From 383ec254b5fd0382f74b5cd6e6c748d870fc30a7 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Fri, 15 Nov 2019 22:01:43 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2019/11xxx/CVE-2019-11168.json | 5 +++++
 2019/13xxx/CVE-2019-13120.json | 2 +-
 2019/18xxx/CVE-2019-18895.json | 5 +++++
 2019/18xxx/CVE-2019-18957.json | 5 +++++
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/2019/11xxx/CVE-2019-11168.json b/2019/11xxx/CVE-2019-11168.json
index 0e25bd9d368..b2540758fad 100644
--- a/2019/11xxx/CVE-2019-11168.json
+++ b/2019/11xxx/CVE-2019-11168.json
@@ -48,6 +48,11 @@
                 "refsource": "MISC",
                 "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html",
                 "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K64346530?utm_source=f5support&amp;utm_medium=RSS",
+                "url": "https://support.f5.com/csp/article/K64346530?utm_source=f5support&amp;utm_medium=RSS"
             }
         ]
     },
diff --git a/2019/13xxx/CVE-2019-13120.json b/2019/13xxx/CVE-2019-13120.json
index a361d453762..676b8299b0a 100644
--- a/2019/13xxx/CVE-2019-13120.json
+++ b/2019/13xxx/CVE-2019-13120.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Amazon FreeRTOS up to and including v1.4.8 for AWS lacks length checking in prvProcessReceivedPublish, resulting in leakage of arbitrary memory contents on a device to an attacker. An attacker sends a malformed MQTT publish packet, and waits for an MQTTACK packet containing the leaked data."
+                "value": "Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which interacts with an associated vulnerable MQTT message in the application, specific circumstances could trigger this vulnerability."
             }
         ]
     },
diff --git a/2019/18xxx/CVE-2019-18895.json b/2019/18xxx/CVE-2019-18895.json
index 39983e705cb..1b3c7bb2ff9 100644
--- a/2019/18xxx/CVE-2019-18895.json
+++ b/2019/18xxx/CVE-2019-18895.json
@@ -66,6 +66,11 @@
                 "refsource": "MISC",
                 "name": "https://packetstormsecurity.com/files/155319/ScanGuard-Antivirus-Insecure-Permissions.html",
                 "url": "https://packetstormsecurity.com/files/155319/ScanGuard-Antivirus-Insecure-Permissions.html"
+            },
+            {
+                "refsource": "FULLDISC",
+                "name": "20191115 ScanGuard Antivirus (latest version) / Insecure Permissions",
+                "url": "http://seclists.org/fulldisclosure/2019/Nov/5"
             }
         ]
     }
diff --git a/2019/18xxx/CVE-2019-18957.json b/2019/18xxx/CVE-2019-18957.json
index d609150d8df..0d01e20edd1 100644
--- a/2019/18xxx/CVE-2019-18957.json
+++ b/2019/18xxx/CVE-2019-18957.json
@@ -61,6 +61,11 @@
                 "refsource": "MISC",
                 "name": "https://seclists.org/bugtraq/2019/Nov/23",
                 "url": "https://seclists.org/bugtraq/2019/Nov/23"
+            },
+            {
+                "refsource": "FULLDISC",
+                "name": "20191115 Vulnerability Disclosure and CVE assign",
+                "url": "http://seclists.org/fulldisclosure/2019/Nov/4"
             }
         ]
     }