diff --git a/2019/13xxx/CVE-2019-13181.json b/2019/13xxx/CVE-2019-13181.json new file mode 100644 index 00000000000..2af955a181e --- /dev/null +++ b/2019/13xxx/CVE-2019-13181.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A CSV injection vulnerability exists in the web UI of SolarWinds Serv-U FTP Server v15.1.7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "name": "20191213 CSV injection vulnerability in SolarWinds Serv-U FTP Server", + "url": "http://seclists.org/fulldisclosure/2019/Dec/33" + }, + { + "refsource": "MISC", + "name": "https://www.themissinglink.com.au/security-advisories-cve-2019-13181", + "url": "https://www.themissinglink.com.au/security-advisories-cve-2019-13181" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html", + "url": "http://packetstormsecurity.com/files/155673/Serv-U-FTP-Server-15.1.7-CSV-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13182.json b/2019/13xxx/CVE-2019-13182.json new file mode 100644 index 00000000000..633c7e6a4f0 --- /dev/null +++ b/2019/13xxx/CVE-2019-13182.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "name": "20191213 Stored Cross-Site Scripting in Serv-U FTP Server", + "url": "http://seclists.org/fulldisclosure/2019/Dec/32" + }, + { + "refsource": "MISC", + "name": "https://www.themissinglink.com.au/security-advisories-cve-2019-13182", + "url": "https://www.themissinglink.com.au/security-advisories-cve-2019-13182" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155672/Serv-U-FTP-Server-15.1.7-Persistent-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/155672/Serv-U-FTP-Server-15.1.7-Persistent-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16778.json b/2019/16xxx/CVE-2019-16778.json index d187956c13b..79c8ece6018 100644 --- a/2019/16xxx/CVE-2019-16778.json +++ b/2019/16xxx/CVE-2019-16778.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory.\n\nThis is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0." + "value": "In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0." } ] }, @@ -92,4 +92,4 @@ "advisory": "GHSA-844w-j86r-4x2j", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19817.json b/2019/19xxx/CVE-2019-19817.json new file mode 100644 index 00000000000..92679abb759 --- /dev/null +++ b/2019/19xxx/CVE-2019-19817.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19817", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19818.json b/2019/19xxx/CVE-2019-19818.json new file mode 100644 index 00000000000..d2aeae2849a --- /dev/null +++ b/2019/19xxx/CVE-2019-19818.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-19818", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0xa08a Out-of-Bounds Read via crafted Unicode content." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://nafiez.github.io/security/vulnerability/remote/2019/12/12/multiple-nitro-pdf-vulnerability.html", + "refsource": "MISC", + "name": "https://nafiez.github.io/security/vulnerability/remote/2019/12/12/multiple-nitro-pdf-vulnerability.html" + }, + { + "url": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-12-12-multiple-nitro-pdf-vulnerability.md", + "refsource": "MISC", + "name": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-12-12-multiple-nitro-pdf-vulnerability.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19819.json b/2019/19xxx/CVE-2019-19819.json new file mode 100644 index 00000000000..058d88bafa6 --- /dev/null +++ b/2019/19xxx/CVE-2019-19819.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19819", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19820.json b/2019/19xxx/CVE-2019-19820.json new file mode 100644 index 00000000000..36ec334dbee --- /dev/null +++ b/2019/19xxx/CVE-2019-19820.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19820", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19821.json b/2019/19xxx/CVE-2019-19821.json new file mode 100644 index 00000000000..5d33df7c3f8 --- /dev/null +++ b/2019/19xxx/CVE-2019-19821.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19821", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file