From 493afa4c17f5f4b7d1d7ec8eab9466ebb93b8246 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 30 Sep 2019 14:01:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/11xxx/CVE-2018-11338.json | 5 +++ 2018/14xxx/CVE-2018-14607.json | 5 +++ 2018/14xxx/CVE-2018-14608.json | 5 +++ 2019/14xxx/CVE-2019-14977.json | 63 ++++------------------------------ 2019/16xxx/CVE-2019-16916.json | 18 ++++++++++ 2019/17xxx/CVE-2019-17040.json | 62 +++++++++++++++++++++++++++++++++ 6 files changed, 102 insertions(+), 56 deletions(-) create mode 100644 2019/16xxx/CVE-2019-16916.json create mode 100644 2019/17xxx/CVE-2019-17040.json diff --git a/2018/11xxx/CVE-2018-11338.json b/2018/11xxx/CVE-2018-11338.json index b8a047b99ca..3d489a739fc 100644 --- a/2018/11xxx/CVE-2018-11338.json +++ b/2018/11xxx/CVE-2018-11338.json @@ -56,6 +56,11 @@ "name": "https://corporateblue.com/your-taxes-are-being-leaked/", "refsource": "MISC", "url": "https://corporateblue.com/your-taxes-are-being-leaked/" + }, + { + "refsource": "MISC", + "name": "https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/", + "url": "https://www.themikewylie.com/intuit-lacerte-vulnerability-and-data-exposure-cve-2018-11338-cve-2018-14833/" } ] } diff --git a/2018/14xxx/CVE-2018-14607.json b/2018/14xxx/CVE-2018-14607.json index 84721dbf373..d1ce235a471 100644 --- a/2018/14xxx/CVE-2018-14607.json +++ b/2018/14xxx/CVE-2018-14607.json @@ -56,6 +56,11 @@ "name": "https://corporateblue.com/ultratax-cs-data-exposure-vulnerability/", "refsource": "MISC", "url": "https://corporateblue.com/ultratax-cs-data-exposure-vulnerability/" + }, + { + "refsource": "MISC", + "name": "https://www.themikewylie.com/ultratax-cs-data-exposure-vulnerability-cve-2018-14608-cve-2018-14607/", + "url": "https://www.themikewylie.com/ultratax-cs-data-exposure-vulnerability-cve-2018-14608-cve-2018-14607/" } ] } diff --git a/2018/14xxx/CVE-2018-14608.json b/2018/14xxx/CVE-2018-14608.json index ab3cf0524ef..2e79a5e0af1 100644 --- a/2018/14xxx/CVE-2018-14608.json +++ b/2018/14xxx/CVE-2018-14608.json @@ -56,6 +56,11 @@ "name": "https://corporateblue.com/ultratax-cs-data-exposure-vulnerability/", "refsource": "MISC", "url": "https://corporateblue.com/ultratax-cs-data-exposure-vulnerability/" + }, + { + "refsource": "MISC", + "name": "https://www.themikewylie.com/ultratax-cs-data-exposure-vulnerability-cve-2018-14608-cve-2018-14607/", + "url": "https://www.themikewylie.com/ultratax-cs-data-exposure-vulnerability-cve-2018-14608-cve-2018-14607/" } ] } diff --git a/2019/14xxx/CVE-2019-14977.json b/2019/14xxx/CVE-2019-14977.json index d831d272c6e..0d893d1cbc7 100644 --- a/2019/14xxx/CVE-2019-14977.json +++ b/2019/14xxx/CVE-2019-14977.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-14977", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14977", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** DISPUTED ** card/pay/.../amount in the WooCommerce Instamojo Payment Gateway plugin 1.0.7 for WordPress allows Parameter Tampering in the sign parameter, as demonstrated by purchasing an item for lower than the intended price. NOTE: The vendor disputes this vulnerability stating, \"Validation is happening as expected on the data in POST body. The URL parameters are completely unused in this POST.\"" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://gkaim.com/cve-2019-14977-vikas-chaudhary/", - "url": "https://gkaim.com/cve-2019-14977-vikas-chaudhary/" - }, - { - "refsource": "MISC", - "name": "https://support.instamojo.com/hc/en-us/articles/360033343451", - "url": "https://support.instamojo.com/hc/en-us/articles/360033343451" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2019/16xxx/CVE-2019-16916.json b/2019/16xxx/CVE-2019-16916.json new file mode 100644 index 00000000000..150a3b94496 --- /dev/null +++ b/2019/16xxx/CVE-2019-16916.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16916", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue for the designated product. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17040.json b/2019/17xxx/CVE-2019-17040.json new file mode 100644 index 00000000000..aa90ec023e4 --- /dev/null +++ b/2019/17xxx/CVE-2019-17040.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rsyslog/rsyslog/pull/3875", + "refsource": "MISC", + "name": "https://github.com/rsyslog/rsyslog/pull/3875" + } + ] + } +} \ No newline at end of file