diff --git a/2018/20xxx/CVE-2018-20836.json b/2018/20xxx/CVE-2018-20836.json index 4685bb62cdd..d1c129f9f7d 100644 --- a/2018/20xxx/CVE-2018-20836.json +++ b/2018/20xxx/CVE-2018-20836.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-20836", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-20836", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/b90cd6f2b905905fb42671009dc0e27c310a16ae", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/b90cd6f2b905905fb42671009dc0e27c310a16ae" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b90cd6f2b905905fb42671009dc0e27c310a16ae", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b90cd6f2b905905fb42671009dc0e27c310a16ae" } ] } diff --git a/2019/11xxx/CVE-2019-11766.json b/2019/11xxx/CVE-2019-11766.json index 445689a9743..feda6b367d2 100644 --- a/2019/11xxx/CVE-2019-11766.json +++ b/2019/11xxx/CVE-2019-11766.json @@ -71,6 +71,11 @@ "url": "https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=896ef4a54b0578985e5e1360b141593f1d62837b", "refsource": "MISC", "name": "https://roy.marples.name/cgit/dhcpcd.git/commit/?h=dhcpcd-7&id=896ef4a54b0578985e5e1360b141593f1d62837b" + }, + { + "refsource": "BID", + "name": "108172", + "url": "http://www.securityfocus.com/bid/108172" } ] } diff --git a/2019/11xxx/CVE-2019-11810.json b/2019/11xxx/CVE-2019-11810.json index e2a8e94a854..3e9ce67c7d1 100644 --- a/2019/11xxx/CVE-2019-11810.json +++ b/2019/11xxx/CVE-2019-11810.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11810", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11810", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/bcf3b67d16a4c8ffae0aa79de5853435e683945c", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/bcf3b67d16a4c8ffae0aa79de5853435e683945c" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bcf3b67d16a4c8ffae0aa79de5853435e683945c", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bcf3b67d16a4c8ffae0aa79de5853435e683945c" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.7", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.7" } ] } diff --git a/2019/11xxx/CVE-2019-11811.json b/2019/11xxx/CVE-2019-11811.json new file mode 100644 index 00000000000..8d8cf80f581 --- /dev/null +++ b/2019/11xxx/CVE-2019-11811.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-11811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4" + }, + { + "url": "https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4" + }, + { + "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4", + "refsource": "MISC", + "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1696.json b/2019/1xxx/CVE-2019-1696.json index 0f37a670625..650c4e224d1 100644 --- a/2019/1xxx/CVE-2019-1696.json +++ b/2019/1xxx/CVE-2019-1696.json @@ -72,6 +72,11 @@ "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort" + }, + { + "refsource": "BID", + "name": "108171", + "url": "http://www.securityfocus.com/bid/108171" } ] }, diff --git a/2019/1xxx/CVE-2019-1704.json b/2019/1xxx/CVE-2019-1704.json index e6e187b599e..49aa2cb11fc 100644 --- a/2019/1xxx/CVE-2019-1704.json +++ b/2019/1xxx/CVE-2019-1704.json @@ -72,6 +72,11 @@ "name": "20190501 Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort" + }, + { + "refsource": "BID", + "name": "108171", + "url": "http://www.securityfocus.com/bid/108171" } ] }, diff --git a/2019/1xxx/CVE-2019-1838.json b/2019/1xxx/CVE-2019-1838.json index d7d772becac..2bd5089e08e 100644 --- a/2019/1xxx/CVE-2019-1838.json +++ b/2019/1xxx/CVE-2019-1838.json @@ -72,6 +72,11 @@ "name": "20190501 Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-apic-xss" + }, + { + "refsource": "BID", + "name": "108169", + "url": "http://www.securityfocus.com/bid/108169" } ] }, diff --git a/2019/9xxx/CVE-2019-9709.json b/2019/9xxx/CVE-2019-9709.json index 64b42bda1d3..67dc6f7e071 100644 --- a/2019/9xxx/CVE-2019-9709.json +++ b/2019/9xxx/CVE-2019-9709.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9709", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. The collection title is vulnerable to Cross Site Scripting (XSS) due to not escaping it when viewing the collection's SmartEvidence overview page (if that feature is turned on). This can be exploited by any logged-in user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://bugs.launchpad.net/bugs/1819547", + "url": "https://bugs.launchpad.net/bugs/1819547" + }, + { + "refsource": "CONFIRM", + "name": "https://mahara.org/interaction/forum/topic.php?id=8446", + "url": "https://mahara.org/interaction/forum/topic.php?id=8446" } ] }