diff --git a/2016/6xxx/CVE-2016-6153.json b/2016/6xxx/CVE-2016-6153.json index ce7a7dc4cf5..c2bc1fff7e8 100644 --- a/2016/6xxx/CVE-2016-6153.json +++ b/2016/6xxx/CVE-2016-6153.json @@ -96,6 +96,11 @@ "name": "[oss-security] 20160701 SQLite Tempdir Selection Vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/07/01/1" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2017/10xxx/CVE-2017-10989.json b/2017/10xxx/CVE-2017-10989.json index 521a2a139a2..517f8e75ad6 100644 --- a/2017/10xxx/CVE-2017-10989.json +++ b/2017/10xxx/CVE-2017-10989.json @@ -121,6 +121,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1426", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00050.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2017/13xxx/CVE-2017-13685.json b/2017/13xxx/CVE-2017-13685.json index c3492025aa7..abf7f20ad0f 100644 --- a/2017/13xxx/CVE-2017-13685.json +++ b/2017/13xxx/CVE-2017-13685.json @@ -61,6 +61,11 @@ "name": "100521", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100521" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2017/2xxx/CVE-2017-2518.json b/2017/2xxx/CVE-2017-2518.json index 8deae0d87cd..846b35a23e9 100644 --- a/2017/2xxx/CVE-2017-2518.json +++ b/2017/2xxx/CVE-2017-2518.json @@ -86,6 +86,11 @@ "name": "https://support.apple.com/HT207801", "refsource": "CONFIRM", "url": "https://support.apple.com/HT207801" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2017/2xxx/CVE-2017-2519.json b/2017/2xxx/CVE-2017-2519.json index f8b0246db5f..ef43684dcc1 100644 --- a/2017/2xxx/CVE-2017-2519.json +++ b/2017/2xxx/CVE-2017-2519.json @@ -86,6 +86,11 @@ "name": "https://support.apple.com/HT207801", "refsource": "CONFIRM", "url": "https://support.apple.com/HT207801" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2017/2xxx/CVE-2017-2520.json b/2017/2xxx/CVE-2017-2520.json index bbcb2f13922..070cc383517 100644 --- a/2017/2xxx/CVE-2017-2520.json +++ b/2017/2xxx/CVE-2017-2520.json @@ -86,6 +86,11 @@ "name": "https://support.apple.com/HT207801", "refsource": "CONFIRM", "url": "https://support.apple.com/HT207801" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2018/16xxx/CVE-2018-16593.json b/2018/16xxx/CVE-2018-16593.json index 54d958a9574..e18cf75e11e 100644 --- a/2018/16xxx/CVE-2018-16593.json +++ b/2018/16xxx/CVE-2018-16593.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16593", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sony.co.uk/electronics/support/articles/00201041", + "refsource": "MISC", + "name": "https://www.sony.co.uk/electronics/support/articles/00201041" + }, + { + "url": "https://fortiguard.com/zeroday/FG-VD-18-036", + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-18-036" } ] } diff --git a/2018/16xxx/CVE-2018-16594.json b/2018/16xxx/CVE-2018-16594.json index cc1a57eb487..375e067f9e4 100644 --- a/2018/16xxx/CVE-2018-16594.json +++ b/2018/16xxx/CVE-2018-16594.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16594", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sony.co.uk/electronics/support/articles/00201041", + "refsource": "MISC", + "name": "https://www.sony.co.uk/electronics/support/articles/00201041" + }, + { + "url": "https://fortiguard.com/zeroday/FG-VD-18-036", + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-18-036" } ] } diff --git a/2018/16xxx/CVE-2018-16595.json b/2018/16xxx/CVE-2018-16595.json index 8e7d3e203d5..90576af38bf 100644 --- a/2018/16xxx/CVE-2018-16595.json +++ b/2018/16xxx/CVE-2018-16595.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16595", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sony.co.uk/electronics/support/articles/00201041", + "refsource": "MISC", + "name": "https://www.sony.co.uk/electronics/support/articles/00201041" + }, + { + "url": "https://fortiguard.com/zeroday/FG-VD-18-036", + "refsource": "MISC", + "name": "https://fortiguard.com/zeroday/FG-VD-18-036" } ] } diff --git a/2018/20xxx/CVE-2018-20346.json b/2018/20xxx/CVE-2018-20346.json index 0238cf9fe6a..cfe1f4379d6 100644 --- a/2018/20xxx/CVE-2018-20346.json +++ b/2018/20xxx/CVE-2018-20346.json @@ -156,6 +156,11 @@ "refsource": "GENTOO", "name": "GLSA-201904-21", "url": "https://security.gentoo.org/glsa/201904-21" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2018/20xxx/CVE-2018-20505.json b/2018/20xxx/CVE-2018-20505.json index 188b4bb6896..277bdd3ec7a 100644 --- a/2018/20xxx/CVE-2018-20505.json +++ b/2018/20xxx/CVE-2018-20505.json @@ -156,6 +156,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190502-0004/", "url": "https://security.netapp.com/advisory/ntap-20190502-0004/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2018/20xxx/CVE-2018-20506.json b/2018/20xxx/CVE-2018-20506.json index a7f9bf2b1ae..1129b53fea5 100644 --- a/2018/20xxx/CVE-2018-20506.json +++ b/2018/20xxx/CVE-2018-20506.json @@ -161,6 +161,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190502-0004/", "url": "https://security.netapp.com/advisory/ntap-20190502-0004/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2019/10xxx/CVE-2019-10132.json b/2019/10xxx/CVE-2019-10132.json index ccc0b5aea02..0c202c03ff6 100644 --- a/2019/10xxx/CVE-2019-10132.json +++ b/2019/10xxx/CVE-2019-10132.json @@ -73,6 +73,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1455", "url": "https://access.redhat.com/errata/RHSA-2019:1455" + }, + { + "refsource": "UBUNTU", + "name": "USN-4021-1", + "url": "https://usn.ubuntu.com/4021-1/" } ] }, diff --git a/2019/11xxx/CVE-2019-11477.json b/2019/11xxx/CVE-2019-11477.json index b6b3723bba5..c2d885065a9 100644 --- a/2019/11xxx/CVE-2019-11477.json +++ b/2019/11xxx/CVE-2019-11477.json @@ -126,6 +126,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K78234183", "url": "https://support.f5.com/csp/article/K78234183" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html", + "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11478.json b/2019/11xxx/CVE-2019-11478.json index 455ababdab9..fb1b7891a6c 100644 --- a/2019/11xxx/CVE-2019-11478.json +++ b/2019/11xxx/CVE-2019-11478.json @@ -125,6 +125,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K26618426", "url": "https://support.f5.com/csp/article/K26618426" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html", + "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html" } ] }, diff --git a/2019/12xxx/CVE-2019-12382.json b/2019/12xxx/CVE-2019-12382.json index 3c6bd6ebfe3..60bf2bfb3ba 100644 --- a/2019/12xxx/CVE-2019-12382.json +++ b/2019/12xxx/CVE-2019-12382.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash)." + "value": "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference." } ] }, @@ -91,6 +91,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1579", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html" + }, + { + "refsource": "MISC", + "name": "https://lore.kernel.org/lkml/87o93u7d3s.fsf@intel.com/", + "url": "https://lore.kernel.org/lkml/87o93u7d3s.fsf@intel.com/" + }, + { + "refsource": "MISC", + "name": "https://salsa.debian.org/kernel-team/kernel-sec/blob/master/retired/CVE-2019-12382", + "url": "https://salsa.debian.org/kernel-team/kernel-sec/blob/master/retired/CVE-2019-12382" } ] } diff --git a/2019/12xxx/CVE-2019-12454.json b/2019/12xxx/CVE-2019-12454.json index 0494db61eb1..6c937b64e31 100644 --- a/2019/12xxx/CVE-2019-12454.json +++ b/2019/12xxx/CVE-2019-12454.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors." + "value": "** DISPUTED ** An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability because switching to kmemdup_nul() would only fix a security issue if the source string wasn't NUL-terminated, which is not the case." } ] }, @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-f40bd7826f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1136963#c1" } ] } diff --git a/2019/12xxx/CVE-2019-12891.json b/2019/12xxx/CVE-2019-12891.json new file mode 100644 index 00000000000..7a54fda17e9 --- /dev/null +++ b/2019/12xxx/CVE-2019-12891.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12891", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12892.json b/2019/12xxx/CVE-2019-12892.json new file mode 100644 index 00000000000..c79b2f8e77b --- /dev/null +++ b/2019/12xxx/CVE-2019-12892.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12892", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3886.json b/2019/3xxx/CVE-2019-3886.json index b6389745f91..dba91af44c5 100644 --- a/2019/3xxx/CVE-2019-3886.json +++ b/2019/3xxx/CVE-2019-3886.json @@ -58,6 +58,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1294", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4021-1", + "url": "https://usn.ubuntu.com/4021-1/" } ] }, diff --git a/2019/8xxx/CVE-2019-8457.json b/2019/8xxx/CVE-2019-8457.json index 319a35a11fb..d858a23b358 100644 --- a/2019/8xxx/CVE-2019-8457.json +++ b/2019/8xxx/CVE-2019-8457.json @@ -68,6 +68,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190606-0002/", "url": "https://security.netapp.com/advisory/ntap-20190606-0002/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] }, diff --git a/2019/9xxx/CVE-2019-9936.json b/2019/9xxx/CVE-2019-9936.json index af94bcf2685..cc8026db033 100644 --- a/2019/9xxx/CVE-2019-9936.json +++ b/2019/9xxx/CVE-2019-9936.json @@ -91,6 +91,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-a01751837d", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9937.json b/2019/9xxx/CVE-2019-9937.json index 2ea7276dcdf..feefd229aca 100644 --- a/2019/9xxx/CVE-2019-9937.json +++ b/2019/9xxx/CVE-2019-9937.json @@ -91,6 +91,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-a01751837d", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-1", + "url": "https://usn.ubuntu.com/4019-1/" } ] }