From 26d23049d42d1830165296e5e596e1e423be92e2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 11 Sep 2019 19:00:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/9xxx/CVE-2018-9568.json | 5 ++ 2019/11xxx/CVE-2019-11247.json | 5 ++ 2019/11xxx/CVE-2019-11487.json | 5 ++ 2019/11xxx/CVE-2019-11772.json | 5 ++ 2019/11xxx/CVE-2019-11775.json | 5 ++ 2019/11xxx/CVE-2019-11777.json | 2 +- 2019/11xxx/CVE-2019-11810.json | 5 ++ 2019/13xxx/CVE-2019-13473.json | 67 +++++++++++++++++ 2019/14xxx/CVE-2019-14936.json | 62 +++++++++++++++ 2019/16xxx/CVE-2019-16235.json | 62 +++++++++++++++ 2019/16xxx/CVE-2019-16236.json | 62 +++++++++++++++ 2019/16xxx/CVE-2019-16237.json | 62 +++++++++++++++ 2019/2xxx/CVE-2019-2762.json | 5 ++ 2019/2xxx/CVE-2019-2769.json | 5 ++ 2019/2xxx/CVE-2019-2786.json | 5 ++ 2019/2xxx/CVE-2019-2816.json | 5 ++ 2019/3xxx/CVE-2019-3846.json | 5 ++ 2019/3xxx/CVE-2019-3887.json | 5 ++ 2019/7xxx/CVE-2019-7317.json | 5 ++ 2019/9xxx/CVE-2019-9488.json | 133 ++++++++++++++++++--------------- 2019/9xxx/CVE-2019-9512.json | 5 ++ 2019/9xxx/CVE-2019-9514.json | 5 ++ 22 files changed, 465 insertions(+), 60 deletions(-) create mode 100644 2019/13xxx/CVE-2019-13473.json create mode 100644 2019/14xxx/CVE-2019-14936.json create mode 100644 2019/16xxx/CVE-2019-16235.json create mode 100644 2019/16xxx/CVE-2019-16236.json create mode 100644 2019/16xxx/CVE-2019-16237.json diff --git a/2018/9xxx/CVE-2018-9568.json b/2018/9xxx/CVE-2018-9568.json index 21e6ad406ae..dc9b3e0676c 100644 --- a/2018/9xxx/CVE-2018-9568.json +++ b/2018/9xxx/CVE-2018-9568.json @@ -86,6 +86,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2730", "url": "https://access.redhat.com/errata/RHSA-2019:2730" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2736", + "url": "https://access.redhat.com/errata/RHSA-2019:2736" } ] } diff --git a/2019/11xxx/CVE-2019-11247.json b/2019/11xxx/CVE-2019-11247.json index 4add290a3c3..33ce85a79c9 100644 --- a/2019/11xxx/CVE-2019-11247.json +++ b/2019/11xxx/CVE-2019-11247.json @@ -115,6 +115,11 @@ "name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249", "refsource": "MLIST", "url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2690", + "url": "https://access.redhat.com/errata/RHSA-2019:2690" } ] }, diff --git a/2019/11xxx/CVE-2019-11487.json b/2019/11xxx/CVE-2019-11487.json index 5a28fc7c491..e60b815bce2 100644 --- a/2019/11xxx/CVE-2019-11487.json +++ b/2019/11xxx/CVE-2019-11487.json @@ -171,6 +171,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2703", "url": "https://access.redhat.com/errata/RHSA-2019:2703" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2741", + "url": "https://access.redhat.com/errata/RHSA-2019:2741" } ] } diff --git a/2019/11xxx/CVE-2019-11772.json b/2019/11xxx/CVE-2019-11772.json index 6c93d4320c5..6fd099a9d16 100644 --- a/2019/11xxx/CVE-2019-11772.json +++ b/2019/11xxx/CVE-2019-11772.json @@ -72,6 +72,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/11xxx/CVE-2019-11775.json b/2019/11xxx/CVE-2019-11775.json index 18d37b309e5..cfc0791ce2f 100644 --- a/2019/11xxx/CVE-2019-11775.json +++ b/2019/11xxx/CVE-2019-11775.json @@ -82,6 +82,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/11xxx/CVE-2019-11777.json b/2019/11xxx/CVE-2019-11777.json index 65d76f70c31..f90719870d9 100644 --- a/2019/11xxx/CVE-2019-11777.json +++ b/2019/11xxx/CVE-2019-11777.