diff --git a/2016/10xxx/CVE-2016-10866.json b/2016/10xxx/CVE-2016-10866.json new file mode 100644 index 00000000000..9de48c92f4e --- /dev/null +++ b/2016/10xxx/CVE-2016-10866.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10867.json b/2016/10xxx/CVE-2016-10867.json new file mode 100644 index 00000000000..73db2b9115b --- /dev/null +++ b/2016/10xxx/CVE-2016-10867.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17805.json b/2017/17xxx/CVE-2017-17805.json index 5df5e8cf8ca..f3815a3488e 100644 --- a/2017/17xxx/CVE-2017-17805.json +++ b/2017/17xxx/CVE-2017-17805.json @@ -166,6 +166,11 @@ "name": "openSUSE-SU-2018:0023", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2473", + "url": "https://access.redhat.com/errata/RHSA-2019:2473" } ] } diff --git a/2017/18xxx/CVE-2017-18487.json b/2017/18xxx/CVE-2017-18487.json new file mode 100644 index 00000000000..86ae8977e97 --- /dev/null +++ b/2017/18xxx/CVE-2017-18487.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/adsense-plugin/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/adsense-plugin/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18488.json b/2017/18xxx/CVE-2017-18488.json new file mode 100644 index 00000000000..3bea580dc2c --- /dev/null +++ b/2017/18xxx/CVE-2017-18488.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18488", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/backup/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/backup/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17972.json b/2018/17xxx/CVE-2018-17972.json index 931d320cc99..e35d50de9d2 100644 --- a/2018/17xxx/CVE-2018-17972.json +++ b/2018/17xxx/CVE-2018-17972.json @@ -146,6 +146,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1407", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2473", + "url": "https://access.redhat.com/errata/RHSA-2019:2473" } ] } diff --git a/2019/1010xxx/CVE-2019-1010259.json b/2019/1010xxx/CVE-2019-1010259.json index 7e0b2248745..e2f79490511 100644 --- a/2019/1010xxx/CVE-2019-1010259.json +++ b/2019/1010xxx/CVE-2019-1010259.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt (https://github.com/saltstack/salt/blob/develop/salt/modules/mysql.py#L1462). The attack vector is: specially crafted password string. The fixed version is: 2018.3.4." + "value": "SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt. The attack vector is: specially crafted password string. The fixed version is: 2018.3.4." } ] }, diff --git a/2019/14xxx/CVE-2019-14744.json b/2019/14xxx/CVE-2019-14744.json index 341789d0331..b6a45da3866 100644 --- a/2019/14xxx/CVE-2019-14744.json +++ b/2019/14xxx/CVE-2019-14744.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1851", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00013.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1855", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00016.html" } ] } diff --git a/2019/14xxx/CVE-2019-14988.json b/2019/14xxx/CVE-2019-14988.json new file mode 100644 index 00000000000..93759ce751c --- /dev/null +++ b/2019/14xxx/CVE-2019-14988.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14988", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9512. Reason: This candidate is a reservation duplicate of CVE-2019-9512. Notes: All CVE users should reference CVE-2019-9512 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14989.json b/2019/14xxx/CVE-2019-14989.json new file mode 100644 index 00000000000..5fec959f01f --- /dev/null +++ b/2019/14xxx/CVE-2019-14989.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14989", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9513. Reason: This candidate is a reservation duplicate of CVE-2019-9513. Notes: All CVE users should reference CVE-2019-9513 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14990.json b/2019/14xxx/CVE-2019-14990.json new file mode 100644 index 00000000000..c1afe855e6b --- /dev/null +++ b/2019/14xxx/CVE-2019-14990.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14990", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9514. Reason: This candidate is a reservation duplicate of CVE-2019-9514. Notes: All CVE users should reference CVE-2019-9514 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14991.json b/2019/14xxx/CVE-2019-14991.json new file mode 100644 index 00000000000..99ee27036e8 --- /dev/null +++ b/2019/14xxx/CVE-2019-14991.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14991", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9515. Reason: This candidate is a reservation duplicate of CVE-2019-9515. Notes: All CVE users should reference CVE-2019-9515 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14992.json b/2019/14xxx/CVE-2019-14992.json new file mode 100644 index 00000000000..f9cf4477e11 --- /dev/null +++ b/2019/14xxx/CVE-2019-14992.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14992", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9518. Reason: This candidate is a reservation duplicate of CVE-2019-9518. Notes: All CVE users should reference CVE-2019-9518 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14993.json b/2019/14xxx/CVE-2019-14993.json new file mode 100644 index 00000000000..dcb624b1dd0 --- /dev/null +++ b/2019/14xxx/CVE-2019-14993.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://discuss.istio.io/t/upcoming-security-updates-in-istio-1-2-4-and-1-1-13/3383", + "refsource": "MISC", + "name": "https://discuss.istio.io/t/upcoming-security-updates-in-istio-1-2-4-and-1-1-13/3383" + }, + { + "refsource": "MISC", + "name": "https://github.com/envoyproxy/envoy/issues/7728", + "url": "https://github.com/envoyproxy/envoy/issues/7728" + }, + { + "refsource": "CONFIRM", + "name": "https://istio.io/blog/2019/istio-security-003-004/", + "url": "https://istio.io/blog/2019/istio-security-003-004/" + }, + { + "refsource": "MISC", + "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86164", + "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86164" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1559.json b/2019/1xxx/CVE-2019-1559.json index bd8703e2014..42e727de024 100644 --- a/2019/1xxx/CVE-2019-1559.json +++ b/2019/1xxx/CVE-2019-1559.json @@ -191,6 +191,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2437", "url": "https://access.redhat.com/errata/RHSA-2019:2437" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2471", + "url": "https://access.redhat.com/errata/RHSA-2019:2471" } ] } diff --git a/2019/5xxx/CVE-2019-5489.json b/2019/5xxx/CVE-2019-5489.json index ff6b5a9a2e2..001d97ddad3 100644 --- a/2019/5xxx/CVE-2019-5489.json +++ b/2019/5xxx/CVE-2019-5489.json @@ -131,6 +131,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2029", "url": "https://access.redhat.com/errata/RHSA-2019:2029" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2473", + "url": "https://access.redhat.com/errata/RHSA-2019:2473" } ] }