diff --git a/2018/14xxx/CVE-2018-14867.json b/2018/14xxx/CVE-2018-14867.json index 3d05222402e..e2477504cde 100644 --- a/2018/14xxx/CVE-2018-14867.json +++ b/2018/14xxx/CVE-2018-14867.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14867", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/odoo/odoo/commits/master", + "refsource": "MISC", + "name": "https://github.com/odoo/odoo/commits/master" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/odoo/odoo/issues/32503", + "url": "https://github.com/odoo/odoo/issues/32503" } ] } diff --git a/2018/14xxx/CVE-2018-14868.json b/2018/14xxx/CVE-2018-14868.json index c4d86c99813..35fc907b1df 100644 --- a/2018/14xxx/CVE-2018-14868.json +++ b/2018/14xxx/CVE-2018-14868.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14868", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/odoo/odoo/commits/master", + "refsource": "MISC", + "name": "https://github.com/odoo/odoo/commits/master" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/odoo/odoo/issues/32507", + "url": "https://github.com/odoo/odoo/issues/32507" } ] } diff --git a/2018/14xxx/CVE-2018-14885.json b/2018/14xxx/CVE-2018-14885.json index 9a9ea55a0e3..0445ba30554 100644 --- a/2018/14xxx/CVE-2018-14885.json +++ b/2018/14xxx/CVE-2018-14885.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14885", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote attacker to restore a database dump without knowing the super-admin password. An arbitrary password succeeds." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/odoo/odoo/commits/master", + "refsource": "MISC", + "name": "https://github.com/odoo/odoo/commits/master" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/odoo/odoo/issues/32512", + "url": "https://github.com/odoo/odoo/issues/32512" } ] } diff --git a/2018/14xxx/CVE-2018-14886.json b/2018/14xxx/CVE-2018-14886.json index 0c7b4e42cc0..eccd4565b24 100644 --- a/2018/14xxx/CVE-2018-14886.json +++ b/2018/14xxx/CVE-2018-14886.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14886", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/odoo/odoo/commits/master", + "refsource": "MISC", + "name": "https://github.com/odoo/odoo/commits/master" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/odoo/odoo/issues/32513", + "url": "https://github.com/odoo/odoo/issues/32513" } ] } diff --git a/2018/14xxx/CVE-2018-14887.json b/2018/14xxx/CVE-2018-14887.json index cbd601378ef..09f7964469c 100644 --- a/2018/14xxx/CVE-2018-14887.json +++ b/2018/14xxx/CVE-2018-14887.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14887", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/odoo/odoo/commits/master", + "refsource": "MISC", + "name": "https://github.com/odoo/odoo/commits/master" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/odoo/odoo/issues/32511", + "url": "https://github.com/odoo/odoo/issues/32511" } ] } diff --git a/2018/14xxx/CVE-2018-14916.json b/2018/14xxx/CVE-2018-14916.json index 64ca45e89c5..0359f0f9148 100644 --- a/2018/14xxx/CVE-2018-14916.json +++ b/2018/14xxx/CVE-2018-14916.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14916", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "name": "20190409 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion)", + "url": "http://seclists.org/fulldisclosure/2019/Apr/12" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html", + "url": "http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html" + }, + { + "refsource": "FULLDISC", + "name": "20190407 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion)", + "url": "https://seclists.org/fulldisclosure/2019/Apr/12" } ] } diff --git a/2018/14xxx/CVE-2018-14918.json b/2018/14xxx/CVE-2018-14918.json index beb13320a42..ff5933570c9 100644 --- a/2018/14xxx/CVE-2018-14918.json +++ b/2018/14xxx/CVE-2018-14918.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14918", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "name": "20190409 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion)", + "url": "http://seclists.org/fulldisclosure/2019/Apr/12" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html", + "url": "http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html" + }, + { + "refsource": "FULLDISC", + "name": "20190407 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion)", + "url": "https://seclists.org/fulldisclosure/2019/Apr/12" } ] } diff --git a/2018/17xxx/CVE-2018-17170.json b/2018/17xxx/CVE-2018-17170.json index 4490a67dfff..3a35338e233 100644 --- a/2018/17xxx/CVE-2018-17170.json +++ b/2018/17xxx/CVE-2018-17170.