From 0ed6681297f952901cfbd9ac8d68066921570f29 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 7 Nov 2019 16:01:25 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/16xxx/CVE-2019-16872.json | 62 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16876.json | 62 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16877.json | 62 +++++++++++++++++++++++++++++++ 2019/16xxx/CVE-2019-16878.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17222.json | 62 +++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17604.json | 67 ++++++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17605.json | 67 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18806.json | 67 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18807.json | 67 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18808.json | 62 +++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18809.json | 62 +++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18810.json | 67 ++++++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18811.json | 62 +++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18812.json | 62 +++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18813.json | 62 +++++++++++++++++++++++++++++++ 2019/18xxx/CVE-2019-18814.json | 62 +++++++++++++++++++++++++++++++ 16 files changed, 1017 insertions(+) create mode 100644 2019/16xxx/CVE-2019-16872.json create mode 100644 2019/16xxx/CVE-2019-16876.json create mode 100644 2019/16xxx/CVE-2019-16877.json create mode 100644 2019/16xxx/CVE-2019-16878.json create mode 100644 2019/17xxx/CVE-2019-17222.json create mode 100644 2019/17xxx/CVE-2019-17604.json create mode 100644 2019/17xxx/CVE-2019-17605.json create mode 100644 2019/18xxx/CVE-2019-18806.json create mode 100644 2019/18xxx/CVE-2019-18807.json create mode 100644 2019/18xxx/CVE-2019-18808.json create mode 100644 2019/18xxx/CVE-2019-18809.json create mode 100644 2019/18xxx/CVE-2019-18810.json create mode 100644 2019/18xxx/CVE-2019-18811.json create mode 100644 2019/18xxx/CVE-2019-18812.json create mode 100644 2019/18xxx/CVE-2019-18813.json create mode 100644 2019/18xxx/CVE-2019-18814.json diff --git a/2019/16xxx/CVE-2019-16872.json b/2019/16xxx/CVE-2019-16872.json new file mode 100644 index 00000000000..ecd634f98cf --- /dev/null +++ b/2019/16xxx/CVE-2019-16872.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16872", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-19-120", + "url": "https://fortiguard.com/zeroday/FG-VD-19-120" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16876.json b/2019/16xxx/CVE-2019-16876.json new file mode 100644 index 00000000000..df90f5931b9 --- /dev/null +++ b/2019/16xxx/CVE-2019-16876.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Portainer before 1.22.1 allows Directory Traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-19-123", + "url": "https://fortiguard.com/zeroday/FG-VD-19-123" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16877.json b/2019/16xxx/CVE-2019-16877.json new file mode 100644 index 00000000000..90a3e5d8ad3 --- /dev/null +++ b/2019/16xxx/CVE-2019-16877.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-19-124", + "url": "https://fortiguard.com/zeroday/FG-VD-19-124" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16878.json b/2019/16xxx/CVE-2019-16878.json new file mode 100644 index 00000000000..6b12d0937ad --- /dev/null +++ b/2019/16xxx/CVE-2019-16878.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Portainer before 1.22.1 has XSS (issue 2 of 2)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-19-119", + "url": "https://fortiguard.com/zeroday/FG-VD-19-119" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17222.json b/2019/17xxx/CVE-2019-17222.json new file mode 100644 index 00000000000..ba557636db7 --- /dev/null +++ b/2019/17xxx/CVE-2019-17222.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is stored XSS in the Service Name tab of the WAN configuration screen, leading to a denial of service (inability to change the configuration)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.youtube.com/watch?v=e3sozdDExTM", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=e3sozdDExTM" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17604.json b/2019/17xxx/CVE-2019-17604.json new file mode 100644 index 00000000000..5a70d315e7c --- /dev/null +++ b/2019/17xxx/CVE-2019-17604.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17604", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to change other candidates' personal information (first name, last name, email, CV, phone number, and all other personal information) by changing the value of the candidate id (the id parameter)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.eyecomms.com/Products/eyeCMS.html", + "refsource": "MISC", + "name": "http://www.eyecomms.com/Products/eyeCMS.html" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5", + "url": "https://gist.github.com/AhMyth/b0f7e4b8244def8eb8d7d8c61fa6d4e5" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17605.json b/2019/17xxx/CVE-2019-17605.json new file mode 100644 index 00000000000..6a3b918d36e --- /dev/null +++ b/2019/17xxx/CVE-2019-17605.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17605", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate's account (by also exploiting CVE-2019-17604) via a modified candidate id and an additional password parameter. The outcome is that the password of this other candidate is changed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.eyecomms.com/Products/eyeCMS.html", + "refsource": "MISC", + "name": "http://www.eyecomms.com/Products/eyeCMS.html" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37", + "url": "https://gist.github.com/AhMyth/6d9c5e15d943dd092ccca19fca8d5d37" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18806.json b/2019/18xxx/CVE-2019-18806.json new file mode 100644 index 00000000000..aeaa3b63839 --- /dev/null +++ b/2019/18xxx/CVE-2019-18806.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18806", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1acb8f2a7a9f10543868ddd737e37424d5c36cf4", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1acb8f2a7a9f10543868ddd737e37424d5c36cf4" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18807.json b/2019/18xxx/CVE-2019-18807.json new file mode 100644 index 00000000000..696ee8433a3 --- /dev/null +++ b/2019/18xxx/CVE-2019-18807.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18807", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-68501df92d11." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68501df92d116b760777a2cfda314789f926476f", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=68501df92d116b760777a2cfda314789f926476f" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18808.json b/2019/18xxx/CVE-2019-18808.json new file mode 100644 index 00000000000..31f4ef63b5c --- /dev/null +++ b/2019/18xxx/CVE-2019-18808.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18808", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18809.json b/2019/18xxx/CVE-2019-18809.json new file mode 100644 index 00000000000..58c95d66b62 --- /dev/null +++ b/2019/18xxx/CVE-2019-18809.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18809", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/2289adbfa559050d2a38bcd9caac1c18b800e928", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/2289adbfa559050d2a38bcd9caac1c18b800e928" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18810.json b/2019/18xxx/CVE-2019-18810.json new file mode 100644 index 00000000000..edc29fdafe1 --- /dev/null +++ b/2019/18xxx/CVE-2019-18810.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ecd6fdbf5d648123a7315c695fb6850d702835", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ecd6fdbf5d648123a7315c695fb6850d702835" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18811.json b/2019/18xxx/CVE-2019-18811.json new file mode 100644 index 00000000000..73074f35be5 --- /dev/null +++ b/2019/18xxx/CVE-2019-18811.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/45c1380358b12bf2d1db20a5874e9544f56b34ab" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18812.json b/2019/18xxx/CVE-2019-18812.json new file mode 100644 index 00000000000..a7eab5e246f --- /dev/null +++ b/2019/18xxx/CVE-2019-18812.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/c0a333d842ef67ac04adc72ff79dc1ccc3dca4ed" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18813.json b/2019/18xxx/CVE-2019-18813.json new file mode 100644 index 00000000000..1d1eabb9a99 --- /dev/null +++ b/2019/18xxx/CVE-2019-18813.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18813", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9bbfceea12a8f145097a27d7c7267af25893c060", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9bbfceea12a8f145097a27d7c7267af25893c060" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18814.json b/2019/18xxx/CVE-2019-18814.json new file mode 100644 index 00000000000..f089998589d --- /dev/null +++ b/2019/18xxx/CVE-2019-18814.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://lore.kernel.org/patchwork/patch/1142523/", + "refsource": "MISC", + "name": "https://lore.kernel.org/patchwork/patch/1142523/" + } + ] + } +} \ No newline at end of file