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information." + "value": "In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorrect information." } ] }, diff --git a/2019/11xxx/CVE-2019-11810.json b/2019/11xxx/CVE-2019-11810.json index db93b5ae0e0..c12137517ec 100644 --- a/2019/11xxx/CVE-2019-11810.json +++ b/2019/11xxx/CVE-2019-11810.json @@ -141,6 +141,11 @@ "refsource": "UBUNTU", "name": "USN-4118-1", "url": "https://usn.ubuntu.com/4118-1/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2736", + "url": "https://access.redhat.com/errata/RHSA-2019:2736" } ] } diff --git a/2019/13xxx/CVE-2019-13473.json b/2019/13xxx/CVE-2019-13473.json new file mode 100644 index 00000000000..cb810d34eaa --- /dev/null +++ b/2019/13xxx/CVE-2019-13473.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have an undocumented TELNET service within the BusyBox subsystem, leading to root access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.vulnerability-lab.com/get_content.php?id=2183", + "refsource": "MISC", + "name": "https://www.vulnerability-lab.com/get_content.php?id=2183" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154416/Dabman-And-Imperial-Web-Radio-Devices-Undocumented-Telnet-Backdoor.html", + "url": "http://packetstormsecurity.com/files/154416/Dabman-And-Imperial-Web-Radio-Devices-Undocumented-Telnet-Backdoor.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14936.json b/2019/14xxx/CVE-2019-14936.json new file mode 100644 index 00000000000..46690fe8367 --- /dev/null +++ b/2019/14xxx/CVE-2019-14936.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14936", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Information Disclosure (Username and Password Hash)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.blackdragon.team/contents/index.php/cves/cve-2019-14936/", + "url": "https://www.blackdragon.team/contents/index.php/cves/cve-2019-14936/" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16235.json b/2019/16xxx/CVE-2019-16235.json new file mode 100644 index 00000000000..9cb2fbd7958 --- /dev/null +++ b/2019/16xxx/CVE-2019-16235.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc549c930", + "refsource": "MISC", + "name": "https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc549c930" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16236.json b/2019/16xxx/CVE-2019-16236.json new file mode 100644 index 00000000000..bc53311820a --- /dev/null +++ b/2019/16xxx/CVE-2019-16236.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b8823d9", + "refsource": "MISC", + "name": "https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b8823d9" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16237.json b/2019/16xxx/CVE-2019-16237.json new file mode 100644 index 00000000000..c599246fed4 --- /dev/null +++ b/2019/16xxx/CVE-2019-16237.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16237", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363", + "refsource": "MISC", + "name": "https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2762.json b/2019/2xxx/CVE-2019-2762.json index f25242f8998..1d14ee12771 100644 --- a/2019/2xxx/CVE-2019-2762.json +++ b/2019/2xxx/CVE-2019-2762.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/2xxx/CVE-2019-2769.json b/2019/2xxx/CVE-2019-2769.json index 0b961d40a67..e5ca1bb615d 100644 --- a/2019/2xxx/CVE-2019-2769.json +++ b/2019/2xxx/CVE-2019-2769.