diff --git a/2017/0xxx/CVE-2017-0330.json b/2017/0xxx/CVE-2017-0330.json index 11d7aaf16bc..54da985b4c7 100644 --- a/2017/0xxx/CVE-2017-0330.json +++ b/2017/0xxx/CVE-2017-0330.json @@ -66,6 +66,11 @@ "name": "1038201", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1038201" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2017/6xxx/CVE-2017-6274.json b/2017/6xxx/CVE-2017-6274.json index 3691d73cafc..15945464095 100644 --- a/2017/6xxx/CVE-2017-6274.json +++ b/2017/6xxx/CVE-2017-6274.json @@ -57,6 +57,11 @@ "name": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2017/6xxx/CVE-2017-6278.json b/2017/6xxx/CVE-2017-6278.json index b67c1a39bfa..040ab22b713 100644 --- a/2017/6xxx/CVE-2017-6278.json +++ b/2017/6xxx/CVE-2017-6278.json @@ -57,6 +57,11 @@ "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2017/6xxx/CVE-2017-6284.json b/2017/6xxx/CVE-2017-6284.json index a972d5ab359..0d3f455d7db 100644 --- a/2017/6xxx/CVE-2017-6284.json +++ b/2017/6xxx/CVE-2017-6284.json @@ -57,6 +57,11 @@ "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2017/7xxx/CVE-2017-7649.json b/2017/7xxx/CVE-2017-7649.json index 9c6a56f3a23..d9fbd704e5e 100644 --- a/2017/7xxx/CVE-2017-7649.json +++ b/2017/7xxx/CVE-2017-7649.json @@ -66,4 +66,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2018/1000xxx/CVE-2018-1000807.json b/2018/1000xxx/CVE-2018-1000807.json index be7050bf2a6..fa3696a63ab 100644 --- a/2018/1000xxx/CVE-2018-1000807.json +++ b/2018/1000xxx/CVE-2018-1000807.json @@ -69,6 +69,11 @@ "name": "USN-3813-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3813-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1104", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html" } ] } diff --git a/2018/1000xxx/CVE-2018-1000808.json b/2018/1000xxx/CVE-2018-1000808.json index 20ff4b19f3d..99b0aaa7ac9 100644 --- a/2018/1000xxx/CVE-2018-1000808.json +++ b/2018/1000xxx/CVE-2018-1000808.json @@ -69,6 +69,11 @@ "name": "USN-3813-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3813-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1104", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html" } ] } diff --git a/2018/1000xxx/CVE-2018-1000999.json b/2018/1000xxx/CVE-2018-1000999.json index 9d5a6d4c3fd..1599c5d9e11 100644 --- a/2018/1000xxx/CVE-2018-1000999.json +++ b/2018/1000xxx/CVE-2018-1000999.json @@ -1,64 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "DATE_ASSIGNED": "2019-01-22T21:21:10.010936", - "DATE_REQUESTED": "2018-12-20T18:12:12", - "ID": "CVE-2018-1000999", - "REQUESTER": "cve@rapid7.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-1000999", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "Fastnet SA MailCleaner version 2018092601 contains a Command Injection (CWE-78) vulnerability in /admin/managetracing/search/search that can result in an authenticated web application user running commands on the underlying web server as root. This attack appears to be exploitable via Post-authentication access to the web server." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://github.com/rapid7/metasploit-framework/pull/11148", - "refsource": "MISC", - "url": "https://github.com/rapid7/metasploit-framework/pull/11148" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: [CVE-2018-20323]. Reason: This candidate is a duplicate of [CVE-2018-20323]. Notes: All CVE users should reference [CVE-2018-20323] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/10xxx/CVE-2018-10733.json b/2018/10xxx/CVE-2018-10733.json index 33450a3c2a3..62311732b49 100644 --- a/2018/10xxx/CVE-2018-10733.json +++ b/2018/10xxx/CVE-2018-10733.json @@ -66,6 +66,11 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1120", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00005.html" } ] } diff --git a/2018/10xxx/CVE-2018-10916.json b/2018/10xxx/CVE-2018-10916.json index 1f0a39eca1d..b92ee4a6c40 100644 --- a/2018/10xxx/CVE-2018-10916.json +++ b/2018/10xxx/CVE-2018-10916.json @@ -86,6 +86,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1059", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1110", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html" } ] } diff --git a/2018/11xxx/CVE-2018-11813.json b/2018/11xxx/CVE-2018-11813.json index 7b49e173510..64e535e3061 100644 --- a/2018/11xxx/CVE-2018-11813.json +++ b/2018/11xxx/CVE-2018-11813.json @@ -61,6 +61,11 @@ "name": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf", "refsource": "MISC", "url": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1118", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html" } ] } diff --git a/2018/12xxx/CVE-2018-12558.json b/2018/12xxx/CVE-2018-12558.json index 6fb4a61c673..c45e440abe8 100644 --- a/2018/12xxx/CVE-2018-12558.json +++ b/2018/12xxx/CVE-2018-12558.json @@ -61,6 +61,11 @@ "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873", "refsource": "MISC", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1114", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00012.html" } ] } diff --git a/2018/14xxx/CVE-2018-14498.json b/2018/14xxx/CVE-2018-14498.json index bf404f5cb85..32dca8f0c71 100644 --- a/2018/14xxx/CVE-2018-14498.json +++ b/2018/14xxx/CVE-2018-14498.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-87e2fa8e0f", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1118", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html" } ] } diff --git a/2018/18xxx/CVE-2018-18384.json b/2018/18xxx/CVE-2018-18384.json index f3be7f45ff6..d2766d1973c 100644 --- a/2018/18xxx/CVE-2018-18384.json +++ b/2018/18xxx/CVE-2018-18384.json @@ -61,6 +61,11 @@ "name": "https://sourceforge.net/p/infozip/bugs/53/", "refsource": "MISC", "url": "https://sourceforge.net/p/infozip/bugs/53/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1117", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html" } ] } diff --git a/2018/19xxx/CVE-2018-19275.json b/2018/19xxx/CVE-2018-19275.json index a5b445bf306..2cbf6e5557b 100644 --- a/2018/19xxx/CVE-2018-19275.json +++ b/2018/19xxx/CVE-2018-19275.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19275", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002", + "url": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002" + }, + { + "refsource": "CONFIRM", + "name": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf", + "url": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf" } ] } diff --git a/2018/19xxx/CVE-2018-19869.json b/2018/19xxx/CVE-2018-19869.json index 9949fca5559..56835e7e11a 100644 --- a/2018/19xxx/CVE-2018-19869.json +++ b/2018/19xxx/CVE-2018-19869.json @@ -61,6 +61,11 @@ "name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/", "refsource": "CONFIRM", "url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1116", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html" } ] } diff --git a/2018/19xxx/CVE-2018-19871.json b/2018/19xxx/CVE-2018-19871.json index 2f4f5bdc180..a46663eedf8 100644 --- a/2018/19xxx/CVE-2018-19871.json +++ b/2018/19xxx/CVE-2018-19871.json @@ -61,6 +61,11 @@ "name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/", "refsource": "CONFIRM", "url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1115", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html" } ] } diff --git a/2018/1xxx/CVE-2018-1152.json b/2018/1xxx/CVE-2018-1152.json index 37b759bde10..ea9d2ea8469 100644 --- a/2018/1xxx/CVE-2018-1152.json +++ b/2018/1xxx/CVE-2018-1152.json @@ -82,6 +82,11 @@ "name": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6", "refsource": "CONFIRM", "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1118", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html" } ] } diff --git a/2018/3xxx/CVE-2018-3639.json b/2018/3xxx/CVE-2018-3639.json index e83cfcafb20..aaae91ee21b 100644 --- a/2018/3xxx/CVE-2018-3639.json +++ b/2018/3xxx/CVE-2018-3639.json @@ -727,6 +727,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2018/3xxx/CVE-2018-3665.json b/2018/3xxx/CVE-2018-3665.json index 14066507b36..fc3d2a74064 100644 --- a/2018/3xxx/CVE-2018-3665.json +++ b/2018/3xxx/CVE-2018-3665.json @@ -152,6 +152,11 @@ "name": "USN-3698-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3698-2/" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2018/6xxx/CVE-2018-6267.json b/2018/6xxx/CVE-2018-6267.json index 439414a5992..cbfadfbf973 100644 --- a/2018/6xxx/CVE-2018-6267.json +++ b/2018/6xxx/CVE-2018-6267.json @@ -62,6 +62,11 @@ "name": "https://source.android.com/security/bulletin/2019-02-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2018/6xxx/CVE-2018-6268.json b/2018/6xxx/CVE-2018-6268.json index acf6e5de357..39c6a3553a9 100644 --- a/2018/6xxx/CVE-2018-6268.json +++ b/2018/6xxx/CVE-2018-6268.json @@ -62,6 +62,11 @@ "name": "https://source.android.com/security/bulletin/2019-02-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2018/6xxx/CVE-2018-6271.json b/2018/6xxx/CVE-2018-6271.json index c9a1724a5b9..fe020d3dd11 100644 --- a/2018/6xxx/CVE-2018-6271.json +++ b/2018/6xxx/CVE-2018-6271.json @@ -62,6 +62,11 @@ "name": "https://source.android.com/security/bulletin/2019-02-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787" } ] } diff --git a/2018/9xxx/CVE-2018-9867.json b/2018/9xxx/CVE-2018-9867.json index 5ea3236b370..8575261ee73 100644 --- a/2018/9xxx/CVE-2018-9867.json +++ b/2018/9xxx/CVE-2018-9867.json @@ -11,58 +11,58 @@ "product": { "product_data": [ { - "product_name" : "SonicOS", - "version" : { - "version_data" : [ - { - "version_value" : "5.9.1.10 and earlier" - }, - { - "version_value" : "6.2.7.3" - }, - { - "version_value" : "6.5.1.3" - }, - { - "version_value" : "6.5.2.2" - }, - { - "version_value" : "6.5.3.1" - }, - { - "version_value" : "6.2.7.8" - }, - { - "version_value" : "6.4.0.0" - }, - { - "version_value" : "6.5.1.8" - }, - { - "version_value" : "6.0.5.3-86o" - } - ] + "product_name": "SonicOS", + "version": { + "version_data": [ + { + "version_value": "5.9.1.10 and earlier" + }, + { + "version_value": "6.2.7.3" + }, + { + "version_value": "6.5.1.3" + }, + { + "version_value": "6.5.2.2" + }, + { + "version_value": "6.5.3.1" + }, + { + "version_value": "6.2.7.8" + }, + { + "version_value": "6.4.0.0" + }, + { + "version_value": "6.5.1.8" + }, + { + "version_value": "6.0.5.3-86o" + } + ] } - }, - { - "product_name" : "SonicOSv", - "version" : { - "version_data" : [ - { - "version_value" : "6.5.0.2-8v_RC363 (VMWARE)" - }, - { - "version_value" : "6.5.0.2.8v_RC367 (AZURE)" - }, - { - "version_value" : "6.5.0.2.8v_RC368 (AWS)" - }, - { - "version_value" : "6.5.0.2.8v_RC366 (HYPER_V)" - } - ] + }, + { + "product_name": "SonicOSv", + "version": { + "version_data": [ + { + "version_value": "6.5.0.2-8v_RC363 (VMWARE)" + }, + { + "version_value": "6.5.0.2.8v_RC367 (AZURE)" + }, + { + "version_value": "6.5.0.2.8v_RC368 (AWS)" + }, + { + "version_value": "6.5.0.2.8v_RC366 (HYPER_V)" + } + ] } - } + } ] }, "vendor_name": "SonicWall" diff --git a/2019/10xxx/CVE-2019-10692.json b/2019/10xxx/CVE-2019-10692.json new file mode 100644 index 00000000000..6e7ece33beb --- /dev/null +++ b/2019/10xxx/CVE-2019-10692.