diff --git a/2018/10xxx/CVE-2018-10853.json b/2018/10xxx/CVE-2018-10853.json index 79000ce28a2..bdc40411fcb 100644 --- a/2018/10xxx/CVE-2018-10853.json +++ b/2018/10xxx/CVE-2018-10853.json @@ -131,6 +131,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0103", "url": "https://access.redhat.com/errata/RHSA-2020:0103" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0179", + "url": "https://access.redhat.com/errata/RHSA-2020:0179" } ] } diff --git a/2018/18xxx/CVE-2018-18281.json b/2018/18xxx/CVE-2018-18281.json index 372ad8273c3..65e05374f1c 100644 --- a/2018/18xxx/CVE-2018-18281.json +++ b/2018/18xxx/CVE-2018-18281.json @@ -181,6 +181,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0103", "url": "https://access.redhat.com/errata/RHSA-2020:0103" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0179", + "url": "https://access.redhat.com/errata/RHSA-2020:0179" } ] } diff --git a/2018/18xxx/CVE-2018-18559.json b/2018/18xxx/CVE-2018-18559.json index 96d54612e39..90f6f7b2867 100644 --- a/2018/18xxx/CVE-2018-18559.json +++ b/2018/18xxx/CVE-2018-18559.json @@ -91,6 +91,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:4159", "url": "https://access.redhat.com/errata/RHSA-2019:4159" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2018/20xxx/CVE-2018-20976.json b/2018/20xxx/CVE-2018-20976.json index 91d29ae32ca..dc6712850c4 100644 --- a/2018/20xxx/CVE-2018-20976.json +++ b/2018/20xxx/CVE-2018-20976.json @@ -106,6 +106,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0178", + "url": "https://access.redhat.com/errata/RHSA-2020:0178" } ] } diff --git a/2018/3xxx/CVE-2018-3693.json b/2018/3xxx/CVE-2018-3693.json index 2fa762e03f8..c38b198ea55 100644 --- a/2018/3xxx/CVE-2018-3693.json +++ b/2018/3xxx/CVE-2018-3693.json @@ -91,6 +91,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1946", "url": "https://access.redhat.com/errata/RHSA-2019:1946" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2019/10xxx/CVE-2019-10126.json b/2019/10xxx/CVE-2019-10126.json index 4ed2ce5c449..f667ccc024f 100644 --- a/2019/10xxx/CVE-2019-10126.json +++ b/2019/10xxx/CVE-2019-10126.json @@ -168,6 +168,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3517", "url": "https://access.redhat.com/errata/RHSA-2019:3517" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] }, diff --git a/2019/10xxx/CVE-2019-10940.json b/2019/10xxx/CVE-2019-10940.json index 8e68401d2fd..a3a3fcb6e12 100644 --- a/2019/10xxx/CVE-2019-10940.json +++ b/2019/10xxx/CVE-2019-10940.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-880233.pdf", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-880233.pdf" + }, { "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-880233.pdf", diff --git a/2019/11xxx/CVE-2019-11244.json b/2019/11xxx/CVE-2019-11244.json index e242634de41..ee426f62fc2 100644 --- a/2019/11xxx/CVE-2019-11244.json +++ b/2019/11xxx/CVE-2019-11244.json @@ -134,6 +134,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0020", "url": "https://access.redhat.com/errata/RHSA-2020:0020" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0074", + "url": "https://access.redhat.com/errata/RHSA-2020:0074" } ] }, diff --git a/2019/11xxx/CVE-2019-11487.json b/2019/11xxx/CVE-2019-11487.json index f5d3fd8a9c6..68116f449ab 100644 --- a/2019/11xxx/CVE-2019-11487.json +++ b/2019/11xxx/CVE-2019-11487.json @@ -191,6 +191,11 @@ "refsource": "UBUNTU", "name": "USN-4145-1", "url": "https://usn.ubuntu.com/4145-1/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2019/11xxx/CVE-2019-11599.json b/2019/11xxx/CVE-2019-11599.json index 8adb657665a..e340f9cfe7f 100644 --- a/2019/11xxx/CVE-2019-11599.json +++ b/2019/11xxx/CVE-2019-11599.json @@ -226,6 +226,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0103", "url": "https://access.redhat.com/errata/RHSA-2020:0103" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0179", + "url": "https://access.redhat.com/errata/RHSA-2020:0179" } ] } diff --git a/2019/13xxx/CVE-2019-13933.json b/2019/13xxx/CVE-2019-13933.json index 1e759f15a41..efe0452797c 100644 --- a/2019/13xxx/CVE-2019-13933.json +++ b/2019/13xxx/CVE-2019-13933.json @@ -62,10 +62,15 @@ }, "references": { "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-443566.pdf", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-443566.pdf" + }, { "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-443566.