diff --git a/2018/18xxx/CVE-2018-18678.json b/2018/18xxx/CVE-2018-18678.json index b5b4620fc47..79eed9c4af9 100644 --- a/2018/18xxx/CVE-2018-18678.json +++ b/2018/18xxx/CVE-2018-18678.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-18678", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"board group extra contents\" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0", + "url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0" + }, + { + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172", + "url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172" + }, + { + "refsource": "MISC", + "name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-d87f2c71fb4fe131465ba1ff0a5d573d", + "url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-d87f2c71fb4fe131465ba1ff0a5d573d" } ] } diff --git a/2019/10xxx/CVE-2019-10440.json b/2019/10xxx/CVE-2019-10440.json index d7caa645437..7dcdd7484be 100644 --- a/2019/10xxx/CVE-2019-10440.json +++ b/2019/10xxx/CVE-2019-10440.json @@ -56,6 +56,16 @@ "name": "https://jenkins.io/security/advisory/2019-10-16/#SECURITY-1427", "url": "https://jenkins.io/security/advisory/2019-10-16/#SECURITY-1427", "refsource": "CONFIRM" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20191016 Multiple vulnerabilities in Jenkins plugins", + "url": "http://www.openwall.com/lists/oss-security/2019/10/16/6" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-932/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-932/" } ] } diff --git a/2019/10xxx/CVE-2019-10443.json b/2019/10xxx/CVE-2019-10443.json index 48eee2bc299..e6fa186e3b6 100644 --- a/2019/10xxx/CVE-2019-10443.json +++ b/2019/10xxx/CVE-2019-10443.json @@ -61,6 +61,11 @@ "refsource": "MLIST", "name": "[oss-security] 20191016 Multiple vulnerabilities in Jenkins plugins", "url": "http://www.openwall.com/lists/oss-security/2019/10/16/6" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-933/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-933/" } ] } diff --git a/2019/18xxx/CVE-2019-18218.json b/2019/18xxx/CVE-2019-18218.json index 402ced1f1a9..66c0a1b8412 100644 --- a/2019/18xxx/CVE-2019-18218.json +++ b/2019/18xxx/CVE-2019-18218.json @@ -71,6 +71,11 @@ "refsource": "DEBIAN", "name": "DSA-4550", "url": "https://www.debian.org/security/2019/dsa-4550" + }, + { + "refsource": "UBUNTU", + "name": "USN-4172-1", + "url": "https://usn.ubuntu.com/4172-1/" } ] }