diff --git a/2016/10xxx/CVE-2016-10905.json b/2016/10xxx/CVE-2016-10905.json index 8428295fd0a..d0298edb9ec 100644 --- a/2016/10xxx/CVE-2016-10905.json +++ b/2016/10xxx/CVE-2016-10905.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2016/10xxx/CVE-2016-10906.json b/2016/10xxx/CVE-2016-10906.json index 475eafb2c16..9033d6ebf76 100644 --- a/2016/10xxx/CVE-2016-10906.json +++ b/2016/10xxx/CVE-2016-10906.json @@ -76,6 +76,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2018/20xxx/CVE-2018-20976.json b/2018/20xxx/CVE-2018-20976.json index ed214094af8..91d29ae32ca 100644 --- a/2018/20xxx/CVE-2018-20976.json +++ b/2018/20xxx/CVE-2018-20976.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/10xxx/CVE-2019-10475.json b/2019/10xxx/CVE-2019-10475.json index 56872774878..c495d698b0a 100644 --- a/2019/10xxx/CVE-2019-10475.json +++ b/2019/10xxx/CVE-2019-10475.json @@ -61,6 +61,11 @@ "refsource": "MLIST", "name": "[oss-security] 20191023 Multiple vulnerabilities in Jenkins plugins", "url": "http://www.openwall.com/lists/oss-security/2019/10/23/2" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155200/Jenkins-Build-Metrics-1.3-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/155200/Jenkins-Build-Metrics-1.3-Cross-Site-Scripting.html" } ] } diff --git a/2019/10xxx/CVE-2019-10638.json b/2019/10xxx/CVE-2019-10638.json index bcc3be52996..f4b3398c726 100644 --- a/2019/10xxx/CVE-2019-10638.json +++ b/2019/10xxx/CVE-2019-10638.json @@ -181,6 +181,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/13xxx/CVE-2019-13557.json b/2019/13xxx/CVE-2019-13557.json new file mode 100644 index 00000000000..9c51656e3cc --- /dev/null +++ b/2019/13xxx/CVE-2019-13557.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13557", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Tasy EMR", + "version": { + "version_data": [ + { + "version_value": "Tasy WebPortal Versions 3.02.1757 and prior." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "INFORMATION EXPOSURE CWE-200" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01", + "url": "https://www.us-cert.gov/ics/advisories/ICSMA-19-120-01" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker to access system and configuration information." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14347.json b/2019/14xxx/CVE-2019-14347.json index 45bd761a6df..1bae8091ce9 100644 --- a/2019/14xxx/CVE-2019-14347.json +++ b/2019/14xxx/CVE-2019-14347.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/", "url": "https://hackpuntes.com/cve-2019-14347-escalacion-de-privilegios-en-adive/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155213/Adive-Framework-2.0.7-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/155213/Adive-Framework-2.0.7-Privilege-Escalation.html" } ] } diff --git a/2019/14xxx/CVE-2019-14814.json b/2019/14xxx/CVE-2019-14814.json index 3260075983e..6b799537ddb 100644 --- a/2019/14xxx/CVE-2019-14814.json +++ b/2019/14xxx/CVE-2019-14814.json @@ -138,6 +138,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/14xxx/CVE-2019-14816.json b/2019/14xxx/CVE-2019-14816.json index 5b3b131e4e2..281eca329c5 100644 --- a/2019/14xxx/CVE-2019-14816.json +++ b/2019/14xxx/CVE-2019-14816.json @@ -138,6 +138,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/14xxx/CVE-2019-14821.json b/2019/14xxx/CVE-2019-14821.json index 0119ab4dd21..1bc90eae20f 100644 --- a/2019/14xxx/CVE-2019-14821.json +++ b/2019/14xxx/CVE-2019-14821.json @@ -148,6 +148,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/14xxx/CVE-2019-14835.json b/2019/14xxx/CVE-2019-14835.json index 1eedf7a29cb..2529a04bbed 100644 --- a/2019/14xxx/CVE-2019-14835.json +++ b/2019/14xxx/CVE-2019-14835.json @@ -233,6 +233,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/15xxx/CVE-2019-15003.json b/2019/15xxx/CVE-2019-15003.json index 1268644196f..99bff905714 100644 --- a/2019/15xxx/CVE-2019-15003.json +++ b/2019/15xxx/CVE-2019-15003.json @@ -154,6 +154,11 @@ "refsource": "BUGTRAQ", "name": "20191108 Jira Service Desk Server and Jira Service Desk Data Center Security Advisory - 2019-11-06 - CVE-2019-15003, CVE-2019-15004", "url": "https://seclists.org/bugtraq/2019/Nov/9" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155214/Jira-Service-Desk-Server-Data-Center-Path-Traversal.html", + "url": "http://packetstormsecurity.com/files/155214/Jira-Service-Desk-Server-Data-Center-Path-Traversal.html" } ] } diff --git a/2019/15xxx/CVE-2019-15004.json b/2019/15xxx/CVE-2019-15004.json index ce1f6ff47ab..6e1d889457b 100644 --- a/2019/15xxx/CVE-2019-15004.json +++ b/2019/15xxx/CVE-2019-15004.json @@ -154,6 +154,11 @@ "refsource": "BUGTRAQ", "name": "20191108 Jira Service Desk Server and Jira Service Desk Data Center Security Advisory - 2019-11-06 - CVE-2019-15003, CVE-2019-15004", "url": "https://seclists.org/bugtraq/2019/Nov/9" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155214/Jira-Service-Desk-Server-Data-Center-Path-Traversal.html", + "url": "http://packetstormsecurity.com/files/155214/Jira-Service-Desk-Server-Data-Center-Path-Traversal.html" } ] } diff --git a/2019/15xxx/CVE-2019-15098.json b/2019/15xxx/CVE-2019-15098.json index bf701d0ca50..951bfd4794c 100644 --- a/2019/15xxx/CVE-2019-15098.json +++ b/2019/15xxx/CVE-2019-15098.