diff --git a/2018/20xxx/CVE-2018-20131.json b/2018/20xxx/CVE-2018-20131.json index ba11f36c59e..f2c8f14bbfe 100644 --- a/2018/20xxx/CVE-2018-20131.json +++ b/2018/20xxx/CVE-2018-20131.json @@ -52,15 +52,15 @@ }, "references": { "reference_data": [ - { - "name": "https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories/Permissions_vulnerability_in_Code42_app_on_Linux", - "refsource": "MISC", - "url": "https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories/Permissions_vulnerability_in_Code42_app_on_Linux" - }, { "name": "106452", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106452" + }, + { + "refsource": "MISC", + "name": "https://code42.com/r/support/CVE-2018-20131", + "url": "https://code42.com/r/support/CVE-2018-20131" } ] } diff --git a/2018/20xxx/CVE-2018-20406.json b/2018/20xxx/CVE-2018-20406.json index f8f0d7fc248..a45c3ef4816 100644 --- a/2018/20xxx/CVE-2018-20406.json +++ b/2018/20xxx/CVE-2018-20406.json @@ -106,6 +106,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] } diff --git a/2018/20xxx/CVE-2018-20852.json b/2018/20xxx/CVE-2018-20852.json index 0034ba01f18..047cef2d7c5 100644 --- a/2018/20xxx/CVE-2018-20852.json +++ b/2018/20xxx/CVE-2018-20852.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] } diff --git a/2019/0xxx/CVE-2019-0221.json b/2019/0xxx/CVE-2019-0221.json index 9202affa464..f5a1e067927 100644 --- a/2019/0xxx/CVE-2019-0221.json +++ b/2019/0xxx/CVE-2019-0221.json @@ -109,6 +109,11 @@ "refsource": "UBUNTU", "name": "USN-4128-1", "url": "https://usn.ubuntu.com/4128-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4128-2", + "url": "https://usn.ubuntu.com/4128-2/" } ] }, diff --git a/2019/10xxx/CVE-2019-10072.json b/2019/10xxx/CVE-2019-10072.json index c7c80a0e362..708fdada6aa 100644 --- a/2019/10xxx/CVE-2019-10072.json +++ b/2019/10xxx/CVE-2019-10072.json @@ -73,6 +73,11 @@ "refsource": "UBUNTU", "name": "USN-4128-1", "url": "https://usn.ubuntu.com/4128-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4128-2", + "url": "https://usn.ubuntu.com/4128-2/" } ] }, diff --git a/2019/10xxx/CVE-2019-10160.json b/2019/10xxx/CVE-2019-10160.json index d9165148baf..36178240707 100644 --- a/2019/10xxx/CVE-2019-10160.json +++ b/2019/10xxx/CVE-2019-10160.json @@ -128,6 +128,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] }, diff --git a/2019/11xxx/CVE-2019-11551.json b/2019/11xxx/CVE-2019-11551.json index e83c32019a7..c5d1ce161a2 100644 --- a/2019/11xxx/CVE-2019-11551.json +++ b/2019/11xxx/CVE-2019-11551.json @@ -54,8 +54,8 @@ "reference_data": [ { "refsource": "CONFIRM", - "name": "https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories/Users_can_restore_files_to_locations_they_do_not_have_write_access_to", - "url": "https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_security_advisories/Users_can_restore_files_to_locations_they_do_not_have_write_access_to" + "name": "https://code42.com/r/support/CVE-2019-11551", + "url": "https://code42.com/r/support/CVE-2019-11551" } ] } diff --git a/2019/12xxx/CVE-2019-12620.json b/2019/12xxx/CVE-2019-12620.json index 3d2afb31d65..748d241c320 100644 --- a/2019/12xxx/CVE-2019-12620.json +++ b/2019/12xxx/CVE-2019-12620.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users. " + "value": "A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14979.json b/2019/14xxx/CVE-2019-14979.json index 498feaed714..6d2279f1a73 100644 --- a/2019/14xxx/CVE-2019-14979.json +++ b/2019/14xxx/CVE-2019-14979.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price." + "value": "** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.17 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price. NOTE: The plugin author states it is true that the amount can be manipulated in the PayPal payment flow. However, the amount is validated against the WooCommerce order total before completing the order, and if it doesn\u2019t match then the order will be left in an \u201cOn Hold\u201d state." } ] }, @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://gkaim.com/cve-2019-14979-vikas-chaudhary/", "url": "https://gkaim.com/cve-2019-14979-vikas-chaudhary/" + }, + { + "refsource": "MISC", + "name": "https://wordpress.org/support/topic/vulnerabilty-in-plugin/#post-11899173", + "url": "https://wordpress.org/support/topic/vulnerabilty-in-plugin/#post-11899173" } ] } diff --git a/2019/15xxx/CVE-2019-15903.json b/2019/15xxx/CVE-2019-15903.json index a4d35200373..e6c1cbe9bc5 100644 --- a/2019/15xxx/CVE-2019-15903.json +++ b/2019/15xxx/CVE-2019-15903.json @@ -86,6 +86,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html", "url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4132-2", + "url": "https://usn.ubuntu.com/4132-2/" } ] } diff --git a/2019/16xxx/CVE-2019-16275.json b/2019/16xxx/CVE-2019-16275.json index 556d15b1deb..b63fac93011 100644 --- a/2019/16xxx/CVE-2019-16275.json +++ b/2019/16xxx/CVE-2019-16275.json @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4136-1", "url": "https://usn.ubuntu.com/4136-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4136-2", + "url": "https://usn.ubuntu.com/4136-2/" } ] } diff --git a/2019/1xxx/CVE-2019-1975.json b/2019/1xxx/CVE-2019-1975.json index d13bc7b9007..51ad55f141b 100644 --- a/2019/1xxx/CVE-2019-1975.json +++ b/2019/1xxx/CVE-2019-1975.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks. " + "value": "A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9636.json b/2019/9xxx/CVE-2019-9636.json index 93d57a13c5c..b8e85f50f32 100644 --- a/2019/9xxx/CVE-2019-9636.json +++ b/2019/9xxx/CVE-2019-9636.json @@ -241,6 +241,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9740.json b/2019/9xxx/CVE-2019-9740.json index 3a0630a6dd8..eec0783b4a6 100644 --- a/2019/9xxx/CVE-2019-9740.json +++ b/2019/9xxx/CVE-2019-9740.json @@ -126,6 +126,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2133", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9947.json b/2019/9xxx/CVE-2019-9947.json index 6779db6d435..1f9fa37ef8a 100644 --- a/2019/9xxx/CVE-2019-9947.json +++ b/2019/9xxx/CVE-2019-9947.json @@ -101,6 +101,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9948.json b/2019/9xxx/CVE-2019-9948.json index 1ff3e8364f7..0350ede09e4 100644 --- a/2019/9xxx/CVE-2019-9948.json +++ b/2019/9xxx/CVE-2019-9948.json @@ -116,6 +116,11 @@ "refsource": "UBUNTU", "name": "USN-4127-2", "url": "https://usn.ubuntu.com/4127-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4127-1", + "url": "https://usn.ubuntu.com/4127-1/" } ] }