From 820d6fea205ed71d00365dc3fbc334b97fee1683 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 5 Dec 2019 04:01:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/0xxx/CVE-2019-0001.json | 5 +++ 2019/10xxx/CVE-2019-10195.json | 5 +++ 2019/12xxx/CVE-2019-12523.json | 5 +++ 2019/12xxx/CVE-2019-12526.json | 5 +++ 2019/14xxx/CVE-2019-14867.json | 5 +++ 2019/18xxx/CVE-2019-18676.json | 5 +++ 2019/18xxx/CVE-2019-18677.json | 5 +++ 2019/18xxx/CVE-2019-18678.json | 5 +++ 2019/18xxx/CVE-2019-18679.json | 5 +++ 2019/18xxx/CVE-2019-18849.json | 5 +++ 2019/18xxx/CVE-2019-18928.json | 5 +++ 2019/19xxx/CVE-2019-19589.json | 61 ++++++++++++++++++++++++++++--- 2019/19xxx/CVE-2019-19597.json | 67 ++++++++++++++++++++++++++++++++++ 2019/19xxx/CVE-2019-19598.json | 67 ++++++++++++++++++++++++++++++++++ 2019/9xxx/CVE-2019-9461.json | 5 +++ 15 files changed, 249 insertions(+), 6 deletions(-) create mode 100644 2019/19xxx/CVE-2019-19597.json create mode 100644 2019/19xxx/CVE-2019-19598.json diff --git a/2019/0xxx/CVE-2019-0001.json b/2019/0xxx/CVE-2019-0001.json index a82af3a59a9..a76118f1ed5 100644 --- a/2019/0xxx/CVE-2019-0001.json +++ b/2019/0xxx/CVE-2019-0001.json @@ -141,6 +141,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-5f14b810f8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-815807c020", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE/" } ] }, diff --git a/2019/10xxx/CVE-2019-10195.json b/2019/10xxx/CVE-2019-10195.json index c474292cac3..8cbcf7dc7bb 100644 --- a/2019/10xxx/CVE-2019-10195.json +++ b/2019/10xxx/CVE-2019-10195.json @@ -82,6 +82,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-8e9093da55", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-c64e1612f5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/" } ] }, diff --git a/2019/12xxx/CVE-2019-12523.json b/2019/12xxx/CVE-2019-12523.json index ff504deb7c6..6c8f4dc2935 100644 --- a/2019/12xxx/CVE-2019-12523.json +++ b/2019/12xxx/CVE-2019-12523.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/12xxx/CVE-2019-12526.json b/2019/12xxx/CVE-2019-12526.json index 4c3a88f624a..c1c8757afc9 100644 --- a/2019/12xxx/CVE-2019-12526.json +++ b/2019/12xxx/CVE-2019-12526.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/14xxx/CVE-2019-14867.json b/2019/14xxx/CVE-2019-14867.json index f131b862509..23fe52ebd78 100644 --- a/2019/14xxx/CVE-2019-14867.json +++ b/2019/14xxx/CVE-2019-14867.json @@ -82,6 +82,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-8e9093da55", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-c64e1612f5", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF/" } ] }, diff --git a/2019/18xxx/CVE-2019-18676.json b/2019/18xxx/CVE-2019-18676.json index b24c426db28..399f53ecb92 100644 --- a/2019/18xxx/CVE-2019-18676.json +++ b/2019/18xxx/CVE-2019-18676.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/18xxx/CVE-2019-18677.json b/2019/18xxx/CVE-2019-18677.json index 6f5d058fe97..6cde27c1966 100644 --- a/2019/18xxx/CVE-2019-18677.json +++ b/2019/18xxx/CVE-2019-18677.json @@ -86,6 +86,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/18xxx/CVE-2019-18678.json b/2019/18xxx/CVE-2019-18678.json index 09647ce05b9..1e85f70f3f0 100644 --- a/2019/18xxx/CVE-2019-18678.json +++ b/2019/18xxx/CVE-2019-18678.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/18xxx/CVE-2019-18679.json b/2019/18xxx/CVE-2019-18679.json index b0d8b6e3a99..ae51753e274 100644 --- a/2019/18xxx/CVE-2019-18679.json +++ b/2019/18xxx/CVE-2019-18679.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-0b16cbdd0e", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UEMOYTMCCFWK5NOXSXEIH5D2VGWVXR67/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9538783033", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTM74TU2BSLT5B3H4F3UDW53672NVLMC/" } ] } diff --git a/2019/18xxx/CVE-2019-18849.json b/2019/18xxx/CVE-2019-18849.json index 0489d7dc985..07c1848cad3 100644 --- a/2019/18xxx/CVE-2019-18849.json +++ b/2019/18xxx/CVE-2019-18849.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-5f14b810f8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-815807c020", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE/" } ] } diff --git a/2019/18xxx/CVE-2019-18928.json b/2019/18xxx/CVE-2019-18928.json index 2362b955a25..fac965663af 100644 --- a/2019/18xxx/CVE-2019-18928.json +++ b/2019/18xxx/CVE-2019-18928.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-393e1cef4d", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHV3TUU53WCKJ3BBRK2EHAF44MSZEFK6/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-03be160f9c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAGKPZDXQ6KRUGQVRAO6N4PCINP6KS5F/" } ] } diff --git a/2019/19xxx/CVE-2019-19589.json b/2019/19xxx/CVE-2019-19589.json index fa5f65e0c70..073d3343368 100644 --- a/2019/19xxx/CVE-2019-19589.json +++ b/2019/19xxx/CVE-2019-19589.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19589", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19589", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Lever PDF Embedder plugin 4.4 for WordPress does not block the distribution of polyglot PDF documents that are valid JAR archives." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sejalivre.org/usando-arquivos-polyglot-para-distribuir-malwares/", + "refsource": "MISC", + "name": "https://sejalivre.org/usando-arquivos-polyglot-para-distribuir-malwares/" + }, + { + "url": "https://wordpress.org/plugins/pdf-embedder/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/pdf-embedder/#developers" } ] } diff --git a/2019/19xxx/CVE-2019-19597.json b/2019/19xxx/CVE-2019-19597.json new file mode 100644 index 00000000000..78cfe760394 --- /dev/null +++ b/2019/19xxx/CVE-2019-19597.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-19597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote code execution as root without authentication via shell metacharacters within an HNAP_AUTH HTTP header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135" + }, + { + "url": "https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/", + "refsource": "MISC", + "name": "https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19598.json b/2019/19xxx/CVE-2019-19598.json new file mode 100644 index 00000000000..d3fd8ce405a --- /dev/null +++ b/2019/19xxx/CVE-2019-19598.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-19598", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "D-Link DAP-1860 devices before v1.04b03 Beta allow access to administrator functions without authentication via the HNAP_AUTH header timestamp value. In HTTP requests, part of the HNAP_AUTH header is the timestamp used to determine the time when the user sent the request. If this value is equal to the value stored in the device's /var/hnap/timestamp file, the request will pass the HNAP_AUTH check function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10135" + }, + { + "url": "https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/", + "refsource": "MISC", + "name": "https://chung96vn.wordpress.com/2019/11/15/d-link-dap-1860-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9461.json b/2019/9xxx/CVE-2019-9461.json index 9f7098a72fd..948c53188d7 100644 --- a/2019/9xxx/CVE-2019-9461.json +++ b/2019/9xxx/CVE-2019-9461.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://source.android.com/security/bulletin/pixel/2019-09-01", "url": "https://source.android.com/security/bulletin/pixel/2019-09-01" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20191204 [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections.", + "url": "http://www.openwall.com/lists/oss-security/2019/12/05/1" } ] },