diff --git a/2019/0xxx/CVE-2019-0136.json b/2019/0xxx/CVE-2019-0136.json index 1e937270e53..b561b82d734 100644 --- a/2019/0xxx/CVE-2019-0136.json +++ b/2019/0xxx/CVE-2019-0136.json @@ -93,6 +93,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] }, diff --git a/2019/10xxx/CVE-2019-10433.json b/2019/10xxx/CVE-2019-10433.json index 364bbcf344f..6a7f9cb800c 100644 --- a/2019/10xxx/CVE-2019-10433.json +++ b/2019/10xxx/CVE-2019-10433.json @@ -61,6 +61,11 @@ "refsource": "MLIST", "name": "[oss-security] 20191001 Multiple vulnerabilities in Jenkins plugins", "url": "http://www.openwall.com/lists/oss-security/2019/10/01/2" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-862/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-862/" } ] } diff --git a/2019/11xxx/CVE-2019-11709.json b/2019/11xxx/CVE-2019-11709.json index 46bdcdb69a8..c63296e2697 100644 --- a/2019/11xxx/CVE-2019-11709.json +++ b/2019/11xxx/CVE-2019-11709.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11710.json b/2019/11xxx/CVE-2019-11710.json index 03b16577c4d..11774791359 100644 --- a/2019/11xxx/CVE-2019-11710.json +++ b/2019/11xxx/CVE-2019-11710.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11711.json b/2019/11xxx/CVE-2019-11711.json index f4ccc71b8c2..24a3568cb83 100644 --- a/2019/11xxx/CVE-2019-11711.json +++ b/2019/11xxx/CVE-2019-11711.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11712.json b/2019/11xxx/CVE-2019-11712.json index ad821853ab1..46e700bd4fb 100644 --- a/2019/11xxx/CVE-2019-11712.json +++ b/2019/11xxx/CVE-2019-11712.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11713.json b/2019/11xxx/CVE-2019-11713.json index bd72cab83f5..11203f0e073 100644 --- a/2019/11xxx/CVE-2019-11713.json +++ b/2019/11xxx/CVE-2019-11713.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11714.json b/2019/11xxx/CVE-2019-11714.json index 62e09fe85ee..9e35a893a07 100644 --- a/2019/11xxx/CVE-2019-11714.json +++ b/2019/11xxx/CVE-2019-11714.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11715.json b/2019/11xxx/CVE-2019-11715.json index 05370dfc47d..4615bd9015b 100644 --- a/2019/11xxx/CVE-2019-11715.json +++ b/2019/11xxx/CVE-2019-11715.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11716.json b/2019/11xxx/CVE-2019-11716.json index d30761f8192..8c02448c39f 100644 --- a/2019/11xxx/CVE-2019-11716.json +++ b/2019/11xxx/CVE-2019-11716.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11717.json b/2019/11xxx/CVE-2019-11717.json index 6c091f4649b..cede886796f 100644 --- a/2019/11xxx/CVE-2019-11717.json +++ b/2019/11xxx/CVE-2019-11717.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11719.json b/2019/11xxx/CVE-2019-11719.json index 978ae2fe302..2e3b7828753 100644 --- a/2019/11xxx/CVE-2019-11719.json +++ b/2019/11xxx/CVE-2019-11719.json @@ -116,6 +116,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11720.json b/2019/11xxx/CVE-2019-11720.json index 199f72f33f6..5712d9fb656 100644 --- a/2019/11xxx/CVE-2019-11720.json +++ b/2019/11xxx/CVE-2019-11720.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11721.json b/2019/11xxx/CVE-2019-11721.json index 4cbd88c6047..ec5a1b7d918 100644 --- a/2019/11xxx/CVE-2019-11721.json +++ b/2019/11xxx/CVE-2019-11721.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11723.json b/2019/11xxx/CVE-2019-11723.json index 27534ae3b09..c037e4a7e1e 100644 --- a/2019/11xxx/CVE-2019-11723.json +++ b/2019/11xxx/CVE-2019-11723.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11724.json b/2019/11xxx/CVE-2019-11724.json index 47a41859879..bade9e6e853 100644 --- a/2019/11xxx/CVE-2019-11724.json +++ b/2019/11xxx/CVE-2019-11724.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11725.json b/2019/11xxx/CVE-2019-11725.json index 5bdea80d628..8765b0a60f8 100644 --- a/2019/11xxx/CVE-2019-11725.json +++ b/2019/11xxx/CVE-2019-11725.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11727.json b/2019/11xxx/CVE-2019-11727.json index 2507d4e60b0..705a3b6f1fb 100644 --- a/2019/11xxx/CVE-2019-11727.json +++ b/2019/11xxx/CVE-2019-11727.json @@ -64,6 +64,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11728.json b/2019/11xxx/CVE-2019-11728.json index 1ff60957935..0dd466df1cc 100644 --- a/2019/11xxx/CVE-2019-11728.json +++ b/2019/11xxx/CVE-2019-11728.json @@ -59,6 +59,16 @@ "refsource": "GENTOO", "name": "GLSA-201908-12", "url": "https://security.gentoo.org/glsa/201908-12" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11729.json b/2019/11xxx/CVE-2019-11729.json index 37d564b0996..679f124cb15 100644 --- a/2019/11xxx/CVE-2019-11729.json +++ b/2019/11xxx/CVE-2019-11729.json @@ -116,6 +116,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11730.json b/2019/11xxx/CVE-2019-11730.json index 59b5e306a3b..ae3b7a90a0e 100644 --- a/2019/11xxx/CVE-2019-11730.json +++ b/2019/11xxx/CVE-2019-11730.json @@ -121,6 +121,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1990", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11739.json