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10692", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755" + }, + { + "url": "https://wordpress.org/plugins/wp-google-maps/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-google-maps/#developers" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10693.json b/2019/10xxx/CVE-2019-10693.json new file mode 100644 index 00000000000..cd805f34d61 --- /dev/null +++ b/2019/10xxx/CVE-2019-10693.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10693", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10694.json b/2019/10xxx/CVE-2019-10694.json new file mode 100644 index 00000000000..384810fbafa --- /dev/null +++ b/2019/10xxx/CVE-2019-10694.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10694", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10695.json b/2019/10xxx/CVE-2019-10695.json new file mode 100644 index 00000000000..3eb91580518 --- /dev/null +++ b/2019/10xxx/CVE-2019-10695.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10695", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10696.json b/2019/10xxx/CVE-2019-10696.json new file mode 100644 index 00000000000..7682c30b308 --- /dev/null +++ b/2019/10xxx/CVE-2019-10696.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10696", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10697.json b/2019/10xxx/CVE-2019-10697.json new file mode 100644 index 00000000000..abbb164f096 --- /dev/null +++ b/2019/10xxx/CVE-2019-10697.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10697", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10698.json b/2019/10xxx/CVE-2019-10698.json new file mode 100644 index 00000000000..44049c43ed6 --- /dev/null +++ b/2019/10xxx/CVE-2019-10698.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10698", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10699.json b/2019/10xxx/CVE-2019-10699.json new file mode 100644 index 00000000000..878614e2ad5 --- /dev/null +++ b/2019/10xxx/CVE-2019-10699.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10699", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10700.json b/2019/10xxx/CVE-2019-10700.json new file mode 100644 index 00000000000..59b384fbd78 --- /dev/null +++ b/2019/10xxx/CVE-2019-10700.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10700", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10701.json b/2019/10xxx/CVE-2019-10701.json new file mode 100644 index 00000000000..7dd3dff801c --- /dev/null +++ b/2019/10xxx/CVE-2019-10701.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10701", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10702.json b/2019/10xxx/CVE-2019-10702.json new file mode 100644 index 00000000000..10e522330e5 --- /dev/null +++ b/2019/10xxx/CVE-2019-10702.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10702", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10703.json b/2019/10xxx/CVE-2019-10703.json new file mode 100644 index 00000000000..085a025b507 --- /dev/null +++ b/2019/10xxx/CVE-2019-10703.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10703", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1559.json b/2019/1xxx/CVE-2019-1559.json index ba21d529590..69a91074fda 100644 --- a/2019/1xxx/CVE-2019-1559.json +++ b/2019/1xxx/CVE-2019-1559.json @@ -126,6 +126,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1076", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1105", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html" } ] } diff --git a/2019/3xxx/CVE-2019-3816.json b/2019/3xxx/CVE-2019-3816.json index e0de9929830..f53687a44dc 100644 --- a/2019/3xxx/CVE-2019-3816.json +++ b/2019/3xxx/CVE-2019-3816.json @@ -101,6 +101,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-af0cd1b8f7", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1111", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html" } ] } diff --git a/2019/3xxx/CVE-2019-3833.json b/2019/3xxx/CVE-2019-3833.json index 79689d36746..3cd9b4714c8 100644 --- a/2019/3xxx/CVE-2019-3833.json +++ b/2019/3xxx/CVE-2019-3833.json @@ -91,6 +91,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-af0cd1b8f7", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1111", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html" } ] } diff --git a/2019/3xxx/CVE-2019-3838.json b/2019/3xxx/CVE-2019-3838.json index 8eb5788d598..441daa61c37 100644 --- a/2019/3xxx/CVE-2019-3838.json +++ b/2019/3xxx/CVE-2019-3838.json @@ -68,6 +68,16 @@ "refsource": "FEDORA", "name": "FEDORA-2019-1a2c059afd", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANBSCZABXQUEQWIKNWJ35IYX24M227EI/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1119", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1121", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00018.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3855.json b/2019/3xxx/CVE-2019-3855.json index 32403d74fa3..865c1720e22 100644 --- a/2019/3xxx/CVE-2019-3855.json +++ b/2019/3xxx/CVE-2019-3855.json @@ -111,6 +111,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3856.json b/2019/3xxx/CVE-2019-3856.json index 876c91e24d5..c122c1d367a 100644 --- a/2019/3xxx/CVE-2019-3856.json +++ b/2019/3xxx/CVE-2019-3856.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3857.json b/2019/3xxx/CVE-2019-3857.json index c8be821c373..6232923532e 100644 --- a/2019/3xxx/CVE-2019-3857.json +++ b/2019/3xxx/CVE-2019-3857.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3858.json b/2019/3xxx/CVE-2019-3858.json index 3c7db23b1c0..7ceecb0bff4 100644 --- a/2019/3xxx/CVE-2019-3858.json +++ b/2019/3xxx/CVE-2019-3858.json @@ -98,6 +98,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3859.json b/2019/3xxx/CVE-2019-3859.json index 2f812eb92fb..4cd1aa3215d 100644 --- a/2019/3xxx/CVE-2019-3859.json +++ b/2019/3xxx/CVE-2019-3859.json @@ -103,6 +103,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3860.json b/2019/3xxx/CVE-2019-3860.json index 98d6907442c..0d342e4fa2c 100644 --- a/2019/3xxx/CVE-2019-3860.json +++ b/2019/3xxx/CVE-2019-3860.json @@ -68,6 +68,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3861.json b/2019/3xxx/CVE-2019-3861.json index e1c1337165b..922d33bfe00 100644 --- a/2019/3xxx/CVE-2019-3861.json +++ b/2019/3xxx/CVE-2019-3861.json @@ -68,6 +68,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3862.json b/2019/3xxx/CVE-2019-3862.json index e262c7c6fc6..2b174097b28 100644 --- a/2019/3xxx/CVE-2019-3862.json +++ b/2019/3xxx/CVE-2019-3862.json @@ -98,6 +98,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/3xxx/CVE-2019-3863.json b/2019/3xxx/CVE-2019-3863.json index db221ee1e55..8e52bdceace 100644 --- a/2019/3xxx/CVE-2019-3863.json +++ b/2019/3xxx/CVE-2019-3863.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1075", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1109", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html" } ] }, diff --git a/2019/7xxx/CVE-2019-7474.json b/2019/7xxx/CVE-2019-7474.json index 8e744c44e17..167287dde90 100644 --- a/2019/7xxx/CVE-2019-7474.json +++ b/2019/7xxx/CVE-2019-7474.json @@ -1,106 +1,105 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@sonicwall.com", - "ID" : "CVE-2019-7474", - "STATE" : "PUBLIC" + "CVE_data_meta": { + "ASSIGNER": "PSIRT@sonicwall.com", + "ID": "CVE-2019-7474", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SonicOS", - "version" : { - "version_data" : [ - { - "version_value" : "5.9.1.10 and