diff --git a/2019/6xxx/CVE-2019-6974.json b/2019/6xxx/CVE-2019-6974.json index 9f88189e984..7e0eb113a8a 100644 --- a/2019/6xxx/CVE-2019-6974.json +++ b/2019/6xxx/CVE-2019-6974.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6974", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,58 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9", + "refsource" : "MISC", + "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9" + }, + { + "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765", + "refsource" : "MISC", + "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1765" + }, + { + "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99", + "refsource" : "MISC", + "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99" + }, + { + "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21", + "refsource" : "MISC", + "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21" + }, + { + "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8", + "refsource" : "MISC", + "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8" + }, + { + "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156", + "refsource" : "MISC", + "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156" + }, + { + "name" : "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9", + "refsource" : "MISC", + "url" : "https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9" } ] } diff --git a/2019/8xxx/CVE-2019-8346.json b/2019/8xxx/CVE-2019-8346.json new file mode 100644 index 00000000000..10bf6d473ce --- /dev/null +++ b/2019/8xxx/CVE-2019-8346.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8346", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8347.json b/2019/8xxx/CVE-2019-8347.json new file mode 100644 index 00000000000..530f3980df2 --- /dev/null +++ b/2019/8xxx/CVE-2019-8347.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8347", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/source-trace/beescms/issues/4", + "refsource" : "MISC", + "url" : "https://github.com/source-trace/beescms/issues/4" + } + ] + } +}