diff --git a/2016/10xxx/CVE-2016-10750.json b/2016/10xxx/CVE-2016-10750.json index 1ffae942278..ec5cff1b9bd 100644 --- a/2016/10xxx/CVE-2016-10750.json +++ b/2016/10xxx/CVE-2016-10750.json @@ -61,6 +61,11 @@ "url": "https://github.com/hazelcast/hazelcast/pull/12230", "refsource": "MISC", "name": "https://github.com/hazelcast/hazelcast/pull/12230" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] } diff --git a/2016/10xxx/CVE-2016-10864.json b/2016/10xxx/CVE-2016-10864.json new file mode 100644 index 00000000000..c782f9febff --- /dev/null +++ b/2016/10xxx/CVE-2016-10864.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10864", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/", + "refsource": "MISC", + "name": "https://www.pentestpartners.com/security-blog/netgear-ex7000-wi-fi-range-extender-minor-xss-and-poor-password-handling/" + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10899.json b/2018/10xxx/CVE-2018-10899.json index 7e4fa440a6e..e7f85d46d8d 100644 --- a/2018/10xxx/CVE-2018-10899.json +++ b/2018/10xxx/CVE-2018-10899.json @@ -53,6 +53,11 @@ "url": "https://jolokia.org/changes-report.html#a1.6.1", "name": "https://jolokia.org/changes-report.html#a1.6.1", "refsource": "CONFIRM" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] }, diff --git a/2018/15xxx/CVE-2018-15758.json b/2018/15xxx/CVE-2018-15758.json index eb6abc3a4c3..9c3768af4ff 100644 --- a/2018/15xxx/CVE-2018-15758.json +++ b/2018/15xxx/CVE-2018-15758.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security_alert@emc.com", + "ASSIGNER": "secure@dell.com", "DATE_PUBLIC": "2018-10-16T07:00:00.000Z", "ID": "CVE-2018-15758", "STATE": "PUBLIC", @@ -96,6 +96,11 @@ "name": "105687", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105687" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] }, diff --git a/2018/19xxx/CVE-2018-19855.json b/2018/19xxx/CVE-2018-19855.json index 40db2bd2b2b..4e95dafb60a 100644 --- a/2018/19xxx/CVE-2018-19855.json +++ b/2018/19xxx/CVE-2018-19855.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19855", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.uipath.com/product/release-notes", + "refsource": "MISC", + "name": "https://www.uipath.com/product/release-notes" + }, + { + "refsource": "MISC", + "name": "https://www2.deloitte.com/de/de/pages/risk/articles/uipath-orchestrator-csv-injection.html", + "url": "https://www2.deloitte.com/de/de/pages/risk/articles/uipath-orchestrator-csv-injection.html" } ] } diff --git a/2018/1xxx/CVE-2018-1258.json b/2018/1xxx/CVE-2018-1258.json index 893fc12997a..f3a282fc06a 100644 --- a/2018/1xxx/CVE-2018-1258.json +++ b/2018/1xxx/CVE-2018-1258.json @@ -103,6 +103,11 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] } diff --git a/2018/1xxx/CVE-2018-1320.json b/2018/1xxx/CVE-2018-1320.json index 00e02e9011e..72eeeb7527f 100644 --- a/2018/1xxx/CVE-2018-1320.json +++ b/2018/1xxx/CVE-2018-1320.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[oss-security] 20190724 [CVE-2018-1320] Apache Storm vulnerable Thrift version", "url": "http://www.openwall.com/lists/oss-security/2019/07/24/3" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] } diff --git a/2018/8xxx/CVE-2018-8088.json b/2018/8xxx/CVE-2018-8088.json index 69ac77a4ac0..bef90f06219 100644 --- a/2018/8xxx/CVE-2018-8088.json +++ b/2018/8xxx/CVE-2018-8088.json @@ -206,6 +206,11 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] } diff --git a/2019/0xxx/CVE-2019-0192.json b/2019/0xxx/CVE-2019-0192.json index 5f501e49608..a2ea092c5f0 100644 --- a/2019/0xxx/CVE-2019-0192.json +++ b/2019/0xxx/CVE-2019-0192.json @@ -97,6 +97,11 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] } diff --git a/2019/13xxx/CVE-2019-13101.json b/2019/13xxx/CVE-2019-13101.json new file mode 100644 index 00000000000..43e993e9e48 --- /dev/null +++ b/2019/13xxx/CVE-2019-13101.