From 1c54e43ad21b016674d594c068eecba4773d5aa7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 10 Jul 2019 12:00:53 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/12xxx/CVE-2018-12622.json | 53 +++++++++++++++++++++++++-- 2018/12xxx/CVE-2018-12623.json | 53 +++++++++++++++++++++++++-- 2018/12xxx/CVE-2018-12625.json | 53 +++++++++++++++++++++++++-- 2018/12xxx/CVE-2018-12626.json | 53 +++++++++++++++++++++++++-- 2018/12xxx/CVE-2018-12627.json | 53 +++++++++++++++++++++++++-- 2018/12xxx/CVE-2018-12628.json | 53 +++++++++++++++++++++++++-- 2018/14xxx/CVE-2018-14550.json | 53 +++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20815.json | 5 +++ 2019/0xxx/CVE-2019-0948.json | 5 +++ 2019/10xxx/CVE-2019-10119.json | 61 +++++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10120.json | 61 +++++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10121.json | 66 ++++++++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10122.json | 61 +++++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10126.json | 5 +++ 2019/12xxx/CVE-2019-12379.json | 5 +++ 2019/12xxx/CVE-2019-12380.json | 5 +++ 2019/12xxx/CVE-2019-12455.json | 5 +++ 2019/12xxx/CVE-2019-12614.json | 5 +++ 2019/12xxx/CVE-2019-12615.json | 5 +++ 2019/12xxx/CVE-2019-12818.json | 5 +++ 2019/12xxx/CVE-2019-12819.json | 5 +++ 2019/12xxx/CVE-2019-12881.json | 5 +++ 2019/13xxx/CVE-2019-13068.json | 5 +++ 2019/13xxx/CVE-2019-13390.json | 5 +++ 2019/3xxx/CVE-2019-3846.json | 5 +++ 2019/3xxx/CVE-2019-3896.json | 5 +++ 26 files changed, 657 insertions(+), 38 deletions(-) diff --git a/2018/12xxx/CVE-2018-12622.json b/2018/12xxx/CVE-2018-12622.json index dbd0da1af10..ee15ba3607d 100644 --- a/2018/12xxx/CVE-2018-12622.json +++ b/2018/12xxx/CVE-2018-12622.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12622", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/12xxx/CVE-2018-12623.json b/2018/12xxx/CVE-2018-12623.json index 0bd7aae2195..90d57d9e1b8 100644 --- a/2018/12xxx/CVE-2018-12623.json +++ b/2018/12xxx/CVE-2018-12623.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12623", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/12xxx/CVE-2018-12625.json b/2018/12xxx/CVE-2018-12625.json index ca73baa1e9f..3f010cc1c74 100644 --- a/2018/12xxx/CVE-2018-12625.json +++ b/2018/12xxx/CVE-2018-12625.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12625", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/12xxx/CVE-2018-12626.json b/2018/12xxx/CVE-2018-12626.json index b9626de53a4..a87ca55fe21 100644 --- a/2018/12xxx/CVE-2018-12626.json +++ b/2018/12xxx/CVE-2018-12626.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12626", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/12xxx/CVE-2018-12627.json b/2018/12xxx/CVE-2018-12627.json index 01a4c26c7c6..281bb7328c1 100644 --- a/2018/12xxx/CVE-2018-12627.json +++ b/2018/12xxx/CVE-2018-12627.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12627", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the show_notification_list_issues or show_authorized_issues parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/12xxx/CVE-2018-12628.json b/2018/12xxx/CVE-2018-12628.json index b4dab8a29ef..1b0cdfdbbb5 100644 --- a/2018/12xxx/CVE-2018-12628.json +++ b/2018/12xxx/CVE-2018-12628.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12628", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/eventum/eventum/blob/master/CHANGELOG.md" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/eventum/eventum/releases/tag/v3.5.2", + "url": "https://github.com/eventum/eventum/releases/tag/v3.5.2" } ] } diff --git a/2018/14xxx/CVE-2018-14550.json b/2018/14xxx/CVE-2018-14550.json index 145e824a98f..434686e6693 100644 --- a/2018/14xxx/CVE-2018-14550.json +++ b/2018/14xxx/CVE-2018-14550.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14550", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/glennrp/libpng/issues/246", + "refsource": "MISC", + "name": "https://github.com/glennrp/libpng/issues/246" + }, + { + "url": "https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token", + "refsource": "MISC", + "name": "https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token" } ] } diff --git a/2018/20xxx/CVE-2018-20815.json b/2018/20xxx/CVE-2018-20815.json index 574802bc3e8..f6d478ed940 100644 --- a/2018/20xxx/CVE-2018-20815.json +++ b/2018/20xxx/CVE-2018-20815.