diff --git a/2019/12xxx/CVE-2019-12331.json b/2019/12xxx/CVE-2019-12331.json
index 63cfb1f4b6f..79760bb5a60 100644
--- a/2019/12xxx/CVE-2019-12331.json
+++ b/2019/12xxx/CVE-2019-12331.json
@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2019-12331",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2019-12331",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml payload to utf-7 it is possible to bypass the check for the string \u201a<!ENTITY\u2018 and thus allowing for an xml external entity processing (XXE) attack."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/PHPOffice/PhpSpreadsheet/blob/master/CHANGELOG.md#180---2019-07-01",
+                "url": "https://github.com/PHPOffice/PhpSpreadsheet/blob/master/CHANGELOG.md#180---2019-07-01"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://herolab.usd.de/security-advisories/usd-2019-0046/",
+                "url": "https://herolab.usd.de/security-advisories/usd-2019-0046/"
             }
         ]
     }
diff --git a/2019/16xxx/CVE-2019-16873.json b/2019/16xxx/CVE-2019-16873.json
new file mode 100644
index 00000000000..52e561c98f3
--- /dev/null
+++ b/2019/16xxx/CVE-2019-16873.json
@@ -0,0 +1,62 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-16873",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Portainer before 1.22.1 has XSS (issue 1 of 2)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://fortiguard.com/zeroday/FG-VD-19-118",
+                "url": "https://fortiguard.com/zeroday/FG-VD-19-118"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2019/16xxx/CVE-2019-16874.json b/2019/16xxx/CVE-2019-16874.json
new file mode 100644
index 00000000000..d4700227d86
--- /dev/null
+++ b/2019/16xxx/CVE-2019-16874.json
@@ -0,0 +1,62 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-16874",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://fortiguard.com/zeroday/FG-VD-19-121",
+                "url": "https://fortiguard.com/zeroday/FG-VD-19-121"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2019/18xxx/CVE-2019-18684.json b/2019/18xxx/CVE-2019-18684.json
index bd99355ffec..914238b9273 100644
--- a/2019/18xxx/CVE-2019-18684.json
+++ b/2019/18xxx/CVE-2019-18684.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password."
+                "value": "** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers."
             }
         ]
     },
diff --git a/2019/6xxx/CVE-2019-6337.json b/2019/6xxx/CVE-2019-6337.json
index 058f611c493..1f1078b5fb0 100644
--- a/2019/6xxx/CVE-2019-6337.json
+++ b/2019/6xxx/CVE-2019-6337.json
@@ -1,17 +1,61 @@
 {
-    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
-        "ID": "CVE-2019-6337",
-        "STATE": "RESERVED"
-    },
-    "data_format": "MITRE",
     "data_type": "CVE",
+    "data_format": "MITRE",
     "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-6337",
+        "ASSIGNER": "hp-security-alert@hp.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "HP OfficeJet Pro 8210 Printer series,HP PageWide 352dw Printer,HP PageWide 377dw Multifunction Printer,HP PageWide Managed P55250dw Printer series,HP PageWide Managed P57750dw Multifunction Printer series,HP PageWide Managed P52750dw Multifunction Printer,HP PageWide Pro 452dn Printer series,HP PageWide Pro 452dw Printer series,HP PageWide Pro 477dn Multifunction Printer series,HP PageWide Pro 477dw Multifunction Printer series,HP PageWide Pro 552dw Printer series,HP PageWide Pro 577dw Multifunction Printer series",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "001.1937C or later For all models"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Buffer Overflow, Disclosure of Information"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://support.hp.com/us-en/document/c06458150",
+                "url": "https://support.hp.com/us-en/document/c06458150"
+            }
+        ]
+    },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device."
             }
         ]
     }