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/15xxx/CVE-2019-15117.json b/2019/15xxx/CVE-2019-15117.json index bc8c89726d1..b44e84b6139 100644 --- a/2019/15xxx/CVE-2019-15117.json +++ b/2019/15xxx/CVE-2019-15117.json @@ -131,6 +131,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/15xxx/CVE-2019-15118.json b/2019/15xxx/CVE-2019-15118.json index 2a530d5944d..e59c07bbf2a 100644 --- a/2019/15xxx/CVE-2019-15118.json +++ b/2019/15xxx/CVE-2019-15118.json @@ -126,6 +126,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/15xxx/CVE-2019-15505.json b/2019/15xxx/CVE-2019-15505.json index 49b67a9f9cd..f2e0836b5ed 100644 --- a/2019/15xxx/CVE-2019-15505.json +++ b/2019/15xxx/CVE-2019-15505.json @@ -126,6 +126,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/16xxx/CVE-2019-16205.json b/2019/16xxx/CVE-2019-16205.json new file mode 100644 index 00000000000..41b27b093ce --- /dev/null +++ b/2019/16xxx/CVE-2019-16205.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16205", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information exposure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-864", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-864" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability, in Brocade SANnav versions before v2.0, could allow remote attackers to brute-force a valid session ID. The vulnerability is due to an insufficiently random session ID for several post-authentication actions in the SANnav portal." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16206.json b/2019/16xxx/CVE-2019-16206.json new file mode 100644 index 00000000000..6d05e1afba2 --- /dev/null +++ b/2019/16xxx/CVE-2019-16206.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16206", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Exposure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-865", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-865" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the \u2018trace\u2019 and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16207.json b/2019/16xxx/CVE-2019-16207.json new file mode 100644 index 00000000000..701aacb803e --- /dev/null +++ b/2019/16xxx/CVE-2019-16207.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16207", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of Hard-coded Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-866", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-866" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local authenticated attackers to access a back-end database and gain privileges." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16208.json b/2019/16xxx/CVE-2019-16208.json new file mode 100644 index 00000000000..9f578aa042c --- /dev/null +++ b/2019/16xxx/CVE-2019-16208.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16208", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of a Broken or Risky Cryptographic Algorithm" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-867", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-867" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Password-based encryption (PBE) algorithm, of Brocade SANnav versions before v2.0, has a weakness in generating cryptographic keys that may allow an attacker to decrypt passwords used with several services (Radius, TACAS, etc.)." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16209.json b/2019/16xxx/CVE-2019-16209.json new file mode 100644 index 00000000000..47d14c231ae --- /dev/null +++ b/2019/16xxx/CVE-2019-16209.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16209", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Certificate Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-868", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-868" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability, in The ReportsTrustManager class of Brocade SANnav versions before v2.0, could allow an attacker to perform a man-in-the-middle attack against Secure Sockets Layer(SSL)connections." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16210.json b/2019/16xxx/CVE-2019-16210.json new file mode 100644 index 00000000000..f98a18a403f --- /dev/null +++ b/2019/16xxx/CVE-2019-16210.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-16210", + "ASSIGNER": "sirt@brocade.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Brocade Communications Systems, Inc.", + "product": { + "product_data": [ + { + "product_name": "Brocade SANnav", + "version": { + "version_data": [ + { + "version_value": "versions before v2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Exposure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-869", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-869" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save." + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16746.json b/2019/16xxx/CVE-2019-16746.json index 2c44247d0fe..a0f9f35aec7 100644 --- a/2019/16xxx/CVE-2019-16746.json +++ b/2019/16xxx/CVE-2019-16746.