From f2ec34e182ed963d938b8a0e0f927ec0a4caaad0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 29 Mar 2019 14:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/8xxx/CVE-2018-8847.json | 2 +- 2019/10xxx/CVE-2019-10477.json | 82 ++++++++++++++++++++++++++++++++++ 2019/10xxx/CVE-2019-10478.json | 18 ++++++++ 2019/10xxx/CVE-2019-10479.json | 18 ++++++++ 2019/6xxx/CVE-2019-6481.json | 63 +++++++++++++++++++++++++- 2019/9xxx/CVE-2019-9604.json | 48 +++++++++++++++++++- 2019/9xxx/CVE-2019-9605.json | 48 +++++++++++++++++++- 2019/9xxx/CVE-2019-9695.json | 63 +++++++++++++++++++++++--- 8 files changed, 328 insertions(+), 14 deletions(-) create mode 100644 2019/10xxx/CVE-2019-10477.json create mode 100644 2019/10xxx/CVE-2019-10478.json create mode 100644 2019/10xxx/CVE-2019-10479.json diff --git a/2018/8xxx/CVE-2018-8847.json b/2018/8xxx/CVE-2018-8847.json index 81e00d1de84..023782d28c5 100644 --- a/2018/8xxx/CVE-2018-8847.json +++ b/2018/8xxx/CVE-2018-8847.json @@ -1,7 +1,7 @@ { "CVE_data_meta": { "ASSIGNER": "ics-cert@hq.dhs.gov", - "DATE_PUBLIC": "2017-50-17T00:00:00", + "DATE_PUBLIC": "2017-05-17T00:00:00", "ID": "CVE-2018-8847", "STATE": "PUBLIC" }, diff --git a/2019/10xxx/CVE-2019-10477.json b/2019/10xxx/CVE-2019-10477.json new file mode 100644 index 00000000000..07930889a1a --- /dev/null +++ b/2019/10xxx/CVE-2019-10477.json @@ -0,0 +1,82 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.4%2B1.1", + "refsource": "MISC", + "name": "https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.4%2B1.1" + }, + { + "url": "https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.3%2B1.4", + "refsource": "MISC", + "name": "https://github.com/fusioninventory/fusioninventory-for-glpi/releases/tag/glpi9.3%2B1.4" + }, + { + "url": "https://github.com/fusioninventory/fusioninventory-for-glpi/commit/0f777f85773b18f5252e79afa1929fcdc4858c3a", + "refsource": "MISC", + "name": "https://github.com/fusioninventory/fusioninventory-for-glpi/commit/0f777f85773b18f5252e79afa1929fcdc4858c3a" + }, + { + "url": "https://github.com/fusioninventory/fusioninventory-for-glpi/compare/cec774a...baa4158", + "refsource": "MISC", + "name": "https://github.com/fusioninventory/fusioninventory-for-glpi/compare/cec774a...baa4158" + }, + { + "url": "https://github.com/fusioninventory/fusioninventory-for-glpi/compare/260a864...e1f776d", + "refsource": "MISC", + "name": "https://github.com/fusioninventory/fusioninventory-for-glpi/compare/260a864...e1f776d" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10478.json b/2019/10xxx/CVE-2019-10478.json new file mode 100644 index 00000000000..dd79f4deabc --- /dev/null +++ b/2019/10xxx/CVE-2019-10478.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10478", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10479.json b/2019/10xxx/CVE-2019-10479.json new file mode 100644 index 00000000000..abfab8b84e0 --- /dev/null +++ b/2019/10xxx/CVE-2019-10479.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10479", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6481.json b/2019/6xxx/CVE-2019-6481.json index 3f872fb3eda..e4c2e136eb9 100644 --- a/2019/6xxx/CVE-2019-6481.json +++ b/2019/6xxx/CVE-2019-6481.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-6481", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Abine Blur 7.8.2431 allows remote attackers to conduct \"Second-Factor Auth Bypass\" attacks by using the \"Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app.\" approach, related to a \"Multifactor Auth Bypass, Full Disk Encryption Bypass\" issue affecting the Affected Chrome Plugin component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://redcoded.com/cve/2018/03/10/CVE.html", + "refsource": "MISC", + "name": "https://redcoded.com/cve/2018/03/10/CVE.html" + }, + { + "url": "https://redcoded.com/cve/2019/03/18/CVE.html", + "refsource": "MISC", + "name": "https://redcoded.com/cve/2019/03/18/CVE.html" + }, + { + "refsource": "FULLDISC", + "name": "20190319 2FA & macOS Disk Encryption Bypass in Abine Blur 7.24* [CVE-2019-6481]", + "url": "http://seclists.org/fulldisclosure/2019/Mar/33" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/152139/Abine-Blur-7.8.24x-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/152139/Abine-Blur-7.8.24x-Authentication-Bypass.html" } ] } diff --git a/2019/9xxx/CVE-2019-9604.json b/2019/9xxx/CVE-2019-9604.json index d5977aaebcf..c883c956dd6 100644 --- a/2019/9xxx/CVE-2019-9604.json +++ b/2019/9xxx/CVE-2019-9604.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9604", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-cross-site-request-forgery-csrf-for-edit-profile-actionscve-2019-9604/", + "refsource": "MISC", + "name": "https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-cross-site-request-forgery-csrf-for-edit-profile-actionscve-2019-9604/" } ] } diff --git a/2019/9xxx/CVE-2019-9605.json b/2019/9xxx/CVE-2019-9605.json index 56fa07d9a55..c56a2e60125 100644 --- a/2019/9xxx/CVE-2019-9605.json +++ b/2019/9xxx/CVE-2019-9605.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9605", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-reflected-cross-site-scripting-xss-via-the-err-value-in-a-ico-picture-uploadcve-2019-9605/", + "refsource": "MISC", + "name": "https://hackingvila.wordpress.com/2019/03/06/php-scripts-mall-online-lottery-php-readymade-script-1-7-0-has-reflected-cross-site-scripting-xss-via-the-err-value-in-a-ico-picture-uploadcve-2019-9605/" } ] } diff --git a/2019/9xxx/CVE-2019-9695.json b/2019/9xxx/CVE-2019-9695.json index e248052a70c..61810b8771d 100644 --- a/2019/9xxx/CVE-2019-9695.json +++ b/2019/9xxx/CVE-2019-9695.json @@ -1,17 +1,66 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9695", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9695", + "ASSIGNER": "secure@symantec.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Norton", + "product": { + "product_data": [ + { + "product_name": "Norton Core", + "version": { + "version_data": [ + { + "version_value": "Prior to v278" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.symantec.com/en_US/article.SYMSA1476.html", + "url": "https://support.symantec.com/en_US/article.SYMSA1476.html" + }, + { + "refsource": "BID", + "name": "107478", + "url": "http://www.securityfocus.com/bid/107478" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device." } ] }