diff --git a/2010/3xxx/CVE-2010-3662.json b/2010/3xxx/CVE-2010-3662.json index 28f082d0c31..b3e11e7a8dd 100644 --- a/2010/3xxx/CVE-2010-3662.json +++ b/2010/3xxx/CVE-2010-3662.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3662", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3662", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3662" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#SQL_Injection", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#SQL_Injection" } ] } diff --git a/2010/3xxx/CVE-2010-3663.json b/2010/3xxx/CVE-2010-3663.json index ae0dbd502e7..5752cd2ea9c 100644 --- a/2010/3xxx/CVE-2010-3663.json +++ b/2010/3xxx/CVE-2010-3663.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3663", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3663", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3663" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Arbitrary_Code_Execution", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Arbitrary_Code_Execution" } ] } diff --git a/2010/3xxx/CVE-2010-3664.json b/2010/3xxx/CVE-2010-3664.json index 4a934bc2220..5bd16df9e04 100644 --- a/2010/3xxx/CVE-2010-3664.json +++ b/2010/3xxx/CVE-2010-3664.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3664", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Information Disclosure on the backend." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3664", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3664" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Information_Disclosure", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Information_Disclosure" } ] } diff --git a/2010/3xxx/CVE-2010-3665.json b/2010/3xxx/CVE-2010-3665.json index 75df9a38520..314f46f79aa 100644 --- a/2010/3xxx/CVE-2010-3665.json +++ b/2010/3xxx/CVE-2010-3665.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3665", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3665", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3665" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#XSS", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#XSS" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" } ] } diff --git a/2010/3xxx/CVE-2010-3666.json b/2010/3xxx/CVE-2010-3666.json index aae4dd4c91f..680e5aac3b9 100644 --- a/2010/3xxx/CVE-2010-3666.json +++ b/2010/3xxx/CVE-2010-3666.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3666", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness in the uniqid function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3666", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3666" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Insecure_Randomness", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Insecure_Randomness" } ] } diff --git a/2010/3xxx/CVE-2010-3667.json b/2010/3xxx/CVE-2010-3667.json index 90f3f8d3359..4f15beef005 100644 --- a/2010/3xxx/CVE-2010-3667.json +++ b/2010/3xxx/CVE-2010-3667.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3667", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2010-3667", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2010-3667" + }, + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590719" + }, + { + "refsource": "CONFIRM", + "name": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse", + "url": "https://typo3.org/security/advisory/typo3-sa-2010-012/#Spam_Abuse" } ] } diff --git a/2013/4xxx/CVE-2013-4374.json b/2013/4xxx/CVE-2013-4374.json index 2548f87e1ea..243d9593f0f 100644 --- a/2013/4xxx/CVE-2013-4374.json +++ b/2013/4xxx/CVE-2013-4374.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4374", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "RHQ Mongo DB Drift Server", + "version": { + "version_data": [ + { + "version_value": "through 2013-09-25" + } + ] + } + } + ] + }, + "vendor_name": "RHQ Mongo DB Drift Server" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Malicious change set import due to insecure temporary file usage" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2013-4374", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2013-4374" } ] } diff --git a/2018/10xxx/CVE-2018-10548.json b/2018/10xxx/CVE-2018-10548.json index 9ae727039d3..a33d3a90069 100644 --- a/2018/10xxx/CVE-2018-10548.json +++ b/2018/10xxx/CVE-2018-10548.json @@ -121,6 +121,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2519", "url": "https://access.redhat.com/errata/RHSA-2019:2519" + }, + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/tns-2019-07", + "url": "https://www.tenable.com/security/tns-2019-07" } ] } diff --git a/2018/17xxx/CVE-2018-17082.json b/2018/17xxx/CVE-2018-17082.json index 2d6f7188f6e..aa3f85e0e4f 100644 --- a/2018/17xxx/CVE-2018-17082.json +++ b/2018/17xxx/CVE-2018-17082.json @@ -96,6 +96,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2519", "url": "https://access.redhat.com/errata/RHSA-2019:2519" + }, + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/tns-2019-07", + "url": "https://www.tenable.com/security/tns-2019-07" } ] } diff --git a/2019/18xxx/CVE-2019-18408.json b/2019/18xxx/CVE-2019-18408.json index c7c2ded735e..55738814177 100644 --- a/2019/18xxx/CVE-2019-18408.json +++ b/2019/18xxx/CVE-2019-18408.json @@ -81,6 +81,11 @@ "refsource": "DEBIAN", "name": "DSA-4557", "url": "https://www.debian.org/security/2019/dsa-4557" + }, + { + "refsource": "BUGTRAQ", + "name": "20191104 [SECURITY] [DSA 4557-1] libarchive security update", + "url": "https://seclists.org/bugtraq/2019/Nov/2" } ] } diff --git a/2019/9xxx/CVE-2019-9022.json b/2019/9xxx/CVE-2019-9022.json index 435f81af1b1..142b3fcc8a3 100644 --- a/2019/9xxx/CVE-2019-9022.json +++ b/2019/9xxx/CVE-2019-9022.json @@ -106,6 +106,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3299", "url": "https://access.redhat.com/errata/RHSA-2019:3299" + }, + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/tns-2019-07", + "url": "https://www.tenable.com/security/tns-2019-07" } ] } diff --git a/2019/9xxx/CVE-2019-9637.json b/2019/9xxx/CVE-2019-9637.json index 4568652fea7..51e8a3ed73b 100644 --- a/2019/9xxx/CVE-2019-9637.json +++ b/2019/9xxx/CVE-2019-9637.json @@ -121,6 +121,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3299", "url": "https://access.redhat.com/errata/RHSA-2019:3299" + }, + { + "refsource": "CONFIRM", + "name": "https://www.tenable.com/security/tns-2019-07", + "url": "https://www.tenable.com/security/tns-2019-07" } ] }