From 72d91f486aa4d7c13fa7597e5994cbbaf17600c2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 3 Jan 2020 22:01:12 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/14xxx/CVE-2019-14861.json | 5 +++ 2019/14xxx/CVE-2019-14870.json | 5 +++ 2019/14xxx/CVE-2019-14889.json | 5 +++ 2019/19xxx/CVE-2019-19577.json | 5 +++ 2019/19xxx/CVE-2019-19578.json | 5 +++ 2019/19xxx/CVE-2019-19580.json | 5 +++ 2019/19xxx/CVE-2019-19581.json | 5 +++ 2019/19xxx/CVE-2019-19582.json | 5 +++ 2019/19xxx/CVE-2019-19583.json | 5 +++ 2019/19xxx/CVE-2019-19959.json | 61 +++++++++++++++++++++++++++++---- 2019/20xxx/CVE-2019-20203.json | 5 +++ 2019/20xxx/CVE-2019-20204.json | 5 +++ 2019/9xxx/CVE-2019-9537.json | 4 +-- 2019/9xxx/CVE-2019-9538.json | 4 +-- 2019/9xxx/CVE-2019-9539.json | 4 +-- 2019/9xxx/CVE-2019-9540.json | 4 +-- 2019/9xxx/CVE-2019-9541.json | 4 +-- 2019/9xxx/CVE-2019-9542.json | 4 +-- 2020/5xxx/CVE-2020-5496.json | 62 ++++++++++++++++++++++++++++++++++ 19 files changed, 184 insertions(+), 18 deletions(-) create mode 100644 2020/5xxx/CVE-2020-5496.json diff --git a/2019/14xxx/CVE-2019-14861.json b/2019/14xxx/CVE-2019-14861.json index 2c2b959d051..9a4caf86ffc 100644 --- a/2019/14xxx/CVE-2019-14861.json +++ b/2019/14xxx/CVE-2019-14861.json @@ -89,6 +89,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2700", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-11dddb785b", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/" } ] }, diff --git a/2019/14xxx/CVE-2019-14870.json b/2019/14xxx/CVE-2019-14870.json index d2eb7dd6ca1..3a73349e73e 100644 --- a/2019/14xxx/CVE-2019-14870.json +++ b/2019/14xxx/CVE-2019-14870.json @@ -89,6 +89,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2700", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00038.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-11dddb785b", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNKA4YIPV7AZR7KK3GW6L3HKGHSGJZFE/" } ] }, diff --git a/2019/14xxx/CVE-2019-14889.json b/2019/14xxx/CVE-2019-14889.json index e5cdcb4d14a..0229b901361 100644 --- a/2019/14xxx/CVE-2019-14889.json +++ b/2019/14xxx/CVE-2019-14889.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-8b0ad69829", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7JJWJTXVWLLJTVHBPGWL7472S5FWXYQR/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-46b6bd2459", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EV2ONSPDJCTDVORCB4UGRQUZQQ46JHRN/" } ] }, diff --git a/2019/19xxx/CVE-2019-19577.json b/2019/19xxx/CVE-2019-19577.json index 40352c3a0ef..93044340c20 100644 --- a/2019/19xxx/CVE-2019-19577.json +++ b/2019/19xxx/CVE-2019-19577.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19578.json b/2019/19xxx/CVE-2019-19578.json index 9d70cd63387..96a590b654b 100644 --- a/2019/19xxx/CVE-2019-19578.json +++ b/2019/19xxx/CVE-2019-19578.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19580.json b/2019/19xxx/CVE-2019-19580.json index 2b102880f32..ead195da3e3 100644 --- a/2019/19xxx/CVE-2019-19580.json +++ b/2019/19xxx/CVE-2019-19580.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19581.json b/2019/19xxx/CVE-2019-19581.json index 2c5c2ef8f13..87c666abdaa 100644 --- a/2019/19xxx/CVE-2019-19581.json +++ b/2019/19xxx/CVE-2019-19581.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19582.json b/2019/19xxx/CVE-2019-19582.json index 8db2cead9a7..309854c99e1 100644 --- a/2019/19xxx/CVE-2019-19582.json +++ b/2019/19xxx/CVE-2019-19582.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19583.json b/2019/19xxx/CVE-2019-19583.json index 35da7978c16..ebf9e9cf229 100644 --- a/2019/19xxx/CVE-2019-19583.json +++ b/2019/19xxx/CVE-2019-19583.json @@ -61,6 +61,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-6aad703290", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-2e12bd3a9a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34HBFTYNMQMWIO2GGK7DB6KV4M6R5YPV/" } ] } diff --git a/2019/19xxx/CVE-2019-19959.json b/2019/19xxx/CVE-2019-19959.json index 19427091f97..da10f98742b 100644 --- a/2019/19xxx/CVE-2019-19959.json +++ b/2019/19xxx/CVE-2019-19959.