diff --git a/2011/1xxx/CVE-2011-1488.json b/2011/1xxx/CVE-2011-1488.json index 1aa29b28b3f..93534c72eb0 100644 --- a/2011/1xxx/CVE-2011-1488.json +++ b/2011/1xxx/CVE-2011-1488.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a", + "url": "https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a" } ] } diff --git a/2011/1xxx/CVE-2011-1489.json b/2011/1xxx/CVE-2011-1489.json index eba32d81cd9..1bd1bc0928f 100644 --- a/2011/1xxx/CVE-2011-1489.json +++ b/2011/1xxx/CVE-2011-1489.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a", + "url": "https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a" } ] } diff --git a/2011/1xxx/CVE-2011-1588.json b/2011/1xxx/CVE-2011-1588.json index 012f74e8241..bbddb8595ad 100644 --- a/2011/1xxx/CVE-2011-1588.json +++ b/2011/1xxx/CVE-2011-1588.json @@ -16,7 +16,7 @@ "version": { "version_data": [ { - "version_value": "1.2 through 1.2.1" + "version_value": "before 1.3.1" } ] } @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Thunar 1.2 through 1.2.1 could crash when copy and pasting a file name with % format characters due to a format string error." + "value": "Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error." } ] }, @@ -71,6 +71,16 @@ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00008.html", "refsource": "MISC", "name": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00008.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/xfce-mirror/thunar/commit/03dd312e157d4fa8a11d5fa402706ae5b05806fa", + "url": "https://github.com/xfce-mirror/thunar/commit/03dd312e157d4fa8a11d5fa402706ae5b05806fa" + }, + { + "refsource": "MISC", + "name": "https://github.com/xfce-mirror/thunar/blob/master/NEWS#L774", + "url": "https://github.com/xfce-mirror/thunar/blob/master/NEWS#L774" } ] } diff --git a/2011/2xxx/CVE-2011-2922.json b/2011/2xxx/CVE-2011-2922.json index 937280e0348..ce880ad4e18 100644 --- a/2011/2xxx/CVE-2011-2922.json +++ b/2011/2xxx/CVE-2011-2922.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2922", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ktsuss", + "product": { + "product_data": [ + { + "product_name": "ktsuss", + "version": { + "version_data": [ + { + "version_value": "1.4 and prior" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,58 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the \"GTK_MODULES\" environment variable to possibly execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "UNKNOWN_TYPE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2011-2922", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2011-2922" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2011-2922", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2011-2922" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2011-2922", + "url": "https://packetstormsecurity.com/files/cve/CVE-2011-2922" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/49151", + "url": "https://www.securityfocus.com/bid/49151" + }, + { + "refsource": "MISC", + "name": "https://lwn.net/Articles/477678/", + "url": "https://lwn.net/Articles/477678/" + }, + { + "refsource": "MISC", + "name": "https://snyk.io/vuln/SNYK-LINUX-KTSUSS-174466", + "url": "https://snyk.io/vuln/SNYK-LINUX-KTSUSS-174466" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/109154/Gentoo-Linux-Security-Advisory-201201-15.html", + "url": "https://packetstormsecurity.com/files/109154/Gentoo-Linux-Security-Advisory-201201-15.html" } ] } diff --git a/2018/12xxx/CVE-2018-12207.json b/2018/12xxx/CVE-2018-12207.json index 476e4ee7548..d16b8257ba4 100644 --- a/2018/12xxx/CVE-2018-12207.json +++ b/2018/12xxx/CVE-2018-12207.json @@ -53,6 +53,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-376ec5c107", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5WWPW4BSZDDW7VHU427XTVXV7ROOFFW/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3916", + "url": "https://access.redhat.com/errata/RHSA-2019:3916" } ] }, diff --git a/2019/11xxx/CVE-2019-11289.json b/2019/11xxx/CVE-2019-11289.json index 4b7f9907cce..5fd0b6705b0 100644 --- a/2019/11xxx/CVE-2019-11289.json +++ b/2019/11xxx/CVE-2019-11289.json @@ -41,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash." + "value": "Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthorized malicious user could forge a route service request using an invalid nonce that will cause the Gorouter to crash." } ] }, diff --git a/2019/14xxx/CVE-2019-14287.json b/2019/14xxx/CVE-2019-14287.json index e858fcecbcc..3ee1de5426e 100644 --- a/2019/14xxx/CVE-2019-14287.json +++ b/2019/14xxx/CVE-2019-14287.json @@ -196,6 +196,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3895", "url": "https://access.redhat.com/errata/RHSA-2019:3895" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:3916", + "url": "https://access.redhat.com/errata/RHSA-2019:3916" } ] } diff --git a/2019/2xxx/CVE-2019-2201.json b/2019/2xxx/CVE-2019-2201.json index 3db8d5c27b8..058a9bc31c5 100644 --- a/2019/2xxx/CVE-2019-2201.json +++ b/2019/2xxx/CVE-2019-2201.json @@ -58,6 +58,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-eee0d6c6f8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:2529", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html" } ] },