diff --git a/2013/5xxx/CVE-2013-5123.json b/2013/5xxx/CVE-2013-5123.json index ca076acb543..9ea69a30c73 100644 --- a/2013/5xxx/CVE-2013-5123.json +++ b/2013/5xxx/CVE-2013-5123.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-5123", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,63 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-5123", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-5123" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5123", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5123" + }, + { + "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5123", + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5123" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155248.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155248.html" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155291.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155291.html" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/08/21/17", + "url": "http://www.openwall.com/lists/oss-security/2013/08/21/17" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/08/21/18", + "url": "http://www.openwall.com/lists/oss-security/2013/08/21/18" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/77520", + "url": "http://www.securityfocus.com/bid/77520" } ] } diff --git a/2016/4xxx/CVE-2016-4983.json b/2016/4xxx/CVE-2016-4983.json index 3ab42d6e5e1..9f07b175e91 100644 --- a/2016/4xxx/CVE-2016-4983.json +++ b/2016/4xxx/CVE-2016-4983.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-4983", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,95 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fedora", + "product": { + "product_data": [ + { + "product_name": "dovecot22", + "version": { + "version_data": [ + { + "version_value": "dovecot22-2.2.25-3.1" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Fedora", + "product": { + "product_data": [ + { + "product_name": "dovecot22", + "version": { + "version_data": [ + { + "version_value": "dovecot22-2.2.18-9.1" + } + ] + } + } + ] + } + }, + { + "vendor_name": "Fedora", + "product": { + "product_data": [ + { + "product_name": "dovecot22", + "version": { + "version_data": [ + { + "version_value": "dovecot22-2.2.13-3.7.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.suse.com/show_bug.cgi?id=984639", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=984639" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346055", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346055" + }, + { + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html", + "url": "http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html" } ] } diff --git a/2018/1000xxx/CVE-2018-1000876.json b/2018/1000xxx/CVE-2018-1000876.json index bf7dfa6585e..99af11888cb 100644 --- a/2018/1000xxx/CVE-2018-1000876.json +++ b/2018/1000xxx/CVE-2018-1000876.json @@ -79,6 +79,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/17xxx/CVE-2018-17358.json b/2018/17xxx/CVE-2018-17358.json index b5aaac1a818..c3b2c83647c 100644 --- a/2018/17xxx/CVE-2018-17358.json +++ b/2018/17xxx/CVE-2018-17358.json @@ -61,6 +61,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/17xxx/CVE-2018-17359.json b/2018/17xxx/CVE-2018-17359.json index 7e100ac3c54..f75438b6110 100644 --- a/2018/17xxx/CVE-2018-17359.json +++ b/2018/17xxx/CVE-2018-17359.json @@ -61,6 +61,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/17xxx/CVE-2018-17360.json b/2018/17xxx/CVE-2018-17360.json index b6ad3ee3e0d..97fcc716701 100644 --- a/2018/17xxx/CVE-2018-17360.json +++ b/2018/17xxx/CVE-2018-17360.json @@ -61,6 +61,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/17xxx/CVE-2018-17985.json b/2018/17xxx/CVE-2018-17985.json index e2a1b52d439..9426b425e14 100644 --- a/2018/17xxx/CVE-2018-17985.json +++ b/2018/17xxx/CVE-2018-17985.json @@ -61,6 +61,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18309.json b/2018/18xxx/CVE-2018-18309.json index b055bcd71a3..8fc0f940a1c 100644 --- a/2018/18xxx/CVE-2018-18309.json +++ b/2018/18xxx/CVE-2018-18309.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18483.json b/2018/18xxx/CVE-2018-18483.json index 2618061e899..e52ddfab1c2 100644 --- a/2018/18xxx/CVE-2018-18483.json +++ b/2018/18xxx/CVE-2018-18483.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18484.json b/2018/18xxx/CVE-2018-18484.json index 4978c3cfe7c..582717f6378 100644 --- a/2018/18xxx/CVE-2018-18484.json +++ b/2018/18xxx/CVE-2018-18484.