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17170", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Grouptime Teamwire Desktop Client 1.5.1 prior to 1.9.0 on Windows allows code injection via a template, leading to remote code execution. All backend versions prior to prod-2018-11-13-15-00-42 are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/", + "url": "https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/" } ] } diff --git a/2018/17xxx/CVE-2018-17560.json b/2018/17xxx/CVE-2018-17560.json index 6c0c9d4ee7f..15515420ee1 100644 --- a/2018/17xxx/CVE-2018-17560.json +++ b/2018/17xxx/CVE-2018-17560.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17560", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The admin interface of the Grouptime Teamwire Client 1.5.1 prior to 1.9.0 on-premises messenger server allows stored XSS. All backend versions prior to prod-2018-11-13-15-00-42 are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/", + "url": "https://research.hisolutions.com/2019/06/web-vulnerabilities-are-coming-to-the-desktop-template-injections-lead-to-rce-in-teamwire/" } ] } diff --git a/2018/19xxx/CVE-2018-19210.json b/2018/19xxx/CVE-2018-19210.json index 931701c9be0..b724ec4cbde 100644 --- a/2018/19xxx/CVE-2018-19210.json +++ b/2018/19xxx/CVE-2018-19210.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1161", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00041.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-fa3e40f00a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TX5UEYHGMTNEHJB4FHE7HCJ75UQDNKGB/" } ] } diff --git a/2018/20xxx/CVE-2018-20807.json b/2018/20xxx/CVE-2018-20807.json new file mode 100644 index 00000000000..40787af9ebf --- /dev/null +++ b/2018/20xxx/CVE-2018-20807.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20807", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43730/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An XSS issue has been found in welcome.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 due to one of the URL parameters not being sanitized properly." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20808.json b/2018/20xxx/CVE-2018-20808.json new file mode 100644 index 00000000000..b189f84f77f --- /dev/null +++ b/2018/20xxx/CVE-2018-20808.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20808", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An XSS issue has been found with rd.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 due to improper header sanitization. This is not applicable to 8.1RX." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20809.json b/2018/20xxx/CVE-2018-20809.json new file mode 100644 index 00000000000..95a08163489 --- /dev/null +++ b/2018/20xxx/CVE-2018-20809.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20809", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A crafted message can cause the web server to crash with Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R5 and Pulse Policy Secure 5.4RX before 5.4R5. This is not applicable to PCS 8.1RX." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20810.json b/2018/20xxx/CVE-2018-20810.json new file mode 100644 index 00000000000..507d775d352 --- /dev/null +++ b/2018/20xxx/CVE-2018-20810.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20810", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session data between cluster nodes during cluster synchronization is not properly encrypted in Pulse Secure Pulse Connect Secure (PCS) 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX, PPS 5.2RX, or stand-alone devices." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20811.json b/2018/20xxx/CVE-2018-20811.json new file mode 100644 index 00000000000..78bd4c99988 --- /dev/null +++ b/2018/20xxx/CVE-2018-20811.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20811", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2 and 8.1RX before 8.1R12." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20812.json b/2018/20xxx/CVE-2018-20812.json new file mode 100644 index 00000000000..24ebac2d962 --- /dev/null +++ b/2018/20xxx/CVE-2018-20812.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20812", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information exposure issue where IPv6 DNS traffic would be sent outside of the VPN tunnel (when Traffic Enforcement was enabled) exists in Pulse Secure Pulse Secure Desktop 9.0R1 and below. This is applicable only to dual-stack (IPv4/IPv6) endpoints." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20813.json b/2018/20xxx/CVE-2018-20813.json new file mode 100644 index 00000000000..2df5d068ff3 --- /dev/null +++ b/2018/20xxx/CVE-2018-20813.