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-443566.pdf" + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-014-03", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-014-03" } ] } diff --git a/2019/14xxx/CVE-2019-14814.json b/2019/14xxx/CVE-2019-14814.json index 6b799537ddb..463694d1504 100644 --- a/2019/14xxx/CVE-2019-14814.json +++ b/2019/14xxx/CVE-2019-14814.json @@ -143,6 +143,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] }, diff --git a/2019/14xxx/CVE-2019-14815.json b/2019/14xxx/CVE-2019-14815.json index 111b9a27016..5df82204726 100644 --- a/2019/14xxx/CVE-2019-14815.json +++ b/2019/14xxx/CVE-2019-14815.json @@ -73,6 +73,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200103-0001/", "url": "https://security.netapp.com/advisory/ntap-20200103-0001/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] }, diff --git a/2019/14xxx/CVE-2019-14816.json b/2019/14xxx/CVE-2019-14816.json index 281eca329c5..a0b9a730917 100644 --- a/2019/14xxx/CVE-2019-14816.json +++ b/2019/14xxx/CVE-2019-14816.json @@ -143,6 +143,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] }, diff --git a/2019/14xxx/CVE-2019-14818.json b/2019/14xxx/CVE-2019-14818.json index 77a1b2ec441..8771ec65447 100644 --- a/2019/14xxx/CVE-2019-14818.json +++ b/2019/14xxx/CVE-2019-14818.json @@ -77,6 +77,11 @@ "refsource": "REDHAT", "name": "RHSA-2020:0165", "url": "https://access.redhat.com/errata/RHSA-2020:0165" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0168", + "url": "https://access.redhat.com/errata/RHSA-2020:0168" } ] }, diff --git a/2019/17xxx/CVE-2019-17133.json b/2019/17xxx/CVE-2019-17133.json index 2f5c4e4d3d9..2c521d7eb16 100644 --- a/2019/17xxx/CVE-2019-17133.json +++ b/2019/17xxx/CVE-2019-17133.json @@ -111,6 +111,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update", "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2019/17xxx/CVE-2019-17584.json b/2019/17xxx/CVE-2019-17584.json new file mode 100644 index 00000000000..0b3f0bd0e6a --- /dev/null +++ b/2019/17xxx/CVE-2019-17584.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17584", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which allow attackers to get root access to the devices. All firmware versions up to v5.34o, v5.34s, v5.32* or 5.34g are affected. The private key is also used in an internal interface of another Meinberg Device and can be extracted from a firmware update of this device. An update to fix the vulnerability was published by the vendor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-1904-syncbox-ptp-ptpv2.htm", + "url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-1904-syncbox-ptp-ptpv2.htm" + }, + { + "refsource": "MISC", + "name": "https://w1n73r.de/CVE/2019/17584/", + "url": "https://w1n73r.de/CVE/2019/17584/" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18660.json b/2019/18xxx/CVE-2019-18660.json index b3f3ef1550e..36a8b050244 100644 --- a/2019/18xxx/CVE-2019-18660.json +++ b/2019/18xxx/CVE-2019-18660.json @@ -131,6 +131,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2019/19xxx/CVE-2019-19278.json b/2019/19xxx/CVE-2019-19278.json index e2b98d7c963..940581eec62 100644 --- a/2019/19xxx/CVE-2019-19278.json +++ b/2019/19xxx/CVE-2019-19278.json @@ -62,10 +62,15 @@ }, "references": { "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-242353.pdf", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-242353.pdf" + }, { "refsource": "MISC", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-242353.pdf", - "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-242353.pdf" + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-014-04", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-014-04" } ] } diff --git a/2019/19xxx/CVE-2019-19681.json b/2019/19xxx/CVE-2019-19681.json index 58aa60b8694..74be40b5f5c 100644 --- a/2019/19xxx/CVE-2019-19681.json +++ b/2019/19xxx/CVE-2019-19681.