diff --git a/2018/16xxx/CVE-2018-16548.json b/2018/16xxx/CVE-2018-16548.json index 7cb80607ffe..d3b64046057 100644 --- a/2018/16xxx/CVE-2018-16548.json +++ b/2018/16xxx/CVE-2018-16548.json @@ -61,6 +61,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:2196", "url": "https://access.redhat.com/errata/RHSA-2019:2196" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2396", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00065.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2394", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00066.html" } ] } diff --git a/2019/16xxx/CVE-2019-16167.json b/2019/16xxx/CVE-2019-16167.json index 00a6079a8ee..dc24d18d7d0 100644 --- a/2019/16xxx/CVE-2019-16167.json +++ b/2019/16xxx/CVE-2019-16167.json @@ -61,6 +61,11 @@ "url": "https://github.com/sysstat/sysstat/compare/v12.1.5...v12.1.6", "refsource": "MISC", "name": "https://github.com/sysstat/sysstat/compare/v12.1.5...v12.1.6" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2395", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00067.html" } ] } diff --git a/2019/17xxx/CVE-2019-17184.json b/2019/17xxx/CVE-2019-17184.json index 663c91f35ac..a14e4ecb648 100644 --- a/2019/17xxx/CVE-2019-17184.json +++ b/2019/17xxx/CVE-2019-17184.json @@ -56,6 +56,11 @@ "url": "https://security.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19V_for_AltaLinkB80xx-C80xx.pdf", "refsource": "MISC", "name": "https://security.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19V_for_AltaLinkB80xx-C80xx.pdf" + }, + { + "refsource": "CONFIRM", + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19V_for_AltaLinkB80xx-C80xx-1.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2019/09/cert_Security_Mini_Bulletin_XRX19V_for_AltaLinkB80xx-C80xx-1.pdf" } ] } diff --git a/2019/5xxx/CVE-2019-5536.json b/2019/5xxx/CVE-2019-5536.json index 7f5ed1fd3ad..34b870fafae 100644 --- a/2019/5xxx/CVE-2019-5536.json +++ b/2019/5xxx/CVE-2019-5536.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5536", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5536", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware ESXi, Workstation and Fusion", + "version": { + "version_data": [ + { + "version_value": "VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial-of-service vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0019.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0019.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion." } ] } diff --git a/2019/5xxx/CVE-2019-5537.json b/2019/5xxx/CVE-2019-5537.json index 19c8dd615f1..89e888a207c 100644 --- a/2019/5xxx/CVE-2019-5537.json +++ b/2019/5xxx/CVE-2019-5537.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5537", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5537", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware vCenter Server Appliance", + "version": { + "version_data": [ + { + "version_value": "VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0018.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0018.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over FTPS and HTTPS. A malicious actor with man-in-the-middle positioning between vCenter Server Appliance and a backup target may be able to intercept sensitive data in transit during File-Based Backup and Restore operations." } ] } diff --git a/2019/5xxx/CVE-2019-5538.json b/2019/5xxx/CVE-2019-5538.json index df3a302dc78..fc08e12de12 100644 --- a/2019/5xxx/CVE-2019-5538.json +++ b/2019/5xxx/CVE-2019-5538.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5538", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5538", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware vCenter Server Appliance", + "version": { + "version_data": [ + { + "version_value": "VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0018.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0018.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over SCP. A malicious actor with man-in-the-middle positioning between vCenter Server Appliance and a backup target may be able to intercept sensitive data in transit during File-Based Backup and Restore operations." } ] }