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20813", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An input validation issue has been found with login_meeting.cgi in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20814.json b/2018/20xxx/CVE-2018-20814.json new file mode 100644 index 00000000000..afb18db90bc --- /dev/null +++ b/2018/20xxx/CVE-2018-20814.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20814", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43877/" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An XSS issue was found with Psaldownload.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.3R2 before 8.3R2 and Pulse Policy Secure (PPS) 5.4RX before 5.4R2. This is not applicable to PCS 8.1RX or PPS 5.2RX." + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12932.json b/2019/12xxx/CVE-2019-12932.json index c14fcd713f3..4a60e6c0de1 100644 --- a/2019/12xxx/CVE-2019-12932.json +++ b/2019/12xxx/CVE-2019-12932.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12932", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12932", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly escaping the search result in the autocomplete search form placed in the header of out/out.Viewfolder.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOG", + "url": "https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOG" } ] } diff --git a/2019/5xxx/CVE-2019-5787.json b/2019/5xxx/CVE-2019-5787.json index d59856912d8..f907f464687 100644 --- a/2019/5xxx/CVE-2019-5787.json +++ b/2019/5xxx/CVE-2019-5787.json @@ -53,6 +53,11 @@ "url": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5788.json b/2019/5xxx/CVE-2019-5788.json index 94e61f4dcd0..eefbd9359f0 100644 --- a/2019/5xxx/CVE-2019-5788.json +++ b/2019/5xxx/CVE-2019-5788.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/925864", "refsource": "MISC", "name": "https://crbug.com/925864" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5789.json b/2019/5xxx/CVE-2019-5789.json index 6c69ee0a3a9..955498aa1ea 100644 --- a/2019/5xxx/CVE-2019-5789.json +++ b/2019/5xxx/CVE-2019-5789.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/921581", "refsource": "MISC", "name": "https://crbug.com/921581" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5790.json b/2019/5xxx/CVE-2019-5790.json index ca0c3a30563..b587ba03256 100644 --- a/2019/5xxx/CVE-2019-5790.json +++ b/2019/5xxx/CVE-2019-5790.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/914736", "refsource": "MISC", "name": "https://crbug.com/914736" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5791.json b/2019/5xxx/CVE-2019-5791.json index c8bf302163b..47f66e976ca 100644 --- a/2019/5xxx/CVE-2019-5791.json +++ b/2019/5xxx/CVE-2019-5791.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/926651", "refsource": "MISC", "name": "https://crbug.com/926651" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5792.json b/2019/5xxx/CVE-2019-5792.json index 1e3adb836d1..6b388dff709 100644 --- a/2019/5xxx/CVE-2019-5792.json +++ b/2019/5xxx/CVE-2019-5792.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/914983", "refsource": "MISC", "name": "https://crbug.com/914983" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5793.json b/2019/5xxx/CVE-2019-5793.json index a08107e788c..0ebf5ed4416 100644 --- a/2019/5xxx/CVE-2019-5793.json +++ b/2019/5xxx/CVE-2019-5793.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/937487", "refsource": "MISC", "name": "https://crbug.com/937487" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5794.json b/2019/5xxx/CVE-2019-5794.json index 825d2d8a080..c7644a0cce3 100644 --- a/2019/5xxx/CVE-2019-5794.json +++ b/2019/5xxx/CVE-2019-5794.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/935175", "refsource": "MISC", "name": "https://crbug.com/935175" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5795.json b/2019/5xxx/CVE-2019-5795.json index a397f4ffadb..9f2f7f1d5e0 100644 --- a/2019/5xxx/CVE-2019-5795.json +++ b/2019/5xxx/CVE-2019-5795.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/919643", "refsource": "MISC", "name": "https://crbug.com/919643" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5796.json b/2019/5xxx/CVE-2019-5796.json index 355b844208e..0c6f482e081 100644 --- a/2019/5xxx/CVE-2019-5796.json +++ b/2019/5xxx/CVE-2019-5796.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/918861", "refsource": "MISC", "name": "https://crbug.com/918861" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5798.json b/2019/5xxx/CVE-2019-5798.json index 76ee889345f..844961c68b7 100644 --- a/2019/5xxx/CVE-2019-5798.json +++ b/2019/5xxx/CVE-2019-5798.json @@ -103,6 +103,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1664", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5799.json b/2019/5xxx/CVE-2019-5799.json index 8cde1a7a5b8..85e03106fbe 100644 --- a/2019/5xxx/CVE-2019-5799.json +++ b/2019/5xxx/CVE-2019-5799.