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute commands as root/Administrator." + "value": "** DISPUTED ** Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who can modify the alert system, it is possible to define and execute commands as root/Administrator. NOTE: The product vendor states that the vulnerability as it is described is not in fact an actual vulnerability. They state that to be able to create alert commands, you need to have admin rights. They also state that the extended ACL system can disable access to specific sections of the configuration, such as defining new alert commands." } ] }, @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://medium.com/@k4m1ll0/remote-code-execution-vulnerability-in-pandorafms-7-x-8ce55d4b1d5a", "url": "https://medium.com/@k4m1ll0/remote-code-execution-vulnerability-in-pandorafms-7-x-8ce55d4b1d5a" + }, + { + "refsource": "MISC", + "name": "https://pandorafms.com/blog/pandora-fms-vulnerability/", + "url": "https://pandorafms.com/blog/pandora-fms-vulnerability/" } ] } diff --git a/2019/19xxx/CVE-2019-19740.json b/2019/19xxx/CVE-2019-19740.json index c97e5936144..a43bcc4d916 100644 --- a/2019/19xxx/CVE-2019-19740.json +++ b/2019/19xxx/CVE-2019-19740.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Octeth Oempro 4.7 allows SQL injection. The parameter CampaignID in Campaign.Get is vulnerable." + "value": "Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable." } ] }, diff --git a/2019/3xxx/CVE-2019-3846.json b/2019/3xxx/CVE-2019-3846.json index 5313f5665b3..23db1337982 100644 --- a/2019/3xxx/CVE-2019-3846.json +++ b/2019/3xxx/CVE-2019-3846.json @@ -178,6 +178,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html", "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] }, diff --git a/2019/8xxx/CVE-2019-8912.json b/2019/8xxx/CVE-2019-8912.json index b9f9ccddb63..edf65efdba5 100644 --- a/2019/8xxx/CVE-2019-8912.json +++ b/2019/8xxx/CVE-2019-8912.json @@ -86,6 +86,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1193", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0174", + "url": "https://access.redhat.com/errata/RHSA-2020:0174" } ] } diff --git a/2020/6xxx/CVE-2020-6638.json b/2020/6xxx/CVE-2020-6638.json index 42c5d2a4318..0911daf2159 100644 --- a/2020/6xxx/CVE-2020-6638.json +++ b/2020/6xxx/CVE-2020-6638.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6638", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6638", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Grin through 2.1.1 has Insufficient Validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/mimblewimble/grin/compare/v2.1.1...v3.0.0", + "refsource": "MISC", + "name": "https://github.com/mimblewimble/grin/compare/v2.1.1...v3.0.0" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-6638.md", + "url": "https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-6638.md" } ] } diff --git a/2020/6xxx/CVE-2020-6857.json b/2020/6xxx/CVE-2020-6857.json index b7eaf8e53de..64eb1264f28 100644 --- a/2020/6xxx/CVE-2020-6857.json +++ b/2020/6xxx/CVE-2020-6857.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/156015/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.html", "url": "http://packetstormsecurity.com/files/156015/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.html" + }, + { + "refsource": "FULLDISC", + "name": "20200121 Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857", + "url": "http://seclists.org/fulldisclosure/2020/Jan/29" } ] }