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-e9de40d53f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOE3PVFPMWMXV3DGP2R3XIHAF2ZQU3FS/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1723", + "url": "https://access.redhat.com/errata/RHSA-2019:1723" } ] } diff --git a/2019/0xxx/CVE-2019-0948.json b/2019/0xxx/CVE-2019-0948.json index 5aa04476156..f88856d2e76 100644 --- a/2019/0xxx/CVE-2019-0948.json +++ b/2019/0xxx/CVE-2019-0948.json @@ -211,6 +211,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0948" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-641/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-641/" } ] } diff --git a/2019/10xxx/CVE-2019-10119.json b/2019/10xxx/CVE-2019-10119.json index cc38e68d046..562a4e8b09b 100644 --- a/2019/10xxx/CVE-2019-10119.json +++ b/2019/10xxx/CVE-2019-10119.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10119", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10119", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via an invalid login attempt to the RemoteApi account, aka HMCCU-154. This leads to automatic login as admin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf" + }, + { + "url": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf" } ] } diff --git a/2019/10xxx/CVE-2019-10120.json b/2019/10xxx/CVE-2019-10120.json index 32e0627926a..549a5b49a82 100644 --- a/2019/10xxx/CVE-2019-10120.json +++ b/2019/10xxx/CVE-2019-10120.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10120", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10120", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration (aka setAutoLogin) can be achieved by continuing to use a session ID after a logout, aka HMCCU-154." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf" + }, + { + "url": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf" } ] } diff --git a/2019/10xxx/CVE-2019-10121.json b/2019/10xxx/CVE-2019-10121.json index 46ac388c9fe..afbb855ed3e 100644 --- a/2019/10xxx/CVE-2019-10121.json +++ b/2019/10xxx/CVE-2019-10121.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10121", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10121", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user authentication dialogue, aka HMCCU-153. This leads to automatic login as admin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf" + }, + { + "url": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf" + }, + { + "url": "https://os-s.de/advisories/OSS-2018-01.pdf", + "refsource": "MISC", + "name": "https://os-s.de/advisories/OSS-2018-01.pdf" } ] } diff --git a/2019/10xxx/CVE-2019-10122.json b/2019/10xxx/CVE-2019-10122.json index efca3790a5d..4c9d84f2e62 100644 --- a/2019/10xxx/CVE-2019-10122.json +++ b/2019/10xxx/CVE-2019-10122.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10122", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10122", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "eQ-3 HomeMatic CCU2 devices before 2.41.9 and CCU3 devices before 3.43.16 have buffer overflows in the ReGa ise GmbH HTTP-Server 2.0 component, aka HMCCU-179. This may lead to remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/HM-CCU2-Firmware_Updates/HM-CCU-2.41.9/HM-CCU2-Changelog.2.41.9.pdf" + }, + { + "url": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf", + "refsource": "MISC", + "name": "https://www.eq-3.de/Downloads/Software/CCU3-Firmware/CCU3-3.43.16/CCU3-Changelog.3.43.16.pdf" } ] } diff --git a/2019/10xxx/CVE-2019-10126.json b/2019/10xxx/CVE-2019-10126.json index 6f57ecce371..32e34af9a77 100644 --- a/2019/10xxx/CVE-2019-10126.json +++ b/2019/10xxx/CVE-2019-10126.json @@ -78,6 +78,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K95593121", "url": "https://support.f5.com/csp/article/K95593121" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] }, diff --git a/2019/12xxx/CVE-2019-12379.json b/2019/12xxx/CVE-2019-12379.json index 81fcd8e45ee..a28cc5db1c8 100644 --- a/2019/12xxx/CVE-2019-12379.json +++ b/2019/12xxx/CVE-2019-12379.