diff --git a/2018/15xxx/CVE-2018-15878.json b/2018/15xxx/CVE-2018-15878.json index 801edcaf7fa..83a67bcee94 100644 --- a/2018/15xxx/CVE-2018-15878.json +++ b/2018/15xxx/CVE-2018-15878.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-15878", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-15878", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The GD Graphics Library (aka libgd) through 2.2.5 has a Double Free Vulnerability in the gdImageBmpPtr function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/libgd/libgd/issues/447", - "refsource": "MISC", - "name": "https://github.com/libgd/libgd/issues/447" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/15xxx/CVE-2018-15879.json b/2018/15xxx/CVE-2018-15879.json index 458b4844aa3..3b391c89188 100644 --- a/2018/15xxx/CVE-2018-15879.json +++ b/2018/15xxx/CVE-2018-15879.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-15879", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-15879", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "The GD Graphics Library (aka libgd) through 2.2.5 has a Double Free Vulnerability in the gdImageBmpPt function." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/libgd/libgd/issues/447", - "refsource": "MISC", - "name": "https://github.com/libgd/libgd/issues/447" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-6978. Reason: This candidate is a reservation duplicate of CVE-2019-6978. Notes: All CVE users should reference CVE-2019-6978 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2019/12xxx/CVE-2019-12269.json b/2019/12xxx/CVE-2019-12269.json index ef3c5e7e5f2..a456f881ace 100644 --- a/2019/12xxx/CVE-2019-12269.json +++ b/2019/12xxx/CVE-2019-12269.json @@ -61,6 +61,11 @@ "url": "https://sourceforge.net/p/enigmail/bugs/983/", "refsource": "MISC", "name": "https://sourceforge.net/p/enigmail/bugs/983/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1612", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00061.html" } ] } diff --git a/2019/12xxx/CVE-2019-12947.json b/2019/12xxx/CVE-2019-12947.json new file mode 100644 index 00000000000..f4baf06eaa8 --- /dev/null +++ b/2019/12xxx/CVE-2019-12947.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12947", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12948.json b/2019/12xxx/CVE-2019-12948.json new file mode 100644 index 00000000000..c0c0b6edbe8 --- /dev/null +++ b/2019/12xxx/CVE-2019-12948.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12948", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7229.json b/2019/7xxx/CVE-2019-7229.json index 9b18b02aa3e..12adc03e5b4 100644 --- a/2019/7xxx/CVE-2019-7229.json +++ b/2019/7xxx/CVE-2019-7229.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7229", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: \"Utilization of USB/SD Card to flash the device\" and \"Remote provisioning process via ABB Panel Builder 600 over FTP.\" Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2019/Jun/34", + "url": "http://seclists.org/fulldisclosure/2019/Jun/34" + }, + { + "refsource": "MISC", + "name": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-absence-of-signature-verification-vulnerability-xl-19-005/", + "url": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-absence-of-signature-verification-vulnerability-xl-19-005/" + }, + { + "refsource": "CONFIRM", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010376&LanguageCode=en&DocumentPartId=&Action=Launch", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010376&LanguageCode=en&DocumentPartId=&Action=Launch" + }, + { + "refsource": "CONFIRM", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010402&LanguageCode=en&DocumentPartId=&Action=Launch", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010402&LanguageCode=en&DocumentPartId=&Action=Launch" } ] } diff --git a/2019/9xxx/CVE-2019-9085.json b/2019/9xxx/CVE-2019-9085.json index 600e49115b5..ec88be6fe07 100644 --- a/2019/9xxx/CVE-2019-9085.json +++ b/2019/9xxx/CVE-2019-9085.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9085", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-numeric value), as demonstrated by the anno=2019&id_transazione=1&numero_contratto=1&n_file=a query string to visualizza_contratto.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.hoteldruid.com/en/download.html", + "refsource": "MISC", + "name": "http://www.hoteldruid.com/en/download.html" + }, + { + "refsource": "MISC", + "name": "https://metamorfosec.com/Files/Advisories/METS-2019-006-An_Invalid_Arguments_in_Hoteldruid_before_v2.3.1.txt", + "url": "https://metamorfosec.com/Files/Advisories/METS-2019-006-An_Invalid_Arguments_in_Hoteldruid_before_v2.3.1.txt" } ] }