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/905301", "refsource": "MISC", "name": "https://crbug.com/905301" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5800.json b/2019/5xxx/CVE-2019-5800.json index 8f6140f36a2..498e56ca65a 100644 --- a/2019/5xxx/CVE-2019-5800.json +++ b/2019/5xxx/CVE-2019-5800.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/894228", "refsource": "MISC", "name": "https://crbug.com/894228" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5801.json b/2019/5xxx/CVE-2019-5801.json index 18202fcb485..0049127b539 100644 --- a/2019/5xxx/CVE-2019-5801.json +++ b/2019/5xxx/CVE-2019-5801.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/921390", "refsource": "MISC", "name": "https://crbug.com/921390" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5802.json b/2019/5xxx/CVE-2019-5802.json index 0dd8f1096a3..8aee767a103 100644 --- a/2019/5xxx/CVE-2019-5802.json +++ b/2019/5xxx/CVE-2019-5802.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/632514", "refsource": "MISC", "name": "https://crbug.com/632514" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5803.json b/2019/5xxx/CVE-2019-5803.json index 01fe4f54110..46f98157b36 100644 --- a/2019/5xxx/CVE-2019-5803.json +++ b/2019/5xxx/CVE-2019-5803.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/909865", "refsource": "MISC", "name": "https://crbug.com/909865" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5804.json b/2019/5xxx/CVE-2019-5804.json index ac0b5980aae..bae6756bd00 100644 --- a/2019/5xxx/CVE-2019-5804.json +++ b/2019/5xxx/CVE-2019-5804.json @@ -53,6 +53,11 @@ "url": "https://crbug.com/933004", "refsource": "MISC", "name": "https://crbug.com/933004" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5805.json b/2019/5xxx/CVE-2019-5805.json index 76e575d8951..5cd05a3dabc 100644 --- a/2019/5xxx/CVE-2019-5805.json +++ b/2019/5xxx/CVE-2019-5805.json @@ -54,6 +54,11 @@ "url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5806.json b/2019/5xxx/CVE-2019-5806.json index 5e3c3df1a73..e1491649e8c 100644 --- a/2019/5xxx/CVE-2019-5806.json +++ b/2019/5xxx/CVE-2019-5806.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/943087", "refsource": "MISC", "name": "https://crbug.com/943087" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5807.json b/2019/5xxx/CVE-2019-5807.json index e78cf93d4dd..7ac9d5979c7 100644 --- a/2019/5xxx/CVE-2019-5807.json +++ b/2019/5xxx/CVE-2019-5807.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/945644", "refsource": "MISC", "name": "https://crbug.com/945644" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5808.json b/2019/5xxx/CVE-2019-5808.json index 12cbb5cfff3..382526784bf 100644 --- a/2019/5xxx/CVE-2019-5808.json +++ b/2019/5xxx/CVE-2019-5808.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/947029", "refsource": "MISC", "name": "https://crbug.com/947029" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5809.json b/2019/5xxx/CVE-2019-5809.json index 8068c95e575..6de8f220c95 100644 --- a/2019/5xxx/CVE-2019-5809.json +++ b/2019/5xxx/CVE-2019-5809.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/941008", "refsource": "MISC", "name": "https://crbug.com/941008" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5810.json b/2019/5xxx/CVE-2019-5810.json index 91aee4ce2e9..2bd59c283a0 100644 --- a/2019/5xxx/CVE-2019-5810.json +++ b/2019/5xxx/CVE-2019-5810.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/916838", "refsource": "MISC", "name": "https://crbug.com/916838" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5811.json b/2019/5xxx/CVE-2019-5811.json index 208498944aa..939c201f56a 100644 --- a/2019/5xxx/CVE-2019-5811.json +++ b/2019/5xxx/CVE-2019-5811.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/771815", "refsource": "MISC", "name": "https://crbug.com/771815" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5812.json b/2019/5xxx/CVE-2019-5812.json index ebec77c1323..23ffe3ade29 100644 --- a/2019/5xxx/CVE-2019-5812.json +++ b/2019/5xxx/CVE-2019-5812.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/925598", "refsource": "MISC", "name": "https://crbug.com/925598" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5813.json b/2019/5xxx/CVE-2019-5813.json index e513e5b4913..d9b910c9d16 100644 --- a/2019/5xxx/CVE-2019-5813.json +++ b/2019/5xxx/CVE-2019-5813.