earlier" - }, - { - "version_value" : "6.2.7.3" - }, - { - "version_value" : "6.5.1.3" - }, - { - "version_value" : "6.5.2.2" - }, - { - "version_value" : "6.5.3.1" - }, - { - "version_value" : "6.2.7.8" - }, - { - "version_value" : "6.4.0.0" - }, - { - "version_value" : "6.5.1.8" - }, - { - "version_value" : "6.0.5.3-86o" - } - ] - } - }, - { - "product_name" : "SonicOSv", - "version" : { - "version_data" : [ - { - "version_value" : "6.5.0.2-8v_RC363 (VMWARE)" - }, - { - "version_value" : "6.5.0.2.8v_RC367 (AZURE)" - }, - { - "version_value" : "6.5.0.2.8v_RC368 (AWS)" - }, - { - "version_value" : "6.5.0.2.8v_RC366 (HYPER_V)" - } - ] - } - } - ] - }, - "vendor_name" : "SonicWall" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ + "affects": { + "vendor": { + "vendor_data": [ { - "lang" : "eng", - "value" : "CWE-248: Uncaught Exception" + "product": { + "product_data": [ + { + "product_name": "SonicOS", + "version": { + "version_data": [ + { + "version_value": "5.9.1.10 and earlier" + }, + { + "version_value": "6.2.7.3" + }, + { + "version_value": "6.5.1.3" + }, + { + "version_value": "6.5.2.2" + }, + { + "version_value": "6.5.3.1" + }, + { + "version_value": "6.2.7.8" + }, + { + "version_value": "6.4.0.0" + }, + { + "version_value": "6.5.1.8" + }, + { + "version_value": "6.0.5.3-86o" + } + ] + } + }, + { + "product_name": "SonicOSv", + "version": { + "version_data": [ + { + "version_value": "6.5.0.2-8v_RC363 (VMWARE)" + }, + { + "version_value": "6.5.0.2.8v_RC367 (AZURE)" + }, + { + "version_value": "6.5.0.2.8v_RC368 (AWS)" + }, + { + "version_value": "6.5.0.2.8v_RC366 (HYPER_V)" + } + ] + } + } + ] + }, + "vendor_name": "SonicWall" } - ] - } - ] + ] + } }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001", - "refsource" : "CONFIRM", - "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001" - } - ] + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-248: Uncaught Exception" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001" + } + ] } - } - \ No newline at end of file +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7475.json b/2019/7xxx/CVE-2019-7475.json index c6ebe085e99..783a8b61b36 100644 --- a/2019/7xxx/CVE-2019-7475.json +++ b/2019/7xxx/CVE-2019-7475.json @@ -1,106 +1,105 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@sonicwall.com", - "ID" : "CVE-2019-7475", - "STATE" : "PUBLIC" + "CVE_data_meta": { + "ASSIGNER": "PSIRT@sonicwall.com", + "ID": "CVE-2019-7475", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SonicOS", - "version" : { - "version_data" : [ - { - "version_value" : "5.9.1.10 and earlier" - }, - { - "version_value" : "6.2.7.3" - }, - { - "version_value" : "6.5.1.3" - }, - { - "version_value" : "6.5.2.2" - }, - { - "version_value" : "6.5.3.1" - }, - { - "version_value" : "6.2.7.8" - }, - { - "version_value" : "6.4.0.0" - }, - { - "version_value" : "6.5.1.8" - }, - { - "version_value" : "6.0.5.3-86o" - } - ] - } - }, - { - "product_name" : "SonicOSv", - "version" : { - "version_data" : [ - { - "version_value" : "6.5.0.2-8v_RC363 (VMWARE)" - }, - { - "version_value" : "6.5.0.2.8v_RC367 (AZURE)" - }, - { - "version_value" : "6.5.0.2.8v_RC368 (AWS)" - }, - { - "version_value" : "6.5.0.2.8v_RC366 (HYPER_V)" - } - ] - } - } - ] - }, - "vendor_name" : "SonicWall" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ + "affects": { + "vendor": { + "vendor_data": [ { - "lang" : "eng", - "value" : "CWE-284: Improper Access Control" + "product": { + "product_data": [ + { + "product_name": "SonicOS", + "version": { + "version_data": [ + { + "version_value": "5.9.1.10 and