diff --git a/2019/11xxx/CVE-2019-11868.json b/2019/11xxx/CVE-2019-11868.json index 298072cac9e..ba5b34f22f7 100644 --- a/2019/11xxx/CVE-2019-11868.json +++ b/2019/11xxx/CVE-2019-11868.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "See.sys through 4.25 in the SoftEther VPN Server allows a user to specify any kernel address to which arbitrary bytes are written." + "value": "See.sys, up to version 4.25, in SoftEther VPN Server versions 4.29 or older, allows a user to call an IOCTL specifying any kernel address to which arbitrary bytes are written to." } ] }, @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://downwithup.github.io/CVEPosts", "url": "https://downwithup.github.io/CVEPosts" + }, + { + "refsource": "CONFIRM", + "name": "https://www.softether.org/9-about/News/900-SEVPN201901", + "url": "https://www.softether.org/9-about/News/900-SEVPN201901" } ] } diff --git a/2019/17xxx/CVE-2019-17175.json b/2019/17xxx/CVE-2019-17175.json new file mode 100644 index 00000000000..c38b9642647 --- /dev/null +++ b/2019/17xxx/CVE-2019-17175.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/joyplus/joyplus-cms/issues/443", + "refsource": "MISC", + "name": "https://github.com/joyplus/joyplus-cms/issues/443" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4227.json b/2019/4xxx/CVE-2019-4227.json index 19a0dc3ccfb..be7cea1324f 100644 --- a/2019/4xxx/CVE-2019-4227.json +++ b/2019/4xxx/CVE-2019-4227.json @@ -1,150 +1,150 @@ { - "impact" : { - "cvssv3" : { - "BM" : { - "AC" : "H", - "UI" : "N", - "C" : "L", - "PR" : "N", - "AV" : "N", - "SCORE" : "5.600", - "A" : "L", - "S" : "U", - "I" : "L" - }, - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - } - } - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 886899 (MQ)", - "url" : "https://www.ibm.com/support/pages/node/886899", - "name" : "https://www.ibm.com/support/pages/node/886899", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-websphere-cve20194227-session-fixation (159352)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/159352" - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2019-4227", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2019-09-25T00:00:00", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "MQ", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.1" - }, - { - "version_value" : "8.0.0.4" - }, - { - "version_value" : "8.0.0.5" - }, - { - "version_value" : "8.0.0.6" - }, - { - "version_value" : "8.0.0.7" - }, - { - "version_value" : "9.0.0.2" - }, - { - "version_value" : "8.0.0.8" - }, - { - "version_value" : "8.0.0.9" - }, - { - "version_value" : "9.0.0.3" - }, - { - "version_value" : "8.0.0.10" - }, - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "9.0.0.4" - }, - { - "version_value" : "9.0.0.5" - }, - { - "version_value" : "9.1.0.0" - }, - { - "version_value" : "9.1.0.1" - }, - { - "version_value" : "9.1.1" - }, - { - "version_value" : "9.1.0.2" - }, - { - "version_value" : "9.1.2" - }, - { - "version_value" : "8.0.0.11" - }, - { - "version_value" : "9.0.0.6" - }, - { - "version_value" : "8.0.0.12" - } - ] - } - } - ] - } + "impact": { + "cvssv3": { + "BM": { + "AC": "H", + "UI": "N", + "C": "L", + "PR": "N", + "AV": "N", + "SCORE": "5.600", + "A": "L", + "S": "U", + "I": "L" + }, + "TM": { + "RL": "O", + "E": "U", + "RC": "C" } - ] - } - }, - "data_version" : "4.0", - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } + } + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 886899 (MQ)", + "url": "https://www.ibm.com/support/pages/node/886899", + "name": "https://www.ibm.com/support/pages/node/886899", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-websphere-cve20194227-session-fixation (159352)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/159352" + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2019-4227", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2019-09-25T00:00:00", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "MQ", + "version": { + "version_data": [ + { + "version_value": "9.0.0.1" + }, + { + "version_value": "8.0.0.4" + }, + { + "version_value": "8.0.0.5" + }, + { + "version_value": "8.0.0.6" + }, + { + "version_value": "8.0.0.7" + }, + { + "version_value": "9.0.0.2" + }, + { + "version_value": "8.0.0.8" + }, + { + "version_value": "8.0.0.9" + }, + { + "version_value": "9.0.0.3" + }, + { + "version_value": "8.0.0.10" + }, + { + "version_value": "9.0.0.0" + }, + { + "version_value": "9.0.0.4" + }, + { + "version_value": "9.0.0.5" + }, + { + "version_value": "9.1.0.0" + }, + { + "version_value": "9.1.0.1" + }, + { + "version_value": "9.1.1" + }, + { + "version_value": "9.1.0.2" + }, + { + "version_value": "9.1.2" + }, + { + "version_value": "8.0.0.11" + }, + { + "version_value": "9.0.0.6" + }, + { + "version_value": "8.0.0.12" + } + ] + } + } + ] + } + } ] - } - ] - }, - "description" : { - "description_data" : [ - { - "value" : "IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.", - "lang" : "eng" - } - ] - } -} + } + }, + "data_version": "4.0", + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "description": { + "description_data": [ + { + "value": "IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4514.json b/2019/4xxx/CVE-2019-4514.json index e30c038d3f3..9eb406e84c1 100644 --- a/2019/4xxx/CVE-2019-4514.json +++ b/2019/4xxx/CVE-2019-4514.json @@ -1,99 +1,99 @@ { - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165136." - } - ] - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/302017", - "name" : "https://www.ibm.com/support/pages/node/302017", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 2012024 (Security Key Lifecycle Manager)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165136", - "name" : "ibm-tivoli-cve20194514-info-disc (165136)", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2019-10-02T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4514" - }, - "impact" : { - "cvssv3" : { - "BM" : { - "I" : "N", - "S" : "U", - "A" : "N", - "SCORE" : "5.300", - "PR" : "N", - "AV" : "N", - "C" : "L", - "UI" : "N", - "AC" : "L" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "2.6" - }, - { - "version_value" : "2.7" - }, - { - "version_value" : "3.0" - }, - { - "version_value" : "3.0.1" - } - ] - }, - "product_name" : "Security Key Lifecycle Manager" - } - ] - } + "lang": "eng", + "value": "IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165136." } - ] - } - } -} + ] + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/302017", + "name": "https://www.ibm.com/support/pages/node/302017", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 2012024 (Security Key Lifecycle Manager)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165136", + "name": "ibm-tivoli-cve20194514-info-disc (165136)", + "refsource": "XF", + "title": "X-Force Vulnerability Report" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2019-10-02T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4514" + }, + "impact": { + "cvssv3": { + "BM": { + "I": "N", + "S": "U", + "A": "N", + "SCORE": "5.300", + "PR": "N", + "AV": "N", + "C": "L", + "UI": "N", + "AC": "L" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2.6" + }, + { + "version_value": "2.7" + }, + { + "version_value": "3.0" + }, + { + "version_value": "3.0.1" + } + ] + }, + "product_name": "Security Key Lifecycle Manager" + } + ] + } + } + ] + } + } +} \ No newline at end of file