From d257569fe6e2f0ec212fd54c44b000920897b31c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 2 Oct 2019 17:00:58 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/16xxx/CVE-2017-16808.json | 5 ++ 2019/10xxx/CVE-2019-10891.json | 2 +- 2019/13xxx/CVE-2019-13658.json | 106 +++++++++++++++++++++++++++++++++ 2019/15xxx/CVE-2019-15943.json | 5 ++ 2019/16xxx/CVE-2019-16294.json | 5 ++ 2019/17xxx/CVE-2019-17064.json | 5 ++ 2019/8xxx/CVE-2019-8462.json | 63 +++++++++++++++++--- 2019/9xxx/CVE-2019-9511.json | 5 ++ 2019/9xxx/CVE-2019-9512.json | 5 ++ 2019/9xxx/CVE-2019-9513.json | 5 ++ 2019/9xxx/CVE-2019-9514.json | 5 ++ 2019/9xxx/CVE-2019-9515.json | 5 ++ 2019/9xxx/CVE-2019-9516.json | 5 ++ 2019/9xxx/CVE-2019-9517.json | 5 ++ 2019/9xxx/CVE-2019-9518.json | 5 ++ 15 files changed, 223 insertions(+), 8 deletions(-) create mode 100644 2019/13xxx/CVE-2019-13658.json diff --git a/2017/16xxx/CVE-2017-16808.json b/2017/16xxx/CVE-2017-16808.json index d69a532ed12..03b47c1acbc 100644 --- a/2017/16xxx/CVE-2017-16808.json +++ b/2017/16xxx/CVE-2017-16808.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "url": "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154710/Slackware-Security-Advisory-tcpdump-Updates.html", + "url": "http://packetstormsecurity.com/files/154710/Slackware-Security-Advisory-tcpdump-Updates.html" } ] } diff --git a/2019/10xxx/CVE-2019-10891.json b/2019/10xxx/CVE-2019-10891.json index f263d49a638..5f9c585cba2 100644 --- a/2019/10xxx/CVE-2019-10891.json +++ b/2019/10xxx/CVE-2019-10891.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing substring of an HTTP header that has \"SOAPAction: http://purenetworks.com/HNAP1/GetDeviceSettings/\" at the beginning." + "value": "An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header." } ] }, diff --git a/2019/13xxx/CVE-2019-13658.json b/2019/13xxx/CVE-2019-13658.json new file mode 100644 index 00000000000..0007f7bb77f --- /dev/null +++ b/2019/13xxx/CVE-2019-13658.json @@ -0,0 +1,106 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "vuln@ca.com", + "DATE_PUBLIC": "2019-10-01T04:00:00.000Z", + "ID": "CVE-2019-13658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CA Network Flow Analysis", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "9", + "version_value": "9.x" + } + ] + } + } + ] + }, + "vendor_name": "CA Technologies, a Broadcom Company" + }, + { + "product": { + "product_data": [ + { + "product_name": "CA Network Flow Analysis", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "10", + "version_value": "10.0.x" + } + ] + } + } + ] + }, + "vendor_name": "CA Technologies, a Broadcom Company" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security." + } + ] + }, + "generator": { + "engine": "Vulnogram 0.0.8" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/new-security-notice-ca-20190930-01-security-notice-for-ca-network-flow-analysis.html", + "name": "https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/new-security-notice-ca-20190930-01-security-notice-for-ca-network-flow-analysis.html" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15943.json b/2019/15xxx/CVE-2019-15943.json index 390f9d0d673..1a17fdba5a7 100644 --- a/2019/15xxx/CVE-2019-15943.json +++ b/2019/15xxx/CVE-2019-15943.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md", "url": "https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html", + "url": "http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.html" } ] } diff --git a/2019/16xxx/CVE-2019-16294.json b/2019/16xxx/CVE-2019-16294.json index a36f121b7e2..ae27c13b148 100644 --- a/2019/16xxx/CVE-2019-16294.json +++ b/2019/16xxx/CVE-2019-16294.