISC",

73
2019/6xxx/CVE-2019-6453.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6453",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,53 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "46392",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46392/"
},
{
"name" : "https://github.com/proofofcalc/cve-2019-6453-poc",
"refsource" : "MISC",
"url" : "https://github.com/proofofcalc/cve-2019-6453-poc"
},
{
"name" : "https://proofofcalc.com/advisories/20190218.txt",
"refsource" : "MISC",
"url" : "https://proofofcalc.com/advisories/20190218.txt"
},
{
"name" : "https://proofofcalc.com/cve-2019-6453-mIRC/",
"refsource" : "MISC",
"url" : "https://proofofcalc.com/cve-2019-6453-mIRC/"
},
{
"name" : "https://twitter.com/proofofcalc/status/1097518413143003136",
"refsource" : "MISC",
"url" : "https://twitter.com/proofofcalc/status/1097518413143003136"
},
{
"name" : "https://www.mirc.com/news.html",
"refsource" : "MISC",
"url" : "https://www.mirc.com/news.html"
}
]
}

5
2019/6xxx/CVE-2019-6974.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "46388",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46388/"
},
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9",
"refsource" : "MISC",

7
2019/7xxx/CVE-2019-7397.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.8-25, several memory leaks exist in WritePDFImage in coders/pdf.c."
"value" : "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c."
}
]
},
@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1",
"refsource" : "MISC",
"url" : "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82",
"refsource" : "MISC",

53
2019/7xxx/CVE-2019-7399.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7399",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,33 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for \"Terms of Use\" and Privacy pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/",
"refsource" : "MISC",
"url" : "https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/"
},
{
"name" : "107025",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107025"
}
]
}

58
2019/7xxx/CVE-2019-7629.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7629",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,38 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://tintin.sourceforge.io/forum/viewtopic.php?f=1&t=2584&sid=31b77bb001faea9269bf224280960e29#p10505",
"refsource" : "MISC",
"url" : "https://tintin.sourceforge.io/forum/viewtopic.php?f=1&t=2584&sid=31b77bb001faea9269bf224280960e29#p10505"
},
{
"name" : "https://tintin.sourceforge.io/news.php",
"refsource" : "MISC",
"url" : "https://tintin.sourceforge.io/news.php"
},
{
"name" : "https://trustfoundry.net/cve-2019-7629-rce-in-an-open-source-mud-client/",
"refsource" : "MISC",
"url" : "https://trustfoundry.net/cve-2019-7629-rce-in-an-open-source-mud-client/"
}
]
}

48
2019/7xxx/CVE-2019-7649.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7649",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,28 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/arterli/CmsWing/issues/41",
"refsource" : "MISC",
"url" : "https://github.com/arterli/CmsWing/issues/41"
}
]
}

5
2019/7xxx/CVE-2019-7659.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190218 [SECURITY] [DLA 1681-1] gsoap security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00027.html"
},
{
"name" : "https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_(Jan_14,_2019)",
"refsource" : "CONFIRM",

5
2019/7xxx/CVE-2019-7663.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190218 [SECURITY] [DLA 1680-1] tiff security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00026.html"
},
{
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2833",
"refsource" : "MISC",

5
2019/7xxx/CVE-2019-7743.json
View File

@ -56,6 +56,11 @@
"name" : "https://developer.joomla.org/security-centre/770-20190206-core-implement-the-typo3-phar-stream-wrapper",
"refsource" : "MISC",
"url" : "https://developer.joomla.org/security-centre/770-20190206-core-implement-the-typo3-phar-stream-wrapper"
},
{
"name" : "107050",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107050"
}
]
}

5
2019/8xxx/CVE-2019-8341.json
View File

@ -52,6 +52,11 @@
},
"references" : {
"reference_data" : [
{
"name" : "46386",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46386/"
},
{
"name" : "https://github.com/JameelNabbo/Jinja2-Code-execution",
"refsource" : "MISC",

18
2019/8xxx/CVE-2019-8351.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8351",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

Some files were not shown because too many files have changed in this diff Show More