earlier" + }, + { + "version_value": "6.2.7.3" + }, + { + "version_value": "6.5.1.3" + }, + { + "version_value": "6.5.2.2" + }, + { + "version_value": "6.5.3.1" + }, + { + "version_value": "6.2.7.8" + }, + { + "version_value": "6.4.0.0" + }, + { + "version_value": "6.5.1.8" + }, + { + "version_value": "6.0.5.3-86o" + } + ] + } + }, + { + "product_name": "SonicOSv", + "version": { + "version_data": [ + { + "version_value": "6.5.0.2-8v_RC363 (VMWARE)" + }, + { + "version_value": "6.5.0.2.8v_RC367 (AZURE)" + }, + { + "version_value": "6.5.0.2.8v_RC368 (AWS)" + }, + { + "version_value": "6.5.0.2.8v_RC366 (HYPER_V)" + } + ] + } + } + ] + }, + "vendor_name": "SonicWall" } - ] - } - ] + ] + } }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002", - "refsource" : "CONFIRM", - "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002" - } - ] + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002" + } + ] } - } - \ No newline at end of file +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7477.json b/2019/7xxx/CVE-2019-7477.json index 416de268d18..07020688017 100644 --- a/2019/7xxx/CVE-2019-7477.json +++ b/2019/7xxx/CVE-2019-7477.json @@ -1,106 +1,105 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@sonicwall.com", - "ID" : "CVE-2019-7477", - "STATE" : "PUBLIC" + "CVE_data_meta": { + "ASSIGNER": "PSIRT@sonicwall.com", + "ID": "CVE-2019-7477", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SonicOS", - "version" : { - "version_data" : [ - { - "version_value" : "5.9.1.10 and earlier" - }, - { - "version_value" : "6.2.7.3" - }, - { - "version_value" : "6.5.1.3" - }, - { - "version_value" : "6.5.2.2" - }, - { - "version_value" : "6.5.3.1" - }, - { - "version_value" : "6.2.7.8" - }, - { - "version_value" : "6.4.0.0" - }, - { - "version_value" : "6.5.1.8" - }, - { - "version_value" : "6.0.5.3-86o" - } - ] - } - }, - { - "product_name" : "SonicOSv", - "version" : { - "version_data" : [ - { - "version_value" : "6.5.0.2-8v_RC363 (VMWARE)" - }, - { - "version_value" : "6.5.0.2.8v_RC367 (AZURE)" - }, - { - "version_value" : "6.5.0.2.8v_RC368 (AWS)" - }, - { - "version_value" : "6.5.0.2.8v_RC366 (HYPER_V)" - } - ] - } - } - ] - }, - "vendor_name" : "SonicWall" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ + "affects": { + "vendor": { + "vendor_data": [ { - "lang" : "eng", - "value" : "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" + "product": { + "product_data": [ + { + "product_name": "SonicOS", + "version": { + "version_data": [ + { + "version_value": "5.9.1.10 and earlier" + }, + { + "version_value": "6.2.7.3" + }, + { + "version_value": "6.5.1.3" + }, + { + "version_value": "6.5.2.2" + }, + { + "version_value": "6.5.3.1" + }, + { + "version_value": "6.2.7.8" + }, + { + "version_value": "6.4.0.0" + }, + { + "version_value": "6.5.1.8" + }, + { + "version_value": "6.0.5.3-86o" + } + ] + } + }, + { + "product_name": "SonicOSv", + "version": { + "version_data": [ + { + "version_value": "6.5.0.2-8v_RC363 (VMWARE)" + }, + { + "version_value": "6.5.0.2.8v_RC367 (AZURE)" + }, + { + "version_value": "6.5.0.2.8v_RC368 (AWS)" + }, + { + "version_value": "6.5.0.2.8v_RC366 (HYPER_V)" + } + ] + } + } + ] + }, + "vendor_name": "SonicWall" } - ] - } - ] + ] + } }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003", - "refsource" : "CONFIRM", - "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003" - } - ] + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003" + } + ] } - } - \ No newline at end of file +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8955.json b/2019/8xxx/CVE-2019-8955.json index 7e0bc7596aa..acbb455ef20 100644 --- a/2019/8xxx/CVE-2019-8955.json +++ b/2019/8xxx/CVE-2019-8955.json @@ -66,6 +66,11 @@ "name": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312", "refsource": "MISC", "url": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1107", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00013.html" } ] } diff --git a/2019/9xxx/CVE-2019-9208.json b/2019/9xxx/CVE-2019-9208.json index b5db164973e..fd02e8e4f5a 100644 --- a/2019/9xxx/CVE-2019-9208.json +++ b/2019/9xxx/CVE-2019-9208.