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf", + "url": "https://www.ftc.gov/system/files/documents/cases/dlink_proposed_order_and_judgment_7-2-19.pdf" + }, + { + "refsource": "MISC", + "name": "https://us.dlink.com/en/security-advisory", + "url": "https://us.dlink.com/en/security-advisory" + }, + { + "refsource": "MISC", + "name": "https://github.com/d0x0/D-Link-DIR-600M/blob/master/CVE-2019-13101", + "url": "https://github.com/d0x0/D-Link-DIR-600M/blob/master/CVE-2019-13101" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14221.json b/2019/14xxx/CVE-2019-14221.json new file mode 100644 index 00000000000..41ae5323e06 --- /dev/null +++ b/2019/14xxx/CVE-2019-14221.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishandled during a Run Report operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/cccaaasser/1CRM-CVE/blob/master/CVE-2019-14221.md", + "url": "https://github.com/cccaaasser/1CRM-CVE/blob/master/CVE-2019-14221.md" + }, + { + "refsource": "EXPLOIT-DB", + "name": "Exploit Database", + "url": "https://www.exploit-db.com/exploits/47206" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14255.json b/2019/14xxx/CVE-2019-14255.json new file mode 100644 index 00000000000..080feaf39dd --- /dev/null +++ b/2019/14xxx/CVE-2019-14255.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/cactus/go-camo/security/advisories/GHSA-xrmp-4542-q746", + "url": "https://github.com/cactus/go-camo/security/advisories/GHSA-xrmp-4542-q746" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14744.json b/2019/14xxx/CVE-2019-14744.json index f53b920f465..e5e19b09dcb 100644 --- a/2019/14xxx/CVE-2019-14744.json +++ b/2019/14xxx/CVE-2019-14744.json @@ -61,6 +61,11 @@ "url": "https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/", "refsource": "MISC", "name": "https://www.zdnet.com/article/unpatched-kde-vulnerability-disclosed-on-twitter/" + }, + { + "refsource": "BUGTRAQ", + "name": "20190808 [slackware-security] kdelibs (SSA:2019-220-01)", + "url": "https://seclists.org/bugtraq/2019/Aug/9" } ] } diff --git a/2019/14xxx/CVE-2019-14754.json b/2019/14xxx/CVE-2019-14754.json new file mode 100644 index 00000000000..e6749c74163 --- /dev/null +++ b/2019/14xxx/CVE-2019-14754.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open-School 3.0, and Community Edition 2.3, allows SQL Injection via the index.php?r=students/students/document id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://open-school.org", + "refsource": "MISC", + "name": "https://open-school.org" + }, + { + "refsource": "MISC", + "name": "https://pastebin.com/xuZN5rJR", + "url": "https://pastebin.com/xuZN5rJR" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14772.json b/2019/14xxx/CVE-2019-14772.json new file mode 100644 index 00000000000..21dc17a7a3e --- /dev/null +++ b/2019/14xxx/CVE-2019-14772.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "verdaccio before 3.12.0 allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/verdaccio/verdaccio/security/advisories/GHSA-78j5-gcmf-vqc8", + "refsource": "MISC", + "name": "https://github.com/verdaccio/verdaccio/security/advisories/GHSA-78j5-gcmf-vqc8" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3805.json b/2019/3xxx/CVE-2019-3805.json index 0baf13b2180..5596a5f7785 100644 --- a/2019/3xxx/CVE-2019-3805.json +++ b/2019/3xxx/CVE-2019-3805.json @@ -73,6 +73,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190517-0004/", "url": "https://security.netapp.com/advisory/ntap-20190517-0004/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2413", + "url": "https://access.redhat.com/errata/RHSA-2019:2413" } ] },