diff --git a/2019/10xxx/CVE-2019-10092.json b/2019/10xxx/CVE-2019-10092.json index 3eab24040de..c2d48e09202 100644 --- a/2019/10xxx/CVE-2019-10092.json +++ b/2019/10xxx/CVE-2019-10092.json @@ -53,6 +53,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190930 [SECURITY] [DLA 1900-2] apache2 regression update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20191016 [SECURITY] [DSA 4509-3] apache2 security update", + "url": "https://seclists.org/bugtraq/2019/Oct/24" } ] }, diff --git a/2019/11xxx/CVE-2019-11281.json b/2019/11xxx/CVE-2019-11281.json index b2eabd70a97..d15006b8f0b 100644 --- a/2019/11xxx/CVE-2019-11281.json +++ b/2019/11xxx/CVE-2019-11281.json @@ -16,6 +16,7 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Pivotal", "product": { "product_data": [ { @@ -23,9 +24,7 @@ "version": { "version_data": [ { - "affected": "<", - "version_name": "All", - "version_value": "v3.7.18" + "version_value": "prior to v3.7.18" } ] } @@ -35,26 +34,19 @@ "version": { "version_data": [ { - "affected": "<", - "version_name": "1.15", - "version_value": "1.15.13" + "version_value": "1.15.x prior to 1.15.13" }, { - "affected": "<", - "version_name": "1.16", - "version_value": "1.16.6" + "version_value": "11.16.x prior to 1.16.6" }, { - "affected": "<", - "version_name": "1.17", - "version_value": "1.17.3" + "version_value": "1.17.x prior to 1.17.3" } ] } } ] - }, - "vendor_name": "Pivotal" + } } ] } diff --git a/2019/16xxx/CVE-2019-16866.json b/2019/16xxx/CVE-2019-16866.json index f9a34bc7d47..dfe7093c3c5 100644 --- a/2019/16xxx/CVE-2019-16866.json +++ b/2019/16xxx/CVE-2019-16866.json @@ -71,6 +71,11 @@ "refsource": "DEBIAN", "name": "DSA-4544", "url": "https://www.debian.org/security/2019/dsa-4544" + }, + { + "refsource": "BUGTRAQ", + "name": "20191016 [SECURITY] [DSA 4544-1] unbound security update", + "url": "https://seclists.org/bugtraq/2019/Oct/23" } ] } diff --git a/2019/17xxx/CVE-2019-17660.json b/2019/17xxx/CVE-2019-17660.json new file mode 100644 index 00000000000..7c56d5e1791 --- /dev/null +++ b/2019/17xxx/CVE-2019-17660.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability in admin/translate/translateheader_view.php in LimeSurvey 3.19.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the tolang parameter, as demonstrated by the index.php/admin/translate/sa/index/surveyid/336819/lang/ PATH_INFO." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/kbgsft/vuln-limesurvey/wiki/Reflected-XSS-in-LimeSurvey-3.19.1-by-xcuter", + "refsource": "MISC", + "name": "https://github.com/kbgsft/vuln-limesurvey/wiki/Reflected-XSS-in-LimeSurvey-3.19.1-by-xcuter" + } + ] + } +} \ No newline at end of file