b/2019/11xxx/CVE-2019-11739.json index 4c1cfdabf94..b39c3c9255c 100644 --- a/2019/11xxx/CVE-2019-11739.json +++ b/2019/11xxx/CVE-2019-11739.json @@ -63,6 +63,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11740.json b/2019/11xxx/CVE-2019-11740.json index c405ea7e94a..5b70ab02082 100644 --- a/2019/11xxx/CVE-2019-11740.json +++ b/2019/11xxx/CVE-2019-11740.json @@ -104,6 +104,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11742.json b/2019/11xxx/CVE-2019-11742.json index c9618635e48..fdfac67a5b7 100644 --- a/2019/11xxx/CVE-2019-11742.json +++ b/2019/11xxx/CVE-2019-11742.json @@ -104,6 +104,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11743.json b/2019/11xxx/CVE-2019-11743.json index c858e83c41e..bed647a3f9a 100644 --- a/2019/11xxx/CVE-2019-11743.json +++ b/2019/11xxx/CVE-2019-11743.json @@ -109,6 +109,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11744.json b/2019/11xxx/CVE-2019-11744.json index 696082f3eb0..1cf5ea50ab9 100644 --- a/2019/11xxx/CVE-2019-11744.json +++ b/2019/11xxx/CVE-2019-11744.json @@ -104,6 +104,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11746.json b/2019/11xxx/CVE-2019-11746.json index 28912b6dbba..c188f6265c3 100644 --- a/2019/11xxx/CVE-2019-11746.json +++ b/2019/11xxx/CVE-2019-11746.json @@ -104,6 +104,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11752.json b/2019/11xxx/CVE-2019-11752.json index fe6b41b73b8..99525a1dca3 100644 --- a/2019/11xxx/CVE-2019-11752.json +++ b/2019/11xxx/CVE-2019-11752.json @@ -104,6 +104,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-30/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-30/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11755.json b/2019/11xxx/CVE-2019-11755.json index 6f94e83724f..4ce525a3717 100644 --- a/2019/11xxx/CVE-2019-11755.json +++ b/2019/11xxx/CVE-2019-11755.json @@ -54,6 +54,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-32/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-32/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2248", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2249", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html" } ] }, diff --git a/2019/13xxx/CVE-2019-13315.json b/2019/13xxx/CVE-2019-13315.json index 86fa6343738..62524f26f27 100644 --- a/2019/13xxx/CVE-2019-13315.json +++ b/2019/13xxx/CVE-2019-13315.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13315", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13315", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Anonymous", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the removeField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8656." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "Anonymous", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8656." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-632/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-632/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-632/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13316.json b/2019/13xxx/CVE-2019-13316.json index 3e1a125a9c4..c743fb0ffbd 100644 --- a/2019/13xxx/CVE-2019-13316.json +++ b/2019/13xxx/CVE-2019-13316.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13316", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "PhantomPDF", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PhantomPDF", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "RockStar", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8757." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "RockStar", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8757." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-633/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-633/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-633/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13317.json b/2019/13xxx/CVE-2019-13317.json index 1e5660a5877..2cf54704369 100644 --- a/2019/13xxx/CVE-2019-13317.json +++ b/2019/13xxx/CVE-2019-13317.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13317", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "PhantomPDF", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PhantomPDF", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "RockStar", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8759." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "RockStar", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Calculate actions. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8759." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-634/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-634/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-634/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13318.json b/2019/13xxx/CVE-2019-13318.json index 25594baf4f0..82f972a4b98 100644 --- a/2019/13xxx/CVE-2019-13318.json +++ b/2019/13xxx/CVE-2019-13318.