From 401445b8b52028e430f75dc356761730622d0dee Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 22 Jan 2020 19:01:16 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/4xxx/CVE-2012-4919.json | 55 ++++++++++++++++++++++++++-- 2016/4xxx/CVE-2016-4761.json | 55 ++++++++++++++++++++++++++-- 2018/10xxx/CVE-2018-10653.json | 5 +++ 2018/5xxx/CVE-2018-5333.json | 5 +++ 2019/16xxx/CVE-2019-16792.json | 14 ++++---- 2019/17xxx/CVE-2019-17015.json | 5 +++ 2019/17xxx/CVE-2019-17016.json | 5 +++ 2019/17xxx/CVE-2019-17017.json | 5 +++ 2019/17xxx/CVE-2019-17021.json | 5 +++ 2019/17xxx/CVE-2019-17022.json | 5 +++ 2019/17xxx/CVE-2019-17024.json | 5 +++ 2019/17xxx/CVE-2019-17621.json | 5 +++ 2019/19xxx/CVE-2019-19834.json | 66 ++++++++++++++++++++++++++++++---- 2019/19xxx/CVE-2019-19836.json | 66 ++++++++++++++++++++++++++++++---- 2019/19xxx/CVE-2019-19843.json | 66 ++++++++++++++++++++++++++++++---- 2019/20xxx/CVE-2019-20330.json | 30 ++++++++++++++++ 2019/6xxx/CVE-2019-6205.json | 5 +++ 2019/9xxx/CVE-2019-9213.json | 5 +++ 2020/7xxx/CVE-2020-7228.json | 5 +++ 19 files changed, 381 insertions(+), 31 deletions(-) diff --git a/2012/4xxx/CVE-2012-4919.json b/2012/4xxx/CVE-2012-4919.json index 0d32279b375..4fed5a84ced 100644 --- a/2012/4xxx/CVE-2012-4919.json +++ b/2012/4xxx/CVE-2012-4919.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2012-4919", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Gallery Plugin authors", + "product": { + "product_data": [ + { + "product_name": "Gallery", + "version": { + "version_data": [ + { + "version_value": "1.4" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote File Include" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/57650", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/57650" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81713" } ] } diff --git a/2016/4xxx/CVE-2016-4761.json b/2016/4xxx/CVE-2016-4761.json index f8c809dc72c..d12ced345d4 100644 --- a/2016/4xxx/CVE-2016-4761.json +++ b/2016/4xxx/CVE-2016-4761.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "product-security@apple.com", "ID": "CVE-2016-4761", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebKitGTK+", + "version": { + "version_data": [ + { + "version_value": "before 2.14.0" + } + ] + } + } + ] + }, + "vendor_name": "WebKitGTK+" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "use-after-free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.openwall.com/lists/oss-security/2016/11/04/14", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2016/11/04/14" + }, + { + "url": "http://www.ubuntu.com/usn/USN-3166-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-3166-1" } ] } diff --git a/2018/10xxx/CVE-2018-10653.json b/2018/10xxx/CVE-2018-10653.json index 98d5326fbae..82e19ccd7d2 100644 --- a/2018/10xxx/CVE-2018-10653.json +++ b/2018/10xxx/CVE-2018-10653.json @@ -56,6 +56,11 @@ "name": "https://support.citrix.com/article/CTX234879", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX234879" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156037/Citrix-XenMobile-Server-10.8-XML-Injection.html", + "url": "http://packetstormsecurity.com/files/156037/Citrix-XenMobile-Server-10.8-XML-Injection.html" } ] } diff --git a/2018/5xxx/CVE-2018-5333.json b/2018/5xxx/CVE-2018-5333.json index b950ad4ab44..7fa4ad8ce9c 100644 --- a/2018/5xxx/CVE-2018-5333.json +++ b/2018/5xxx/CVE-2018-5333.json @@ -121,6 +121,11 @@ "name": "USN-3619-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3619-1/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html" } ] } diff --git a/2019/16xxx/CVE-2019-16792.json b/2019/16xxx/CVE-2019-16792.json index 43d55710043..4ecd6816e22 100644 --- a/2019/16xxx/CVE-2019-16792.json +++ b/2019/16xxx/CVE-2019-16792.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining.\n\nThis issue is fixed in Waitress 1.4.0." + "value": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0." } ] }, @@ -71,16 +71,16 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6", - "refsource": "CONFIRM", - "url": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6" - }, { "name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes", "refsource": "MISC", "url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes" }, + { + "name": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6", + "refsource": "CONFIRM", + "url": "https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6" + }, { "name": "https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65", "refsource": "MISC", @@ -92,4 +92,4 @@ "advisory": "GHSA-4ppp-gpcr-7qf6", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17015.json b/2019/17xxx/CVE-2019-17015.json index aa4c0fca029..eef6e83b660 100644 --- a/2019/17xxx/CVE-2019-17015.json +++ b/2019/17xxx/CVE-2019-17015.json @@ -83,6 +83,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0060", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17016.json b/2019/17xxx/CVE-2019-17016.json index 4dda9947338..fe69164d88d 100644 --- a/2019/17xxx/CVE-2019-17016.json +++ b/2019/17xxx/CVE-2019-17016.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17017.json b/2019/17xxx/CVE-2019-17017.json index e0f89fee1f6..d954fb99d5f 100644 --- a/2019/17xxx/CVE-2019-17017.json +++ b/2019/17xxx/CVE-2019-17017.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17021.json b/2019/17xxx/CVE-2019-17021.json index 2d8c5c24c83..da9fb94ca88 100644 --- a/2019/17xxx/CVE-2019-17021.json +++ b/2019/17xxx/CVE-2019-17021.json @@ -83,6 +83,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0060", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17022.json b/2019/17xxx/CVE-2019-17022.json index e759fbccaf0..ea28b1223b4 100644 --- a/2019/17xxx/CVE-2019-17022.json +++ b/2019/17xxx/CVE-2019-17022.