From 9953d7602f08fede912a095ac68baa252bc7fd5d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 18 Apr 2019 19:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/5xxx/CVE-2017-5695.json | 5 +++ 2018/12xxx/CVE-2018-12155.json | 5 +++ 2018/12xxx/CVE-2018-12173.json | 5 +++ 2018/18xxx/CVE-2018-18435.json | 2 +- 2018/20xxx/CVE-2018-20200.json | 63 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20482.json | 5 +++ 2018/6xxx/CVE-2018-6260.json | 5 +++ 2019/0xxx/CVE-2019-0121.json | 5 +++ 2019/11xxx/CVE-2019-11084.json | 56 ++++++++++++++++++++++++++---- 2019/5xxx/CVE-2019-5490.json | 5 +++ 2019/5xxx/CVE-2019-5665.json | 5 +++ 2019/5xxx/CVE-2019-5666.json | 5 +++ 2019/5xxx/CVE-2019-5667.json | 5 +++ 2019/5xxx/CVE-2019-5668.json | 5 +++ 2019/5xxx/CVE-2019-5669.json | 5 +++ 2019/5xxx/CVE-2019-5670.json | 5 +++ 2019/5xxx/CVE-2019-5671.json | 5 +++ 2019/5xxx/CVE-2019-5674.json | 5 +++ 2019/9xxx/CVE-2019-9628.json | 5 +++ 2019/9xxx/CVE-2019-9923.json | 5 +++ 20 files changed, 197 insertions(+), 9 deletions(-) diff --git a/2017/5xxx/CVE-2017-5695.json b/2017/5xxx/CVE-2017-5695.json index 5b9c0a16773..46161a2d0d7 100644 --- a/2017/5xxx/CVE-2017-5695.json +++ b/2017/5xxx/CVE-2017-5695.json @@ -57,6 +57,11 @@ "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079&languageid=en-fr", "refsource": "CONFIRM", "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00079&languageid=en-fr" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26626", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26626" } ] } diff --git a/2018/12xxx/CVE-2018-12155.json b/2018/12xxx/CVE-2018-12155.json index 75003cc4bfe..53d0eea9a6e 100644 --- a/2018/12xxx/CVE-2018-12155.json +++ b/2018/12xxx/CVE-2018-12155.json @@ -56,6 +56,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00202.html" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-25662", + "url": "http://support.lenovo.com/us/en/solutions/LEN-25662" } ] } diff --git a/2018/12xxx/CVE-2018-12173.json b/2018/12xxx/CVE-2018-12173.json index a7440547820..3b8f848260c 100644 --- a/2018/12xxx/CVE-2018-12173.json +++ b/2018/12xxx/CVE-2018-12173.json @@ -57,6 +57,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00179.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00179.html" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-24799", + "url": "http://support.lenovo.com/us/en/solutions/LEN-24799" } ] } diff --git a/2018/18xxx/CVE-2018-18435.json b/2018/18xxx/CVE-2018-18435.json index 8178277d76e..34a2e4d736b 100644 --- a/2018/18xxx/CVE-2018-18435.json +++ b/2018/18xxx/CVE-2018-18435.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "KioWare Server 4.9.6 allows local users to gain privileges by replacing \\kioware_com\\KWSS.exe with a Trojan horse program, because \\kioware_com has \"Everyone: (F)\" permissions." + "value": "KioWare Server version 4.9.6 and older installs by default to \"C:\\kioware_com\" with weak folder permissions granting any user full permission \"Everyone: (F)\" to the contents of the directory and it's sub-folders. In addition, the program installs a service called \"KWSService\" which runs as \"Localsystem\", this will allow any user to escalate privileges to \"NT AUTHORITY\\SYSTEM\" by substituting the service's binary with a malicious one." } ] }, diff --git a/2018/20xxx/CVE-2018-20200.json b/2018/20xxx/CVE-2018-20200.json index 053bea60762..4595ee22895 100644 --- a/2018/20xxx/CVE-2018-20200.json +++ b/2018/20xxx/CVE-2018-20200.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20200", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://square.github.io/okhttp/3.x/okhttp/", + "refsource": "MISC", + "name": "https://square.github.io/okhttp/3.x/okhttp/" + }, + { + "url": "https://github.com/square/okhttp/releases", + "refsource": "MISC", + "name": "https://github.com/square/okhttp/releases" + }, + { + "url": "https://github.com/square/okhttp/commits/master", + "refsource": "MISC", + "name": "https://github.com/square/okhttp/commits/master" + }, + { + "url": "https://cxsecurity.com/issue/WLB-2018120252", + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2018120252" } ] } diff --git a/2018/20xxx/CVE-2018-20482.json b/2018/20xxx/CVE-2018-20482.json index eb140038b93..0e31002c9b2 100644 --- a/2018/20xxx/CVE-2018-20482.json +++ b/2018/20xxx/CVE-2018-20482.json @@ -91,6 +91,11 @@ "name": "https://twitter.com/thatcks/status/1076166645708668928", "refsource": "MISC", "url": "https://twitter.com/thatcks/status/1076166645708668928" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1237", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html" } ] } diff --git a/2018/6xxx/CVE-2018-6260.json b/2018/6xxx/CVE-2018-6260.json index 4b15c6aaf1e..2bdda7548d7 100644 --- a/2018/6xxx/CVE-2018-6260.json +++ b/2018/6xxx/CVE-2018-6260.json @@ -66,6 +66,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4738", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4738" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/0xxx/CVE-2019-0121.json b/2019/0xxx/CVE-2019-0121.json index 4dcfbfccf2d..94831ca9c5b 100644 --- a/2019/0xxx/CVE-2019-0121.json +++ b/2019/0xxx/CVE-2019-0121.json @@ -57,6 +57,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26976", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26976" } ] } diff --git a/2019/11xxx/CVE-2019-11084.json b/2019/11xxx/CVE-2019-11084.json index f61d9fcd4f1..b5c1f2e069c 100644 --- a/2019/11xxx/CVE-2019-11084.json +++ b/2019/11xxx/CVE-2019-11084.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11084", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11084", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/gbraad/gauth/issues/110", + "url": "https://github.com/gbraad/gauth/issues/110" } ] } diff --git a/2019/5xxx/CVE-2019-5490.json b/2019/5xxx/CVE-2019-5490.json index 07dd25e289b..44d4a9b8dde 100644 --- a/2019/5xxx/CVE-2019-5490.json +++ b/2019/5xxx/CVE-2019-5490.json @@ -48,6 +48,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190305-0001/", "url": "https://security.netapp.com/advisory/ntap-20190305-0001/" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26771", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26771" } ] }, diff --git a/2019/5xxx/CVE-2019-5665.json b/2019/5xxx/CVE-2019-5665.json index 46dbf740df0..5fe4a34818a 100644 --- a/2019/5xxx/CVE-2019-5665.json +++ b/2019/5xxx/CVE-2019-5665.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5666.json b/2019/5xxx/CVE-2019-5666.json index 925b4a4d0c7..987b1d3615a 100644 --- a/2019/5xxx/CVE-2019-5666.json +++ b/2019/5xxx/CVE-2019-5666.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5667.json b/2019/5xxx/CVE-2019-5667.json index 9bd17ce12a6..23e4b05c3c7 100644 --- a/2019/5xxx/CVE-2019-5667.json +++ b/2019/5xxx/CVE-2019-5667.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5668.json b/2019/5xxx/CVE-2019-5668.json index 71956a3bfde..d2d21ef331b 100644 --- a/2019/5xxx/CVE-2019-5668.json +++ b/2019/5xxx/CVE-2019-5668.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5669.json b/2019/5xxx/CVE-2019-5669.json index 4a57ec3156d..e6fd24686cb 100644 --- a/2019/5xxx/CVE-2019-5669.json +++ b/2019/5xxx/CVE-2019-5669.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5670.json b/2019/5xxx/CVE-2019-5670.json index 54c37fb7047..6c942c390f5 100644 --- a/2019/5xxx/CVE-2019-5670.json +++ b/2019/5xxx/CVE-2019-5670.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5671.json b/2019/5xxx/CVE-2019-5671.json index f767728cc09..e1bddf2b037 100644 --- a/2019/5xxx/CVE-2019-5671.json +++ b/2019/5xxx/CVE-2019-5671.json @@ -57,6 +57,11 @@ "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772", "refsource": "CONFIRM", "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4772" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-26250", + "url": "http://support.lenovo.com/us/en/solutions/LEN-26250" } ] } diff --git a/2019/5xxx/CVE-2019-5674.json b/2019/5xxx/CVE-2019-5674.json index 043b29cacfe..2478687e0c7 100644 --- a/2019/5xxx/CVE-2019-5674.json +++ b/2019/5xxx/CVE-2019-5674.json @@ -53,6 +53,11 @@ "refsource": "BID", "name": "107621", "url": "http://www.securityfocus.com/bid/107621" + }, + { + "refsource": "CONFIRM", + "name": "http://support.lenovo.com/us/en/solutions/LEN-27096", + "url": "http://support.lenovo.com/us/en/solutions/LEN-27096" } ] }, diff --git a/2019/9xxx/CVE-2019-9628.json b/2019/9xxx/CVE-2019-9628.json index 26a1c87aa22..f7bd28c2314 100644 --- a/2019/9xxx/CVE-2019-9628.json +++ b/2019/9xxx/CVE-2019-9628.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://bugs.launchpad.net/ubuntu/+source/xmltooling/+bug/1819912", "url": "https://bugs.launchpad.net/ubuntu/+source/xmltooling/+bug/1819912" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1235", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00079.html" } ] } diff --git a/2019/9xxx/CVE-2019-9923.json b/2019/9xxx/CVE-2019-9923.json index a60006b8121..3c15d6ac460 100644 --- a/2019/9xxx/CVE-2019-9923.json +++ b/2019/9xxx/CVE-2019-9923.json @@ -66,6 +66,11 @@ "url": "http://savannah.gnu.org/bugs/?55369", "refsource": "MISC", "name": "http://savannah.gnu.org/bugs/?55369" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1237", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html" } ] }