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18605.json b/2018/18xxx/CVE-2018-18605.json index aca844ec745..c3a1e298137 100644 --- a/2018/18xxx/CVE-2018-18605.json +++ b/2018/18xxx/CVE-2018-18605.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18606.json b/2018/18xxx/CVE-2018-18606.json index 34e5caf9716..77e1822d9ca 100644 --- a/2018/18xxx/CVE-2018-18606.json +++ b/2018/18xxx/CVE-2018-18606.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/18xxx/CVE-2018-18607.json b/2018/18xxx/CVE-2018-18607.json index eaf49c0b811..c42ea2eca17 100644 --- a/2018/18xxx/CVE-2018-18607.json +++ b/2018/18xxx/CVE-2018-18607.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/19xxx/CVE-2018-19931.json b/2018/19xxx/CVE-2018-19931.json index a2582accfbd..69605ee1a28 100644 --- a/2018/19xxx/CVE-2018-19931.json +++ b/2018/19xxx/CVE-2018-19931.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/19xxx/CVE-2018-19932.json b/2018/19xxx/CVE-2018-19932.json index 2f0985e0fcb..e5ca7faf014 100644 --- a/2018/19xxx/CVE-2018-19932.json +++ b/2018/19xxx/CVE-2018-19932.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/20xxx/CVE-2018-20623.json b/2018/20xxx/CVE-2018-20623.json index ed4ad1fe385..4456b237ed3 100644 --- a/2018/20xxx/CVE-2018-20623.json +++ b/2018/20xxx/CVE-2018-20623.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/20xxx/CVE-2018-20651.json b/2018/20xxx/CVE-2018-20651.json index 2580e2a7833..97ba441ac21 100644 --- a/2018/20xxx/CVE-2018-20651.json +++ b/2018/20xxx/CVE-2018-20651.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/20xxx/CVE-2018-20671.json b/2018/20xxx/CVE-2018-20671.json index 6a8a7e07395..a2f2f83acbb 100644 --- a/2018/20xxx/CVE-2018-20671.json +++ b/2018/20xxx/CVE-2018-20671.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/6xxx/CVE-2018-6323.json b/2018/6xxx/CVE-2018-6323.json index 9c145a6876f..f57bfcf7ada 100644 --- a/2018/6xxx/CVE-2018-6323.json +++ b/2018/6xxx/CVE-2018-6323.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/6xxx/CVE-2018-6543.json b/2018/6xxx/CVE-2018-6543.json index ea5297b8460..6d769a3ab6e 100644 --- a/2018/6xxx/CVE-2018-6543.json +++ b/2018/6xxx/CVE-2018-6543.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/6xxx/CVE-2018-6759.json b/2018/6xxx/CVE-2018-6759.json index ec99a326160..35de32ad3fa 100644 --- a/2018/6xxx/CVE-2018-6759.json +++ b/2018/6xxx/CVE-2018-6759.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/6xxx/CVE-2018-6872.json b/2018/6xxx/CVE-2018-6872.json index 687884055c7..56e4a9e48ac 100644 --- a/2018/6xxx/CVE-2018-6872.json +++ b/2018/6xxx/CVE-2018-6872.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7208.json b/2018/7xxx/CVE-2018-7208.json index 9dbb890cfb2..35ccf60acf2 100644 --- a/2018/7xxx/CVE-2018-7208.json +++ b/2018/7xxx/CVE-2018-7208.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7568.json b/2018/7xxx/CVE-2018-7568.json index 8517c21c067..2b4c6be04ee 100644 --- a/2018/7xxx/CVE-2018-7568.json +++ b/2018/7xxx/CVE-2018-7568.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7569.json b/2018/7xxx/CVE-2018-7569.json index a02f6fb966a..b387b62f441 100644 --- a/2018/7xxx/CVE-2018-7569.json +++ b/2018/7xxx/CVE-2018-7569.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7570.json b/2018/7xxx/CVE-2018-7570.json index 8d1e4c46369..8c17485767b 100644 --- a/2018/7xxx/CVE-2018-7570.json +++ b/2018/7xxx/CVE-2018-7570.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7642.json b/2018/7xxx/CVE-2018-7642.json index ba26b63db9e..294e01bba16 100644 --- a/2018/7xxx/CVE-2018-7642.json +++ b/2018/7xxx/CVE-2018-7642.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/7xxx/CVE-2018-7643.json b/2018/7xxx/CVE-2018-7643.json index b46964c6dec..6efbb7da1a6 100644 --- a/2018/7xxx/CVE-2018-7643.json +++ b/2018/7xxx/CVE-2018-7643.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2018/8xxx/CVE-2018-8945.json b/2018/8xxx/CVE-2018-8945.json index b26ea5a5169..28e51786917 100644 --- a/2018/8xxx/CVE-2018-8945.json +++ b/2018/8xxx/CVE-2018-8945.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2019/1010xxx/CVE-2019-1010180.json b/2019/1010xxx/CVE-2019-1010180.json index 48c853380aa..0fc0df7a88a 100644 --- a/2019/1010xxx/CVE-2019-1010180.json +++ b/2019/1010xxx/CVE-2019-1010180.