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17024.json b/2019/17xxx/CVE-2019-17024.json index 8f55d5b36ff..0caf2fe36b2 100644 --- a/2019/17xxx/CVE-2019-17024.json +++ b/2019/17xxx/CVE-2019-17024.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200120 [SECURITY] [DLA 2071-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17621.json b/2019/17xxx/CVE-2019-17621.json index ba5cdc63ca4..b1f7d8c1581 100644 --- a/2019/17xxx/CVE-2019-17621.json +++ b/2019/17xxx/CVE-2019-17621.json @@ -81,6 +81,11 @@ "refsource": "MISC", "name": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9", "url": "https://medium.com/@s1kr10s/d-link-dir-859-rce-unautenticated-cve-2019-17621-es-fad716629ff9" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html", + "url": "http://packetstormsecurity.com/files/156054/D-Link-DIR-859-Unauthenticated-Remote-Command-Execution.html" } ] } diff --git a/2019/19xxx/CVE-2019-19834.json b/2019/19xxx/CVE-2019-19834.json index bbe1690e1ae..20afd64b22c 100644 --- a/2019/19xxx/CVE-2019-19834.json +++ b/2019/19xxx/CVE-2019-19834.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19834", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19834", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html", + "refsource": "MISC", + "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruckuswireless.com/security/299/view/txt", + "url": "https://www.ruckuswireless.com/security/299/view/txt" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless", + "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless" } ] } diff --git a/2019/19xxx/CVE-2019-19836.json b/2019/19xxx/CVE-2019-19836.json index 6774b62063f..947a03748e2 100644 --- a/2019/19xxx/CVE-2019-19836.json +++ b/2019/19xxx/CVE-2019-19836.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19836", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19836", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html", + "refsource": "MISC", + "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruckuswireless.com/security/299/view/txt", + "url": "https://www.ruckuswireless.com/security/299/view/txt" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless", + "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless" } ] } diff --git a/2019/19xxx/CVE-2019-19843.json b/2019/19xxx/CVE-2019-19843.json index 180c4c3e20a..c9ab96affd0 100644 --- a/2019/19xxx/CVE-2019-19843.json +++ b/2019/19xxx/CVE-2019-19843.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19843", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19843", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html", + "refsource": "MISC", + "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruckuswireless.com/security/299/view/txt", + "url": "https://www.ruckuswireless.com/security/299/view/txt" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless", + "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless" } ] } diff --git a/2019/20xxx/CVE-2019-20330.json b/2019/20xxx/CVE-2019-20330.json index 334ba3642ed..aa95f508601 100644 --- a/2019/20xxx/CVE-2019-20330.json +++ b/2019/20xxx/CVE-2019-20330.json @@ -106,6 +106,36 @@ "refsource": "MLIST", "name": "[zookeeper-issues] 20200118 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330", "url": "https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-issues] 20200122 [jira] [Commented] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330", + "url": "https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-dev] 20200122 Re: 3.5.7", + "url": "https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c@%3Cdev.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-issues] 20200122 [jira] [Assigned] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330", + "url": "https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt commented on issue #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330", + "url": "https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-issues] 20200122 [jira] [Updated] (ZOOKEEPER-3699) upgrade jackson-databind to address CVE-2019-20330", + "url": "https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20200122 [GitHub] [zookeeper] phunt opened a new pull request #1232: ZOOKEEPER-3699: upgrade jackson-databind to address CVE-2019-20330", + "url": "https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0@%3Cnotifications.zookeeper.apache.org%3E" } ] } diff --git a/2019/6xxx/CVE-2019-6205.json b/2019/6xxx/CVE-2019-6205.json index a5052cc006b..612a2370b29 100644 --- a/2019/6xxx/CVE-2019-6205.json +++ b/2019/6xxx/CVE-2019-6205.json @@ -99,6 +99,11 @@ "name": "https://support.apple.com/HT209447", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209447" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156051/XNU-vm_map_copy-Insufficient-Fix.html", + "url": "http://packetstormsecurity.com/files/156051/XNU-vm_map_copy-Insufficient-Fix.html" } ] } diff --git a/2019/9xxx/CVE-2019-9213.json b/2019/9xxx/CVE-2019-9213.json index d4d2095c96a..2629628b366 100644 --- a/2019/9xxx/CVE-2019-9213.json +++ b/2019/9xxx/CVE-2019-9213.json @@ -176,6 +176,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1480", "url": "https://access.redhat.com/errata/RHSA-2019:1480" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html" } ] } diff --git a/2020/7xxx/CVE-2020-7228.json b/2020/7xxx/CVE-2020-7228.json index 9a602492c88..0e6a526b62a 100644 --- a/2020/7xxx/CVE-2020-7228.json +++ b/2020/7xxx/CVE-2020-7228.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://spider-security.co.uk/blog-cve-2020-7228", "url": "https://spider-security.co.uk/blog-cve-2020-7228" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10043", + "url": "https://wpvulndb.com/vulnerabilities/10043" } ] }