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://github.com/bi7s/CVE/tree/master/CVE-2019-16294", "url": "https://github.com/bi7s/CVE/tree/master/CVE-2019-16294" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154706/Notepad-Code-Execution-Denial-Of-Service.html", + "url": "http://packetstormsecurity.com/files/154706/Notepad-Code-Execution-Denial-Of-Service.html" } ] } diff --git a/2019/17xxx/CVE-2019-17064.json b/2019/17xxx/CVE-2019-17064.json index 4089b3c9ecd..3225a736d40 100644 --- a/2019/17xxx/CVE-2019-17064.json +++ b/2019/17xxx/CVE-2019-17064.json @@ -56,6 +56,11 @@ "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890", "refsource": "MISC", "name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154713/Xpdf-4.02-NULL-Pointer-Dereference.html", + "url": "http://packetstormsecurity.com/files/154713/Xpdf-4.02-NULL-Pointer-Dereference.html" } ] } diff --git a/2019/8xxx/CVE-2019-8462.json b/2019/8xxx/CVE-2019-8462.json index c3dfff2f715..02a0b94ee3d 100644 --- a/2019/8xxx/CVE-2019-8462.json +++ b/2019/8xxx/CVE-2019-8462.json @@ -1,17 +1,66 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8462", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8462", + "ASSIGNER": "cve@checkpoint.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Check Point Security Gateway", + "version": { + "version_data": [ + { + "version_value": "R80.30" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-755" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk161812", + "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk161812" + }, + { + "refsource": "MISC", + "name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153152", + "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153152" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging." } ] } diff --git a/2019/9xxx/CVE-2019-9511.json b/2019/9xxx/CVE-2019-9511.json index fa0d00757b4..f2404350eaf 100644 --- a/2019/9xxx/CVE-2019-9511.json +++ b/2019/9xxx/CVE-2019-9511.json @@ -233,6 +233,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2234", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9512.json b/2019/9xxx/CVE-2019-9512.json index dfe26c7fb03..26b1aed317e 100644 --- a/2019/9xxx/CVE-2019-9512.json +++ b/2019/9xxx/CVE-2019-9512.json @@ -283,6 +283,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2939", "url": "https://access.redhat.com/errata/RHSA-2019:2939" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9513.json b/2019/9xxx/CVE-2019-9513.json index 51d36a4832c..ace5181494e 100644 --- a/2019/9xxx/CVE-2019-9513.json +++ b/2019/9xxx/CVE-2019-9513.json @@ -233,6 +233,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2234", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9514.json b/2019/9xxx/CVE-2019-9514.json index 0e9f6802825..c03002fbdd6 100644 --- a/2019/9xxx/CVE-2019-9514.json +++ b/2019/9xxx/CVE-2019-9514.json @@ -283,6 +283,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2939", "url": "https://access.redhat.com/errata/RHSA-2019:2939" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9515.json b/2019/9xxx/CVE-2019-9515.json index 3e8122b9fe4..40ea75f6a2e 100644 --- a/2019/9xxx/CVE-2019-9515.json +++ b/2019/9xxx/CVE-2019-9515.json @@ -198,6 +198,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2939", "url": "https://access.redhat.com/errata/RHSA-2019:2939" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9516.json b/2019/9xxx/CVE-2019-9516.json index 70548ffc5e8..64e198fd378 100644 --- a/2019/9xxx/CVE-2019-9516.json +++ b/2019/9xxx/CVE-2019-9516.json @@ -223,6 +223,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2950", "url": "https://access.redhat.com/errata/RHSA-2019:2950" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9517.json b/2019/9xxx/CVE-2019-9517.json index bc096bb40a1..b92dc521b41 100644 --- a/2019/9xxx/CVE-2019-9517.json +++ b/2019/9xxx/CVE-2019-9517.json @@ -228,6 +228,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2949", "url": "https://access.redhat.com/errata/RHSA-2019:2949" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] }, diff --git a/2019/9xxx/CVE-2019-9518.json b/2019/9xxx/CVE-2019-9518.json index 423116a5371..95ee8716aed 100644 --- a/2019/9xxx/CVE-2019-9518.json +++ b/2019/9xxx/CVE-2019-9518.json @@ -173,6 +173,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2939", "url": "https://access.redhat.com/errata/RHSA-2019:2939" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:2955", + "url": "https://access.redhat.com/errata/RHSA-2019:2955" } ] },