From 6e045609129516a898ce668e1e990ee076ffdb06 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 11 Oct 2019 00:01:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/18xxx/CVE-2017-18595.json | 10 +++++ 2019/14xxx/CVE-2019-14821.json | 10 +++++ 2019/15xxx/CVE-2019-15291.json | 10 +++++ 2019/17xxx/CVE-2019-17496.json | 67 ++++++++++++++++++++++++++++++++++ 2019/17xxx/CVE-2019-17497.json | 62 +++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9506.json | 10 +++++ 6 files changed, 169 insertions(+) create mode 100644 2019/17xxx/CVE-2019-17496.json create mode 100644 2019/17xxx/CVE-2019-17497.json diff --git a/2017/18xxx/CVE-2017-18595.json b/2017/18xxx/CVE-2017-18595.json index 78ad462c2fd..39bf0b3faf0 100644 --- a/2017/18xxx/CVE-2017-18595.json +++ b/2017/18xxx/CVE-2017-18595.json @@ -61,6 +61,16 @@ "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4397f04575c44e1440ec2e49b6302785c95fd2f8", "refsource": "MISC", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4397f04575c44e1440ec2e49b6302785c95fd2f8" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2307", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2308", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html" } ] } diff --git a/2019/14xxx/CVE-2019-14821.json b/2019/14xxx/CVE-2019-14821.json index 5c99fb3d34e..0fa984e874b 100644 --- a/2019/14xxx/CVE-2019-14821.json +++ b/2019/14xxx/CVE-2019-14821.json @@ -88,6 +88,16 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2307", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2308", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html" } ] }, diff --git a/2019/15xxx/CVE-2019-15291.json b/2019/15xxx/CVE-2019-15291.json index 2c47ebb5541..36373c1f2bb 100644 --- a/2019/15xxx/CVE-2019-15291.json +++ b/2019/15xxx/CVE-2019-15291.json @@ -71,6 +71,16 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190905-0002/", "url": "https://security.netapp.com/advisory/ntap-20190905-0002/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2307", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2308", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html" } ] } diff --git a/2019/17xxx/CVE-2019-17496.json b/2019/17xxx/CVE-2019-17496.json new file mode 100644 index 00000000000..b9c3839362d --- /dev/null +++ b/2019/17xxx/CVE-2019-17496.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Craft CMS before 3.3.8 has stored XSS via a name field. This field is mishandled during site deletion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/craftcms/cms/commit/0ee66d29281af2b6c4f866e1437842c61983a672", + "refsource": "MISC", + "name": "https://github.com/craftcms/cms/commit/0ee66d29281af2b6c4f866e1437842c61983a672" + }, + { + "url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG-v3.md#338---2019-10-09", + "refsource": "MISC", + "name": "https://github.com/craftcms/cms/blob/develop/CHANGELOG-v3.md#338---2019-10-09" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17497.json b/2019/17xxx/CVE-2019-17497.json new file mode 100644 index 00000000000..9bb9155cb9e --- /dev/null +++ b/2019/17xxx/CVE-2019-17497.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17497", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\\\192.168.0.2\\C$\\file.pdf without user interaction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ponypot/cve/raw/master/pdfXChangeEditor_FDFInclusions.pdf", + "refsource": "MISC", + "name": "https://github.com/ponypot/cve/raw/master/pdfXChangeEditor_FDFInclusions.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9506.json b/2019/9xxx/CVE-2019-9506.json index b7c6d7bb81d..e44bff330e5 100644 --- a/2019/9xxx/CVE-2019-9506.json +++ b/2019/9xxx/CVE-2019-9506.json @@ -162,6 +162,16 @@ "refsource": "REDHAT", "name": "RHSA-2019:2975", "url": "https://access.redhat.com/errata/RHSA-2019:2975" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2307", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2308", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html" } ] },