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/942699", "refsource": "MISC", "name": "https://crbug.com/942699" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5814.json b/2019/5xxx/CVE-2019-5814.json index b2dc31693d6..1a62f9e5a7d 100644 --- a/2019/5xxx/CVE-2019-5814.json +++ b/2019/5xxx/CVE-2019-5814.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/930057", "refsource": "MISC", "name": "https://crbug.com/930057" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5816.json b/2019/5xxx/CVE-2019-5816.json index d8b194295c2..10e041d55f1 100644 --- a/2019/5xxx/CVE-2019-5816.json +++ b/2019/5xxx/CVE-2019-5816.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/940245", "refsource": "MISC", "name": "https://crbug.com/940245" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5817.json b/2019/5xxx/CVE-2019-5817.json index 57a9cbffbd4..8a1dcc37ace 100644 --- a/2019/5xxx/CVE-2019-5817.json +++ b/2019/5xxx/CVE-2019-5817.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/943709", "refsource": "MISC", "name": "https://crbug.com/943709" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5818.json b/2019/5xxx/CVE-2019-5818.json index 35c80100340..bff27120db5 100644 --- a/2019/5xxx/CVE-2019-5818.json +++ b/2019/5xxx/CVE-2019-5818.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/929962", "refsource": "MISC", "name": "https://crbug.com/929962" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5819.json b/2019/5xxx/CVE-2019-5819.json index fd1fb2dc708..571339bd9c9 100644 --- a/2019/5xxx/CVE-2019-5819.json +++ b/2019/5xxx/CVE-2019-5819.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/919356", "refsource": "MISC", "name": "https://crbug.com/919356" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5820.json b/2019/5xxx/CVE-2019-5820.json index 97bcd21d744..cb7d05e318a 100644 --- a/2019/5xxx/CVE-2019-5820.json +++ b/2019/5xxx/CVE-2019-5820.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/919635", "refsource": "MISC", "name": "https://crbug.com/919635" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5821.json b/2019/5xxx/CVE-2019-5821.json index 620f4a6cd93..128b263b72b 100644 --- a/2019/5xxx/CVE-2019-5821.json +++ b/2019/5xxx/CVE-2019-5821.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/919640", "refsource": "MISC", "name": "https://crbug.com/919640" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5822.json b/2019/5xxx/CVE-2019-5822.json index fb6d0978349..519274d82e9 100644 --- a/2019/5xxx/CVE-2019-5822.json +++ b/2019/5xxx/CVE-2019-5822.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/926105", "refsource": "MISC", "name": "https://crbug.com/926105" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5823.json b/2019/5xxx/CVE-2019-5823.json index 0334679288d..223b98d1204 100644 --- a/2019/5xxx/CVE-2019-5823.json +++ b/2019/5xxx/CVE-2019-5823.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/930154", "refsource": "MISC", "name": "https://crbug.com/930154" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5824.json b/2019/5xxx/CVE-2019-5824.json index b70da69884e..3db69d4a9bf 100644 --- a/2019/5xxx/CVE-2019-5824.json +++ b/2019/5xxx/CVE-2019-5824.json @@ -54,6 +54,11 @@ "url": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5827.json b/2019/5xxx/CVE-2019-5827.json index 0fdddc6d6a9..0241e13c791 100644 --- a/2019/5xxx/CVE-2019-5827.json +++ b/2019/5xxx/CVE-2019-5827.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/952406", "refsource": "MISC", "name": "https://crbug.com/952406" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5828.json b/2019/5xxx/CVE-2019-5828.json index fcfd1b08e3a..49750c1a8e4 100644 --- a/2019/5xxx/CVE-2019-5828.json +++ b/2019/5xxx/CVE-2019-5828.json @@ -54,6 +54,11 @@ "url": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", "refsource": "MISC", "name": "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5829.json b/2019/5xxx/CVE-2019-5829.json index 0d2adb1255d..73762c998a7 100644 --- a/2019/5xxx/CVE-2019-5829.json +++ b/2019/5xxx/CVE-2019-5829.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/958533", "refsource": "MISC", "name": "https://crbug.com/958533" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5830.json b/2019/5xxx/CVE-2019-5830.json index d2713ca104a..bd0acd1cfbf 100644 --- a/2019/5xxx/CVE-2019-5830.json +++ b/2019/5xxx/CVE-2019-5830.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/665766", "refsource": "MISC", "name": "https://crbug.com/665766" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5831.json b/2019/5xxx/CVE-2019-5831.json index 5907ef67373..101b948daeb 100644 --- a/2019/5xxx/CVE-2019-5831.json +++ b/2019/5xxx/CVE-2019-5831.