From 8436e99542342d750460497f1b5530d4a09f1d1b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 24 Jun 2019 21:00:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2014/3xxx/CVE-2014-3637.json | 5 +++ 2014/9xxx/CVE-2014-9699.json | 53 ++++++++++++++++++++++++++++++-- 2016/10xxx/CVE-2016-10745.json | 5 +++ 2017/18xxx/CVE-2017-18376.json | 5 +++ 2018/12xxx/CVE-2018-12056.json | 5 +++ 2018/19xxx/CVE-2018-19800.json | 5 +++ 2018/19xxx/CVE-2018-19801.json | 5 +++ 2018/19xxx/CVE-2018-19802.json | 5 +++ 2019/10xxx/CVE-2019-10906.json | 5 +++ 2019/12xxx/CVE-2019-12346.json | 56 ++++++++++++++++++++++++++++++---- 2019/12xxx/CVE-2019-12814.json | 15 +++++++++ 2019/8xxx/CVE-2019-8341.json | 5 +++ 12 files changed, 161 insertions(+), 8 deletions(-) diff --git a/2014/3xxx/CVE-2014-3637.json b/2014/3xxx/CVE-2014-3637.json index f7197683e58..254e3582e50 100644 --- a/2014/3xxx/CVE-2014-3637.json +++ b/2014/3xxx/CVE-2014-3637.json @@ -96,6 +96,11 @@ "name": "MDVSA-2015:176", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20190624 Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz", + "url": "http://www.openwall.com/lists/oss-security/2019/06/24/13" } ] } diff --git a/2014/9xxx/CVE-2014-9699.json b/2014/9xxx/CVE-2014-9699.json index 318136789af..780c5130ae0 100644 --- a/2014/9xxx/CVE-2014-9699.json +++ b/2014/9xxx/CVE-2014-9699.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9699", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520", + "url": "https://support.makerbot.com/learn/makerbot-desktop-software/release-notes/makerbot-desktop-release-notes_13520" + }, + { + "refsource": "MISC", + "name": "https://secur3.us/index.php/vulnerabilities/", + "url": "https://secur3.us/index.php/vulnerabilities/" } ] } diff --git a/2016/10xxx/CVE-2016-10745.json b/2016/10xxx/CVE-2016-10745.json index bed05f039d7..a3f3be46ccc 100644 --- a/2016/10xxx/CVE-2016-10745.json +++ b/2016/10xxx/CVE-2016-10745.json @@ -91,6 +91,11 @@ "refsource": "UBUNTU", "name": "USN-4011-2", "url": "https://usn.ubuntu.com/4011-2/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1614", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html" } ] } diff --git a/2017/18xxx/CVE-2017-18376.json b/2017/18xxx/CVE-2017-18376.json index 847440c3a82..565dd7d4561 100644 --- a/2017/18xxx/CVE-2017-18376.json +++ b/2017/18xxx/CVE-2017-18376.json @@ -61,6 +61,11 @@ "url": "https://github.com/TheHive-Project/TheHive/releases/tag/3.3.1", "refsource": "MISC", "name": "https://github.com/TheHive-Project/TheHive/releases/tag/3.3.1" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591", + "url": "https://gist.github.com/RaJiska/c1b4521aefd77ed43b06045ca05e2591" } ] } diff --git a/2018/12xxx/CVE-2018-12056.json b/2018/12xxx/CVE-2018-12056.json index a6994ab7999..f6801aa850a 100644 --- a/2018/12xxx/CVE-2018-12056.json +++ b/2018/12xxx/CVE-2018-12056.json @@ -56,6 +56,11 @@ "name": "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40", "refsource": "MISC", "url": "https://medium.com/@jonghyk.song/to-be-a-winner-of-ethereum-gambling-game-all-for-one-by-breaking-prng-1ab011163d40" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814", + "url": "https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E" } ] } diff --git a/2018/19xxx/CVE-2018-19800.json b/2018/19xxx/CVE-2018-19800.json index f1e7c3a2ea3..6883e9a66ea 100644 --- a/2018/19xxx/CVE-2018-19800.json +++ b/2018/19xxx/CVE-2018-19800.json @@ -56,6 +56,11 @@ "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog", "refsource": "MISC", "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1618", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html" } ] } diff --git a/2018/19xxx/CVE-2018-19801.json b/2018/19xxx/CVE-2018-19801.json index 2eaf7f8b66e..b2ab5d372eb 100644 --- a/2018/19xxx/CVE-2018-19801.json +++ b/2018/19xxx/CVE-2018-19801.json @@ -56,6 +56,11 @@ "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog", "refsource": "MISC", "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1618", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html" } ] } diff --git a/2018/19xxx/CVE-2018-19802.json b/2018/19xxx/CVE-2018-19802.json index 0feb7af5ef8..175eefa5dee 100644 --- a/2018/19xxx/CVE-2018-19802.json +++ b/2018/19xxx/CVE-2018-19802.json @@ -56,6 +56,11 @@ "url": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog", "refsource": "MISC", "name": "https://github.com/aubio/aubio/blob/0.4.9/ChangeLog" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1618", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.html" } ] } diff --git a/2019/10xxx/CVE-2019-10906.json b/2019/10xxx/CVE-2019-10906.json index 956ec6a9ce3..ca243ba8174 100644 --- a/2019/10xxx/CVE-2019-10906.json +++ b/2019/10xxx/CVE-2019-10906.json @@ -141,6 +141,11 @@ "refsource": "UBUNTU", "name": "USN-4011-2", "url": "https://usn.ubuntu.com/4011-2/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1614", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html" } ] } diff --git a/2019/12xxx/CVE-2019-12346.json b/2019/12xxx/CVE-2019-12346.json index 197f844bdd5..5dea0771aa9 100644 --- a/2019/12xxx/CVE-2019-12346.json +++ b/2019/12xxx/CVE-2019-12346.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12346", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12346", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for WordPress, the SAML Login Endpoint is vulnerable to XSS via a specially crafted SAMLResponse XML post." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://zeroauth.ltd/blog/2019/05/27/cve-2019-12346-miniorange-saml-sp-single-sign-on-wordpress-plugin-xss/", + "url": "https://zeroauth.ltd/blog/2019/05/27/cve-2019-12346-miniorange-saml-sp-single-sign-on-wordpress-plugin-xss/" } ] } diff --git a/2019/12xxx/CVE-2019-12814.json b/2019/12xxx/CVE-2019-12814.json index cc759cd5891..07f713f0fcc 100644 --- a/2019/12xxx/CVE-2019-12814.json +++ b/2019/12xxx/CVE-2019-12814.json @@ -81,6 +81,21 @@ "refsource": "MLIST", "name": "[zookeeper-dev] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814", "url": "https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli closed pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814", + "url": "https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814", + "url": "https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli commented on issue #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814", + "url": "https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E" } ] } diff --git a/2019/8xxx/CVE-2019-8341.json b/2019/8xxx/CVE-2019-8341.json index f4e8aa21a9a..e4d6ba1c61a 100644 --- a/2019/8xxx/CVE-2019-8341.json +++ b/2019/8xxx/CVE-2019-8341.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1395", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1614", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html" } ] }