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13318", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "banananapenguin", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.\n Was ZDI-CAN-8544." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-134: Use of Externally-Controlled Format String" - } + }, + "credit": "banananapenguin", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the util.printf Javascript method. The application processes the %p parameter in the format string, allowing heap addresses to be returned to the script. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8544." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-635/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-134: Use of Externally-Controlled Format String" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-635/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-635/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13319.json b/2019/13xxx/CVE-2019-13319.json index 9bdd798ef5c..1c0f50424c7 100644 --- a/2019/13xxx/CVE-2019-13319.json +++ b/2019/13xxx/CVE-2019-13319.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13319", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "huyna of Viettel Cyber Security", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8669." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "huyna of Viettel Cyber Security", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA forms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8669." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-636/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-636/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-636/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13320.json b/2019/13xxx/CVE-2019-13320.json index 39902f94842..ef216f583fa 100644 --- a/2019/13xxx/CVE-2019-13320.json +++ b/2019/13xxx/CVE-2019-13320.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-13320", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-13320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Anonymous", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8814." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "Anonymous", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8814." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-637/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-637/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-637/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13631.json b/2019/13xxx/CVE-2019-13631.json index 95e1c809452..2a5c62c845b 100644 --- a/2019/13xxx/CVE-2019-13631.json +++ b/2019/13xxx/CVE-2019-13631.json @@ -141,6 +141,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15090.json b/2019/15xxx/CVE-2019-15090.json index 7c1739b9387..0aaa7d85744 100644 --- a/2019/15xxx/CVE-2019-15090.json +++ b/2019/15xxx/CVE-2019-15090.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2181", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15117.json b/2019/15xxx/CVE-2019-15117.json index 4fdb62c4e87..5714f1d2802 100644 --- a/2019/15xxx/CVE-2019-15117.json +++ b/2019/15xxx/CVE-2019-15117.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15118.json b/2019/15xxx/CVE-2019-15118.json index 261a7cb18c8..22d4417110c 100644 --- a/2019/15xxx/CVE-2019-15118.json +++ b/2019/15xxx/CVE-2019-15118.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15211.json b/2019/15xxx/CVE-2019-15211.json index e4b2b642246..0f0505841ec 100644 --- a/2019/15xxx/CVE-2019-15211.json +++ b/2019/15xxx/CVE-2019-15211.json @@ -116,6 +116,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15212.json b/2019/15xxx/CVE-2019-15212.json index bced281deb6..c94919f78bc 100644 --- a/2019/15xxx/CVE-2019-15212.json +++ b/2019/15xxx/CVE-2019-15212.json @@ -111,6 +111,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15215.json b/2019/15xxx/CVE-2019-15215.json index 3b30ad09baf..2bdd2d60b1a 100644 --- a/2019/15xxx/CVE-2019-15215.json +++ b/2019/15xxx/CVE-2019-15215.json @@ -116,6 +116,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15217.json b/2019/15xxx/CVE-2019-15217.json index 73245c7a59d..5ce535ccbf8 100644 --- a/2019/15xxx/CVE-2019-15217.json +++ b/2019/15xxx/CVE-2019-15217.json @@ -106,6 +106,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2181", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15218.json b/2019/15xxx/CVE-2019-15218.json index 209cb64d3d9..f48813e26fd 100644 --- a/2019/15xxx/CVE-2019-15218.json +++ b/2019/15xxx/CVE-2019-15218.json @@ -131,6 +131,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15220.json b/2019/15xxx/CVE-2019-15220.json index 90542996a76..04209efad9a 100644 --- a/2019/15xxx/CVE-2019-15220.json +++ b/2019/15xxx/CVE-2019-15220.json @@ -111,6 +111,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15221.json b/2019/15xxx/CVE-2019-15221.json index a8250db40a9..838c537875b 100644 --- a/2019/15xxx/CVE-2019-15221.json +++ b/2019/15xxx/CVE-2019-15221.json @@ -111,6 +111,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15223.json