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2415", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" } ] } diff --git a/2019/16xxx/CVE-2019-16232.json b/2019/16xxx/CVE-2019-16232.json index cf06e0cd77b..18d34767991 100644 --- a/2019/16xxx/CVE-2019-16232.json +++ b/2019/16xxx/CVE-2019-16232.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2392", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/16xxx/CVE-2019-16233.json b/2019/16xxx/CVE-2019-16233.json index 6e22bea6e95..246b8e8a65f 100644 --- a/2019/16xxx/CVE-2019-16233.json +++ b/2019/16xxx/CVE-2019-16233.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/16xxx/CVE-2019-16234.json b/2019/16xxx/CVE-2019-16234.json index 8095483d899..6aa6832835e 100644 --- a/2019/16xxx/CVE-2019-16234.json +++ b/2019/16xxx/CVE-2019-16234.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2392", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/16xxx/CVE-2019-16884.json b/2019/16xxx/CVE-2019-16884.json index dea655ab6b7..2f6872559ae 100644 --- a/2019/16xxx/CVE-2019-16884.json +++ b/2019/16xxx/CVE-2019-16884.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2418", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2434", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html" } ] } diff --git a/2019/16xxx/CVE-2019-16995.json b/2019/16xxx/CVE-2019-16995.json index c9fcee97b5d..30b86d34eb2 100644 --- a/2019/16xxx/CVE-2019-16995.json +++ b/2019/16xxx/CVE-2019-16995.json @@ -71,6 +71,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191031-0005/", "url": "https://security.netapp.com/advisory/ntap-20191031-0005/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/17xxx/CVE-2019-17056.json b/2019/17xxx/CVE-2019-17056.json index 4dd832c6b39..5dc3e073641 100644 --- a/2019/17xxx/CVE-2019-17056.json +++ b/2019/17xxx/CVE-2019-17056.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2392", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/17xxx/CVE-2019-17133.json b/2019/17xxx/CVE-2019-17133.json index a07819a5024..da5b47397e8 100644 --- a/2019/17xxx/CVE-2019-17133.json +++ b/2019/17xxx/CVE-2019-17133.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191031-0005/", "url": "https://security.netapp.com/advisory/ntap-20191031-0005/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/17xxx/CVE-2019-17666.json b/2019/17xxx/CVE-2019-17666.json index d180bc50727..fdb3721f474 100644 --- a/2019/17xxx/CVE-2019-17666.json +++ b/2019/17xxx/CVE-2019-17666.json @@ -81,6 +81,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191031-0005/", "url": "https://security.netapp.com/advisory/ntap-20191031-0005/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2444", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html" } ] } diff --git a/2019/3xxx/CVE-2019-3689.json b/2019/3xxx/CVE-2019-3689.json index 46a7930cf06..3d010ac95a9 100644 --- a/2019/3xxx/CVE-2019-3689.json +++ b/2019/3xxx/CVE-2019-3689.json @@ -103,6 +103,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2408", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00071.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2435", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00006.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5068.json b/2019/5xxx/CVE-2019-5068.json index 6827457caf7..a783563a0c7 100644 --- a/2019/5xxx/CVE-2019-5068.json +++ b/2019/5xxx/CVE-2019-5068.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5068", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5068", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Mesa 3D X11 Graphics library", + "version": { + "version_data": [ + { + "version_value": "19.1.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insecured inherited permissions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to trigger this vulnerability." } ] } diff --git a/2019/8xxx/CVE-2019-8090.json b/2019/8xxx/CVE-2019-8090.json index 350937daebc..89800667631 100644 --- a/2019/8xxx/CVE-2019-8090.json +++ b/2019/8xxx/CVE-2019-8090.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8090", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8090", + "ASSIGNER": "psirt@adobe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Adobe Systems Incorporated", + "product": { + "product_data": [ + { + "product_name": "Magento 2", + "version": { + "version_data": [ + { + "version_value": "Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary File Deletion" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update", + "url": "https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature." } ] }