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/950328", "refsource": "MISC", "name": "https://crbug.com/950328" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5832.json b/2019/5xxx/CVE-2019-5832.json index c2c0634484d..e8ec4904dd5 100644 --- a/2019/5xxx/CVE-2019-5832.json +++ b/2019/5xxx/CVE-2019-5832.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/959390", "refsource": "MISC", "name": "https://crbug.com/959390" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5833.json b/2019/5xxx/CVE-2019-5833.json index e3c7db0d768..df828e87c48 100644 --- a/2019/5xxx/CVE-2019-5833.json +++ b/2019/5xxx/CVE-2019-5833.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/945067", "refsource": "MISC", "name": "https://crbug.com/945067" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5834.json b/2019/5xxx/CVE-2019-5834.json index 329a1fe641b..33869cdc6ee 100644 --- a/2019/5xxx/CVE-2019-5834.json +++ b/2019/5xxx/CVE-2019-5834.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/962368", "refsource": "MISC", "name": "https://crbug.com/962368" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5835.json b/2019/5xxx/CVE-2019-5835.json index 3539f770a67..0cb502fcb71 100644 --- a/2019/5xxx/CVE-2019-5835.json +++ b/2019/5xxx/CVE-2019-5835.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/939239", "refsource": "MISC", "name": "https://crbug.com/939239" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5836.json b/2019/5xxx/CVE-2019-5836.json index 5337cdd4485..04ed8fe91a1 100644 --- a/2019/5xxx/CVE-2019-5836.json +++ b/2019/5xxx/CVE-2019-5836.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/947342", "refsource": "MISC", "name": "https://crbug.com/947342" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5837.json b/2019/5xxx/CVE-2019-5837.json index 35e0d6ff1a1..2256cba0225 100644 --- a/2019/5xxx/CVE-2019-5837.json +++ b/2019/5xxx/CVE-2019-5837.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/918293", "refsource": "MISC", "name": "https://crbug.com/918293" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5838.json b/2019/5xxx/CVE-2019-5838.json index c79d74dff06..acdc75905de 100644 --- a/2019/5xxx/CVE-2019-5838.json +++ b/2019/5xxx/CVE-2019-5838.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/893087", "refsource": "MISC", "name": "https://crbug.com/893087" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5839.json b/2019/5xxx/CVE-2019-5839.json index c9210f4dd0c..89946d63821 100644 --- a/2019/5xxx/CVE-2019-5839.json +++ b/2019/5xxx/CVE-2019-5839.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/925614", "refsource": "MISC", "name": "https://crbug.com/925614" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/5xxx/CVE-2019-5840.json b/2019/5xxx/CVE-2019-5840.json index 72f79fc1899..ba620482a1d 100644 --- a/2019/5xxx/CVE-2019-5840.json +++ b/2019/5xxx/CVE-2019-5840.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/951782", "refsource": "MISC", "name": "https://crbug.com/951782" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1666", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html" } ] }, diff --git a/2019/9xxx/CVE-2019-9843.json b/2019/9xxx/CVE-2019-9843.json new file mode 100644 index 00000000000..bb6423473b6 --- /dev/null +++ b/2019/9xxx/CVE-2019-9843.json @@ -0,0 +1,77 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9843", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/diffplug/spotless/blob/master/plugin-maven/CHANGES.md#version-1200---march-14th-2018-javadoc-jcenter", + "url": "https://github.com/diffplug/spotless/blob/master/plugin-maven/CHANGES.md#version-1200---march-14th-2018-javadoc-jcenter" + }, + { + "refsource": "MISC", + "name": "https://github.com/diffplug/spotless/issues/358", + "url": "https://github.com/diffplug/spotless/issues/358" + }, + { + "refsource": "MISC", + "name": "https://github.com/diffplug/spotless/blob/master/plugin-gradle/CHANGES.md#version-3200---march-11th-2018-javadoc-jcenter", + "url": "https://github.com/diffplug/spotless/blob/master/plugin-gradle/CHANGES.md#version-3200---march-11th-2018-javadoc-jcenter" + }, + { + "refsource": "MISC", + "name": "https://github.com/diffplug/spotless/pull/369", + "url": "https://github.com/diffplug/spotless/pull/369" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and before 3.20.0 (Gradle plugin), the XML parser would resolve external entities over both HTTP and HTTPS and didn't respect the resolveExternalEntities setting. For example, this allows disclosure of file contents to a MITM attacker if a victim performs a spotlessApply operation on an untrusted XML file." + } + ] + } +} \ No newline at end of file