b/2019/15xxx/CVE-2019-15223.json index 95f290de359..81399719bd8 100644 --- a/2019/15xxx/CVE-2019-15223.json +++ b/2019/15xxx/CVE-2019-15223.json @@ -76,6 +76,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190905-0002/", "url": "https://security.netapp.com/advisory/ntap-20190905-0002/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15538.json b/2019/15xxx/CVE-2019-15538.json index 9fa56305bbb..310797b8c89 100644 --- a/2019/15xxx/CVE-2019-15538.json +++ b/2019/15xxx/CVE-2019-15538.json @@ -111,6 +111,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15925.json b/2019/15xxx/CVE-2019-15925.json index ae770f8282f..5a887ad0666 100644 --- a/2019/15xxx/CVE-2019-15925.json +++ b/2019/15xxx/CVE-2019-15925.json @@ -66,6 +66,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/15xxx/CVE-2019-15926.json b/2019/15xxx/CVE-2019-15926.json index 9498042b423..d689ba3a1f2 100644 --- a/2019/15xxx/CVE-2019-15926.json +++ b/2019/15xxx/CVE-2019-15926.json @@ -101,6 +101,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] } diff --git a/2019/6xxx/CVE-2019-6774.json b/2019/6xxx/CVE-2019-6774.json index 23a222672cc..587733e74d6 100644 --- a/2019/6xxx/CVE-2019-6774.json +++ b/2019/6xxx/CVE-2019-6774.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-6774", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.4.1.16828" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-6774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.4.1.16828" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Anonymous", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the deleteItemAt method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8295." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "Anonymous", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteItemAt method when processing AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8295." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-629/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-629/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-629/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6775.json b/2019/6xxx/CVE-2019-6775.json index 72c4d1de4a3..d5eb900ccb6 100644 --- a/2019/6xxx/CVE-2019-6775.json +++ b/2019/6xxx/CVE-2019-6775.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-6775", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Reader", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-6775", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Reader", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "banananapenguin", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the exportValues method within a AcroForm. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.\n Was ZDI-CAN-8491." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "banananapenguin", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportValues method within a AcroForm. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8491." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-630/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-630/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-630/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6776.json b/2019/6xxx/CVE-2019-6776.json index 00552696524..808d54bf815 100644 --- a/2019/6xxx/CVE-2019-6776.json +++ b/2019/6xxx/CVE-2019-6776.json @@ -1,70 +1,74 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2019-6776", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "PhantomPDF", - "version": { - "version_data": [ - { - "version_value": "9.5.0.20723" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2019-6776", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PhantomPDF", + "version": { + "version_data": [ + { + "version_value": "9.5.0.20723" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" } - } ] - }, - "vendor_name": "Foxit" } - ] - } - }, - "credit": "Mat Powell of Trend Micro Zero Day Initiative", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.\n Was ZDI-CAN-8801." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-416: Use After Free" - } + }, + "credit": "Mat Powell of Trend Micro Zero Day Initiative", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the removeField method when processing watermarks within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-8801." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-631/" - }, - { - "url": "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "MISC", + "name": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-631/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-631/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9506.json b/2019/9xxx/CVE-2019-9506.json index 9188aab6241..6a9ca3b3e4f 100644 --- a/2019/9xxx/CVE-2019-9506.json +++ b/2019/9xxx/CVE-2019-9506.json @@ -152,6 +152,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4147-1", + "url": "https://usn.ubuntu.com/4147-1/" } ] },