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20190324 [SECURITY] [DSA 4416-1] wireshark security update", "url": "https://seclists.org/bugtraq/2019/Mar/35" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1108", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html" } ] } diff --git a/2019/9xxx/CVE-2019-9209.json b/2019/9xxx/CVE-2019-9209.json index 93c7f3d2594..3c59f82ccc4 100644 --- a/2019/9xxx/CVE-2019-9209.json +++ b/2019/9xxx/CVE-2019-9209.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1108", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html" } ] } diff --git a/2019/9xxx/CVE-2019-9214.json b/2019/9xxx/CVE-2019-9214.json index 395292a1cba..f8558ff041d 100644 --- a/2019/9xxx/CVE-2019-9214.json +++ b/2019/9xxx/CVE-2019-9214.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20190324 [SECURITY] [DSA 4416-1] wireshark security update", "url": "https://seclists.org/bugtraq/2019/Mar/35" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1108", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html" } ] } diff --git a/2019/9xxx/CVE-2019-9894.json b/2019/9xxx/CVE-2019-9894.json index a957118463e..b6f9e42fb67 100644 --- a/2019/9xxx/CVE-2019-9894.json +++ b/2019/9xxx/CVE-2019-9894.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-9e1a1cd634", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1113", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" } ] } diff --git a/2019/9xxx/CVE-2019-9895.json b/2019/9xxx/CVE-2019-9895.json index 418cb759054..ceb3b8dcb24 100644 --- a/2019/9xxx/CVE-2019-9895.json +++ b/2019/9xxx/CVE-2019-9895.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-9e1a1cd634", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1113", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" } ] } diff --git a/2019/9xxx/CVE-2019-9896.json b/2019/9xxx/CVE-2019-9896.json index 9e09959dc4c..19089794a11 100644 --- a/2019/9xxx/CVE-2019-9896.json +++ b/2019/9xxx/CVE-2019-9896.json @@ -56,6 +56,11 @@ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "refsource": "MISC", "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1113", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" } ] } diff --git a/2019/9xxx/CVE-2019-9897.json b/2019/9xxx/CVE-2019-9897.json index e988bef91c8..753b4088651 100644 --- a/2019/9xxx/CVE-2019-9897.json +++ b/2019/9xxx/CVE-2019-9897.json @@ -66,6 +66,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-9e1a1cd634", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1113", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" } ] } diff --git a/2019/9xxx/CVE-2019-9898.json b/2019/9xxx/CVE-2019-9898.json index 13b505ba83f..683998d8f1f 100644 --- a/2019/9xxx/CVE-2019-9898.json +++ b/2019/9xxx/CVE-2019-9898.json @@ -81,6 +81,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190401-0002/", "url": "https://security.netapp.com/advisory/ntap-20190401-0002/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1113", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" } ] } diff --git a/2019/9xxx/CVE-2019-9946.json b/2019/9xxx/CVE-2019-9946.json index d6447b905de..fe137e5a6ce 100644 --- a/2019/9xxx/CVE-2019-9946.json +++ b/2019/9xxx/CVE-2019-9946.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-9946", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-9946", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272", + "url": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272" } ] }