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19959", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19959", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1", + "url": "https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1" + }, + { + "refsource": "MISC", + "name": "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec", + "url": "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec" } ] } diff --git a/2019/20xxx/CVE-2019-20203.json b/2019/20xxx/CVE-2019-20203.json index 7cd861d69f7..c28d086153c 100644 --- a/2019/20xxx/CVE-2019-20203.json +++ b/2019/20xxx/CVE-2019-20203.json @@ -66,6 +66,11 @@ "url": "https://wordpress.org/plugins/postie/#developers", "refsource": "MISC", "name": "https://wordpress.org/plugins/postie/#developers" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10002", + "url": "https://wpvulndb.com/vulnerabilities/10002" } ] } diff --git a/2019/20xxx/CVE-2019-20204.json b/2019/20xxx/CVE-2019-20204.json index 9b8ecd403d6..bfed6577496 100644 --- a/2019/20xxx/CVE-2019-20204.json +++ b/2019/20xxx/CVE-2019-20204.json @@ -66,6 +66,11 @@ "url": "https://wordpress.org/plugins/postie/#developers", "refsource": "MISC", "name": "https://wordpress.org/plugins/postie/#developers" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10002", + "url": "https://wpvulndb.com/vulnerabilities/10002" } ] } diff --git a/2019/9xxx/CVE-2019-9537.json b/2019/9xxx/CVE-2019-9537.json index 277668642d5..16e5d0f9773 100644 --- a/2019/9xxx/CVE-2019-9537.json +++ b/2019/9xxx/CVE-2019-9537.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uploaditem.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uploaditem.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9538.json b/2019/9xxx/CVE-2019-9538.json index 7265e0a6e22..8b2ac01fd5b 100644 --- a/2019/9xxx/CVE-2019-9538.json +++ b/2019/9xxx/CVE-2019-9538.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the LDAP cbURL parameter of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the LDAP cbURL parameter of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9539.json b/2019/9xxx/CVE-2019-9539.json index 2089f0e7ee0..3f63a20c6f0 100644 --- a/2019/9xxx/CVE-2019-9539.json +++ b/2019/9xxx/CVE-2019-9539.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ModalWindowPopup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ModalWindowPopup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9540.json b/2019/9xxx/CVE-2019-9540.json index 7412cc53d7a..72017fea715 100644 --- a/2019/9xxx/CVE-2019-9540.json +++ b/2019/9xxx/CVE-2019-9540.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prefs.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prefs.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9541.json b/2019/9xxx/CVE-2019-9541.json index 65e7b149bb1..b75bfc0a1e6 100644 --- a/2019/9xxx/CVE-2019-9541.json +++ b/2019/9xxx/CVE-2019-9541.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Information Exposure vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9542.json b/2019/9xxx/CVE-2019-9542.json index b597c0533a5..e9f92a82ab5 100644 --- a/2019/9xxx/CVE-2019-9542.json +++ b/2019/9xxx/CVE-2019-9542.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session.\nThis issue affects:\nTelos Automated Message Handling System\nversions prior to 4.1.5.5." + "value": ": Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in itemlookup.asp of Telos Automated Message Handling System allows a remote attacker to inject arbitrary script into an AMHS session. This issue affects: Telos Automated Message Handling System versions prior to 4.1.5.5." } ] }, @@ -67,4 +67,4 @@ "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5496.json b/2020/5xxx/CVE-2020-5496.json new file mode 100644 index 00000000000..cda6d8729f7 --- /dev/null +++ b/2020/5xxx/CVE-2020-5496.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-5496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/fontforge/fontforge/issues/4085", + "refsource": "MISC", + "name": "https://github.com/fontforge/fontforge/issues/4085" + } + ] + } +} \ No newline at end of file