diff --git a/2018/18xxx/CVE-2018-18311.json b/2018/18xxx/CVE-2018-18311.json index 7c2147afbed..b0697ea4deb 100644 --- a/2018/18xxx/CVE-2018-18311.json +++ b/2018/18xxx/CVE-2018-18311.json @@ -156,6 +156,11 @@ "refsource": "REDHAT", "name": "RHBA-2019:0327", "url": "https://access.redhat.com/errata/RHBA-2019:0327" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1790", + "url": "https://access.redhat.com/errata/RHSA-2019:1790" } ] } diff --git a/2018/19xxx/CVE-2018-19115.json b/2018/19xxx/CVE-2018-19115.json index f93d922b519..86179a85af4 100644 --- a/2018/19xxx/CVE-2018-19115.json +++ b/2018/19xxx/CVE-2018-19115.json @@ -91,6 +91,11 @@ "refsource": "UBUNTU", "name": "USN-3995-2", "url": "https://usn.ubuntu.com/3995-2/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1792", + "url": "https://access.redhat.com/errata/RHSA-2019:1792" } ] } diff --git a/2019/12xxx/CVE-2019-12735.json b/2019/12xxx/CVE-2019-12735.json index 16e67501dcb..aa757920ee7 100644 --- a/2019/12xxx/CVE-2019-12735.json +++ b/2019/12xxx/CVE-2019-12735.json @@ -141,6 +141,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1774", "url": "https://access.redhat.com/errata/RHSA-2019:1774" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1793", + "url": "https://access.redhat.com/errata/RHSA-2019:1793" } ] } diff --git a/2019/13xxx/CVE-2019-13360.json b/2019/13xxx/CVE-2019-13360.json new file mode 100644 index 00000000000..b470175f041 --- /dev/null +++ b/2019/13xxx/CVE-2019-13360.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13360", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13360.md", + "url": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13360.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13383.json b/2019/13xxx/CVE-2019-13383.json new file mode 100644 index 00000000000..766e3579466 --- /dev/null +++ b/2019/13xxx/CVE-2019-13383.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13383.md", + "url": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13383.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13603.json b/2019/13xxx/CVE-2019-13603.json new file mode 100644 index 00000000000..1beaef58294 --- /dev/null +++ b/2019/13xxx/CVE-2019-13603.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. It has a statically coded initialization vector to encrypt a user's fingerprint image, resulting in weak encryption of that. This, in combination with retrieving an encrypted fingerprint image and encryption key (through another vulnerability), allows an attacker to obtain a user's fingerprint image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sungjungk/fp-scanner-hacking", + "refsource": "MISC", + "name": "https://github.com/sungjungk/fp-scanner-hacking" + }, + { + "url": "https://www.youtube.com/watch?v=wEXJDyEOatM", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=wEXJDyEOatM" + }, + { + "url": "https://www.youtube.com/watch?v=Grirez2xeas", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=Grirez2xeas" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13605.json b/2019/13xxx/CVE-2019-13605.json new file mode 100644 index 00000000000..690a494dedd --- /dev/null +++ b/2019/13xxx/CVE-2019-13605.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13605", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/47123", + "url": "https://www.exploit-db.com/exploits/47123" + }, + { + "refsource": "MISC", + "name": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13605.md", + "url": "https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13605.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13615.json b/2019/13xxx/CVE-2019-13615.json new file mode 100644 index 00000000000..361db1b3c0e --- /dev/null +++ b/2019/13xxx/CVE-2019-13615.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in mkv::demux_sys_t::FreeUnused() in modules/demux/mkv/demux.cpp when called from mkv::Open in modules/demux/mkv/mkv.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://trac.videolan.org/vlc/ticket/22474", + "refsource": "MISC", + "name": "https://trac.videolan.org/vlc/ticket/22474" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13616.json b/2019/13xxx/CVE-2019-13616.json new file mode 100644 index 00000000000..00f2409247c --- /dev/null +++ b/2019/13xxx/CVE-2019-13616.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13616", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.libsdl.org/show_bug.cgi?id=4538", + "refsource": "MISC", + "name": "https://bugzilla.libsdl.org/show_bug.cgi?id=4538" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13617.json b/2019/13xxx/CVE-2019-13617.json new file mode 100644 index 00000000000..94095c140a2 --- /dev/null +++ b/2019/13xxx/CVE-2019-13617.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nginx/njs/issues/174", + "refsource": "MISC", + "name": "https://github.com/nginx/njs/issues/174" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15093", + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15093" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13618.json b/2019/13xxx/CVE-2019-13618.json new file mode 100644 index 00000000000..b7cdfcf3e2f --- /dev/null +++ b/2019/13xxx/CVE-2019-13618.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/1250", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/1250" + }, + { + "url": "https://github.com/gpac/gpac/compare/440d475...6b4ab40", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/compare/440d475...6b4ab40" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3855.json b/2019/3xxx/CVE-2019-3855.json index 1026d48b85d..f764bb75c4b 100644 --- a/2019/3xxx/CVE-2019-3855.json +++ b/2019/3xxx/CVE-2019-3855.json @@ -141,6 +141,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1652", "url": "https://access.redhat.com/errata/RHSA-2019:1652" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1791", + "url": "https://access.redhat.com/errata/RHSA-2019:1791" } ] }, diff --git a/2019/3xxx/CVE-2019-3856.json b/2019/3xxx/CVE-2019-3856.json index 9cbf1b6e101..9a75b009830 100644 --- a/2019/3xxx/CVE-2019-3856.json +++ b/2019/3xxx/CVE-2019-3856.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1652", "url": "https://access.redhat.com/errata/RHSA-2019:1652" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1791", + "url": "https://access.redhat.com/errata/RHSA-2019:1791" } ] }, diff --git a/2019/3xxx/CVE-2019-3857.json b/2019/3xxx/CVE-2019-3857.json index 38f68c4ada8..db123c291c7 100644 --- a/2019/3xxx/CVE-2019-3857.json +++ b/2019/3xxx/CVE-2019-3857.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1652", "url": "https://access.redhat.com/errata/RHSA-2019:1652" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1791", + "url": "https://access.redhat.com/errata/RHSA-2019:1791" } ] }, diff --git a/2019/3xxx/CVE-2019-3863.json b/2019/3xxx/CVE-2019-3863.json index bcc34155d61..8b3ade981fb 100644 --- a/2019/3xxx/CVE-2019-3863.json +++ b/2019/3xxx/CVE-2019-3863.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1652", "url": "https://access.redhat.com/errata/RHSA-2019:1652" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1791", + "url": "https://access.redhat.com/errata/RHSA-2019:1791" } ] },