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=15b3cd8ef46ad1b100e0d3c7e38774f330726820", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing&id=15b3cd8ef46ad1b100e0d3c7e38774f330726820" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12380.json b/2019/12xxx/CVE-2019-12380.json index 645555054e1..c6276593d11 100644 --- a/2019/12xxx/CVE-2019-12380.json +++ b/2019/12xxx/CVE-2019-12380.json @@ -86,6 +86,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1579", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12455.json b/2019/12xxx/CVE-2019-12455.json index e2f59c62524..8dc944867ca 100644 --- a/2019/12xxx/CVE-2019-12455.json +++ b/2019/12xxx/CVE-2019-12455.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-f40bd7826f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12614.json b/2019/12xxx/CVE-2019-12614.json index aa71e14e191..09b1563293e 100644 --- a/2019/12xxx/CVE-2019-12614.json +++ b/2019/12xxx/CVE-2019-12614.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-83858fc57b", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12615.json b/2019/12xxx/CVE-2019-12615.json index 1b7b9ab566d..a3bf1d46cdf 100644 --- a/2019/12xxx/CVE-2019-12615.json +++ b/2019/12xxx/CVE-2019-12615.json @@ -66,6 +66,11 @@ "refsource": "BID", "name": "108549", "url": "http://www.securityfocus.com/bid/108549" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12818.json b/2019/12xxx/CVE-2019-12818.json index 2944095e569..9e978401fff 100644 --- a/2019/12xxx/CVE-2019-12818.json +++ b/2019/12xxx/CVE-2019-12818.json @@ -91,6 +91,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K91444306", "url": "https://support.f5.com/csp/article/K91444306" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12819.json b/2019/12xxx/CVE-2019-12819.json index 891a2a82138..cfddb55a68d 100644 --- a/2019/12xxx/CVE-2019-12819.json +++ b/2019/12xxx/CVE-2019-12819.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1579", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/12xxx/CVE-2019-12881.json b/2019/12xxx/CVE-2019-12881.json index 2136e51c69f..cfbbfbcc8af 100644 --- a/2019/12xxx/CVE-2019-12881.json +++ b/2019/12xxx/CVE-2019-12881.json @@ -61,6 +61,11 @@ "refsource": "BID", "name": "108873", "url": "http://www.securityfocus.com/bid/108873" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] } diff --git a/2019/13xxx/CVE-2019-13068.json b/2019/13xxx/CVE-2019-13068.json index c0f945d0f5f..0a67265314a 100644 --- a/2019/13xxx/CVE-2019-13068.json +++ b/2019/13xxx/CVE-2019-13068.json @@ -61,6 +61,11 @@ "url": "https://github.com/grafana/grafana/releases/tag/v6.2.5", "refsource": "MISC", "name": "https://github.com/grafana/grafana/releases/tag/v6.2.5" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0001/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0001/" } ] } diff --git a/2019/13xxx/CVE-2019-13390.json b/2019/13xxx/CVE-2019-13390.json index 29dfa46d0db..46a0e86d45e 100644 --- a/2019/13xxx/CVE-2019-13390.json +++ b/2019/13xxx/CVE-2019-13390.json @@ -76,6 +76,11 @@ "url": "https://trac.ffmpeg.org/ticket/7982", "refsource": "MISC", "name": "https://trac.ffmpeg.org/ticket/7982" + }, + { + "refsource": "BID", + "name": "109090", + "url": "http://www.securityfocus.com/bid/109090" } ] } diff --git a/2019/3xxx/CVE-2019-3846.json b/2019/3xxx/CVE-2019-3846.json index 6ae3ec39d1f..b805716006d 100644 --- a/2019/3xxx/CVE-2019-3846.json +++ b/2019/3xxx/CVE-2019-3846.json @@ -98,6 +98,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1579", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] }, diff --git a/2019/3xxx/CVE-2019-3896.json b/2019/3xxx/CVE-2019-3896.json index 84bd8b33c50..7a54fa1adde 100644 --- a/2019/3xxx/CVE-2019-3896.json +++ b/2019/3xxx/CVE-2019-3896.json @@ -58,6 +58,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K04327111", "url": "https://support.f5.com/csp/article/K04327111" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" } ] },