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17052.json b/2019/17xxx/CVE-2019-17052.json index f1983e5218a..fb34f548876 100644 --- a/2019/17xxx/CVE-2019-17052.json +++ b/2019/17xxx/CVE-2019-17052.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17053.json b/2019/17xxx/CVE-2019-17053.json index 2ac5b81f67c..0ee138f59ea 100644 --- a/2019/17xxx/CVE-2019-17053.json +++ b/2019/17xxx/CVE-2019-17053.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17054.json b/2019/17xxx/CVE-2019-17054.json index acc32f6dc7a..98a26cfa384 100644 --- a/2019/17xxx/CVE-2019-17054.json +++ b/2019/17xxx/CVE-2019-17054.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17055.json b/2019/17xxx/CVE-2019-17055.json index 6b02cb001c3..b5c2443df84 100644 --- a/2019/17xxx/CVE-2019-17055.json +++ b/2019/17xxx/CVE-2019-17055.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17056.json b/2019/17xxx/CVE-2019-17056.json index 41337d39706..6f2b3623da0 100644 --- a/2019/17xxx/CVE-2019-17056.json +++ b/2019/17xxx/CVE-2019-17056.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17075.json b/2019/17xxx/CVE-2019-17075.json index ac3043acedc..a53dabbc3a2 100644 --- a/2019/17xxx/CVE-2019-17075.json +++ b/2019/17xxx/CVE-2019-17075.json @@ -61,6 +61,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17133.json b/2019/17xxx/CVE-2019-17133.json index 4b7b34da1c9..d4f5b498198 100644 --- a/2019/17xxx/CVE-2019-17133.json +++ b/2019/17xxx/CVE-2019-17133.json @@ -76,6 +76,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/17xxx/CVE-2019-17327.json b/2019/17xxx/CVE-2019-17327.json new file mode 100644 index 00000000000..25262961539 --- /dev/null +++ b/2019/17xxx/CVE-2019-17327.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "vuln@krcert.or.kr", + "ID": "CVE-2019-17327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "JEUS", + "version": { + "version_data": [ + { + "version_value": "JEUS 7 Fix#0~5, JEUS 8Fix#0~1" + } + ] + } + } + ] + }, + "vendor_name": "TmaxSoft" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory traversal vulnerability caused by improper input parameter check when uploading installation file in administration web page. That leads remote attacker to execute arbitrary code via uploaded file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35197", + "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35197" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17661.json b/2019/17xxx/CVE-2019-17661.json new file mode 100644 index 00000000000..521512f5c14 --- /dev/null +++ b/2019/17xxx/CVE-2019-17661.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A CSV injection in the codepress-admin-columns (aka Admin Columns) plugin 3.4.6 for WordPress allows malicious users to gain remote control of other computers. By choosing formula code as his first or last name, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www2.deloitte.com/de/de/pages/risk/articles/wordpress-csv-injection.html", + "url": "https://www2.deloitte.com/de/de/pages/risk/articles/wordpress-csv-injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18623.json b/2019/18xxx/CVE-2019-18623.json new file mode 100644 index 00000000000..a18ff20125d --- /dev/null +++ b/2019/18xxx/CVE-2019-18623.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18623", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attacker to access data. If an unauthenticated user clicks on a link on the public dashboard, the resource opens in EnergyCAP with access rights matching the user who created the dashboard." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://energycap.freshdesk.com/support/solutions/articles/31000152837-2019-october-24-security-incident-notification-issue-with-public-dashboards-found-and-resolved", + "url": "https://energycap.freshdesk.com/support/solutions/articles/31000152837-2019-october-24-security-incident-notification-issue-with-public-dashboards-found-and-resolved" + }, + { + "refsource": "CONFIRM", + "name": "https://energycap.freshdesk.com/helpdesk/attachments/31016649523", + "url": "https://energycap.freshdesk.com/helpdesk/attachments/31016649523" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2215.json b/2019/2xxx/CVE-2019-2215.json index d56a4c75dca..0c161a52ccd 100644 --- a/2019/2xxx/CVE-2019-2215.json +++ b/2019/2xxx/CVE-2019-2215.json @@ -73,6 +73,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3900.json b/2019/3xxx/CVE-2019-3900.json index 600f9ebaff5..cc760939b4a 100644 --- a/2019/3xxx/CVE-2019-3900.json +++ b/2019/3xxx/CVE-2019-3900.json @@ -158,6 +158,11 @@ "refsource": "BUGTRAQ", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "url": "https://seclists.org/bugtraq/2019/Nov/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] },