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/2xxx/CVE-2019-2786.json b/2019/2xxx/CVE-2019-2786.json index ed174c4cc30..ea2aadd3b45 100644 --- a/2019/2xxx/CVE-2019-2786.json +++ b/2019/2xxx/CVE-2019-2786.json @@ -96,6 +96,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/2xxx/CVE-2019-2816.json b/2019/2xxx/CVE-2019-2816.json index fb474c1a2a1..c6f4ec14f7f 100644 --- a/2019/2xxx/CVE-2019-2816.json +++ b/2019/2xxx/CVE-2019-2816.json @@ -111,6 +111,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/3xxx/CVE-2019-3846.json b/2019/3xxx/CVE-2019-3846.json index 0b1b7df871a..586a75fcc07 100644 --- a/2019/3xxx/CVE-2019-3846.json +++ b/2019/3xxx/CVE-2019-3846.json @@ -153,6 +153,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2703", "url": "https://access.redhat.com/errata/RHSA-2019:2703" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2741", + "url": "https://access.redhat.com/errata/RHSA-2019:2741" } ] }, diff --git a/2019/3xxx/CVE-2019-3887.json b/2019/3xxx/CVE-2019-3887.json index 717cd9e5a26..729fd49dd9a 100644 --- a/2019/3xxx/CVE-2019-3887.json +++ b/2019/3xxx/CVE-2019-3887.json @@ -78,6 +78,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2703", "url": "https://access.redhat.com/errata/RHSA-2019:2703" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2741", + "url": "https://access.redhat.com/errata/RHSA-2019:2741" } ] }, diff --git a/2019/7xxx/CVE-2019-7317.json b/2019/7xxx/CVE-2019-7317.json index 6edd17cd6f6..9a61650e87a 100644 --- a/2019/7xxx/CVE-2019-7317.json +++ b/2019/7xxx/CVE-2019-7317.json @@ -241,6 +241,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2592", "url": "https://access.redhat.com/errata/RHSA-2019:2592" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2737", + "url": "https://access.redhat.com/errata/RHSA-2019:2737" } ] } diff --git a/2019/9xxx/CVE-2019-9488.json b/2019/9xxx/CVE-2019-9488.json index 8d39d9ee7c4..b16c56888e7 100644 --- a/2019/9xxx/CVE-2019-9488.json +++ b/2019/9xxx/CVE-2019-9488.json @@ -1,60 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@trendmicro.com", - "ID" : "CVE-2019-9488", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Trend Micro Deep Security, Trend Micro Vulnerability Protection", - "version" : { - "version_data" : [ - { - "version_value" : "Deep Security 10.x, 11.x; Vulnerability Protection 2.0" - } - ] - } - } - ] - }, - "vendor_name" : "Trend Micro" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM). " - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XXE Attack" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://success.trendmicro.com/solution/1122900" - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "security@trendmicro.com", + "ID": "CVE-2019-9488", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Trend Micro", + "product": { + "product_data": [ + { + "product_name": "Trend Micro Deep Security", + "version": { + "version_data": [ + { + "version_value": "10.x" + }, + { + "version_value": "11.x" + } + ] + } + }, + { + "product_name": "Trend Micro Vulnerability Protection", + "version": { + "version_data": [ + { + "version_value": "2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager (DSM)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XXE Attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://success.trendmicro.com/solution/1122900", + "url": "https://success.trendmicro.com/solution/1122900" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9512.json b/2019/9xxx/CVE-2019-9512.json index 8a4bf076e2e..12f1a3ad225 100644 --- a/2019/9xxx/CVE-2019-9512.json +++ b/2019/9xxx/CVE-2019-9512.json @@ -248,6 +248,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2690", + "url": "https://access.redhat.com/errata/RHSA-2019:2690" } ] }, diff --git a/2019/9xxx/CVE-2019-9514.json b/2019/9xxx/CVE-2019-9514.json index 314f2f57960..697f670200f 100644 --- a/2019/9xxx/CVE-2019-9514.json +++ b/2019/9xxx/CVE-2019-9514.json @@ -248,6 +248,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2690", + "url": "https://access.redhat.com/errata/RHSA-2019:2690" } ] },