diff --git a/2016/10xxx/CVE-2016-10735.json b/2016/10xxx/CVE-2016-10735.json index 4f13c34ec16..67924268322 100644 --- a/2016/10xxx/CVE-2016-10735.json +++ b/2016/10xxx/CVE-2016-10735.json @@ -96,6 +96,11 @@ "refsource": "REDHAT", "name": "RHBA-2019:1570", "url": "https://access.redhat.com/errata/RHBA-2019:1570" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3023", + "url": "https://access.redhat.com/errata/RHSA-2019:3023" } ] } diff --git a/2018/20xxx/CVE-2018-20676.json b/2018/20xxx/CVE-2018-20676.json index 0cf16292245..05d085ec15d 100644 --- a/2018/20xxx/CVE-2018-20676.json +++ b/2018/20xxx/CVE-2018-20676.json @@ -91,6 +91,11 @@ "refsource": "REDHAT", "name": "RHBA-2019:1570", "url": "https://access.redhat.com/errata/RHBA-2019:1570" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3023", + "url": "https://access.redhat.com/errata/RHSA-2019:3023" } ] } diff --git a/2018/20xxx/CVE-2018-20677.json b/2018/20xxx/CVE-2018-20677.json index c8cf7b7b7a1..f17331a1b89 100644 --- a/2018/20xxx/CVE-2018-20677.json +++ b/2018/20xxx/CVE-2018-20677.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3023", + "url": "https://access.redhat.com/errata/RHSA-2019:3023" } ] } diff --git a/2018/20xxx/CVE-2018-20976.json b/2018/20xxx/CVE-2018-20976.json index dd86d4a410d..9f89912af30 100644 --- a/2018/20xxx/CVE-2018-20976.json +++ b/2018/20xxx/CVE-2018-20976.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K10269585?utm_source=f5support&utm_medium=RSS", + "url": "https://support.f5.com/csp/article/K10269585?utm_source=f5support&utm_medium=RSS" } ] } diff --git a/2019/10xxx/CVE-2019-10744.json b/2019/10xxx/CVE-2019-10744.json index f7eb4559c26..ef02c228546 100644 --- a/2019/10xxx/CVE-2019-10744.json +++ b/2019/10xxx/CVE-2019-10744.json @@ -53,6 +53,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0005/", "url": "https://security.netapp.com/advisory/ntap-20191004-0005/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3024", + "url": "https://access.redhat.com/errata/RHSA-2019:3024" } ] }, diff --git a/2019/11xxx/CVE-2019-11358.json b/2019/11xxx/CVE-2019-11358.json index 20a492f1394..e459ba24166 100644 --- a/2019/11xxx/CVE-2019-11358.json +++ b/2019/11xxx/CVE-2019-11358.json @@ -251,6 +251,16 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190919-0001/", "url": "https://security.netapp.com/advisory/ntap-20190919-0001/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3023", + "url": "https://access.redhat.com/errata/RHSA-2019:3023" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3024", + "url": "https://access.redhat.com/errata/RHSA-2019:3024" } ] } diff --git a/2019/11xxx/CVE-2019-11526.json b/2019/11xxx/CVE-2019-11526.json index 6e0d7424a1f..01c06fcaec6 100644 --- a/2019/11xxx/CVE-2019-11526.json +++ b/2019/11xxx/CVE-2019-11526.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11526", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11526", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the Attacker to write files with superuser privileges in specific locations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.mioso.com/CVE-2019-11526-en.html", + "url": "https://security.mioso.com/CVE-2019-11526-en.html" } ] } diff --git a/2019/14xxx/CVE-2019-14379.json b/2019/14xxx/CVE-2019-14379.json index 65ce2a32549..e35c8cee326 100644 --- a/2019/14xxx/CVE-2019-14379.json +++ b/2019/14xxx/CVE-2019-14379.json @@ -186,6 +186,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2998", "url": "https://access.redhat.com/errata/RHSA-2019:2998" + }, + { + "refsource": "MLIST", + "name": "[iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue opened a new pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379", + "url": "https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E" } ] } diff --git a/2019/14xxx/CVE-2019-14810.json b/2019/14xxx/CVE-2019-14810.json new file mode 100644 index 00000000000..5c9e6a64459 --- /dev/null +++ b/2019/14xxx/CVE-2019-14810.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14810", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.arista.com/en/support/advisories-notices", + "refsource": "MISC", + "name": "https://www.arista.com/en/support/advisories-notices" + }, + { + "refsource": "CONFIRM", + "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42", + "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/8321-security-advisory-42" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16229.json b/2019/16xxx/CVE-2019-16229.json index 7a1ea3c7920..f0bc3187c16 100644 --- a/2019/16xxx/CVE-2019-16229.json +++ b/2019/16xxx/CVE-2019-16229.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference." + "value": "** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id." } ] }, @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3" } ] } diff --git a/2019/1xxx/CVE-2019-1125.json b/2019/1xxx/CVE-2019-1125.json index 17cfb1f58c1..671ce4d57cf 100644 --- a/2019/1xxx/CVE-2019-1125.json +++ b/2019/1xxx/CVE-2019-1125.json @@ -256,6 +256,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2975", "url": "https://access.redhat.com/errata/RHSA-2019:2975" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3011", + "url": "https://access.redhat.com/errata/RHSA-2019:3011" } ] } diff --git a/2019/8xxx/CVE-2019-8331.json b/2019/8xxx/CVE-2019-8331.json index 13c22800197..30de70292ee 100644 --- a/2019/8xxx/CVE-2019-8331.json +++ b/2019/8xxx/CVE-2019-8331.json @@ -131,6 +131,16 @@ "refsource": "MLIST", "name": "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", "url": "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3023", + "url": "https://access.redhat.com/errata/RHSA-2019:3023" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3024", + "url": "https://access.redhat.com/errata/RHSA-2019:3024" } ] }