diff --git a/2016/7xxx/CVE-2016-7043.json b/2016/7xxx/CVE-2016-7043.json index a3b94a4ab56..85781b2505f 100644 --- a/2016/7xxx/CVE-2016-7043.json +++ b/2016/7xxx/CVE-2016-7043.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2016-7043", - "ASSIGNER": "lpardo@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -79,4 +80,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3566.json b/2019/3xxx/CVE-2019-3566.json index 6db4c7d7fab..a58566639a9 100644 --- a/2019/3xxx/CVE-2019-3566.json +++ b/2019/3xxx/CVE-2019-3566.json @@ -84,4 +84,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3586.json b/2019/3xxx/CVE-2019-3586.json index 24fd594b93f..f97d3017324 100644 --- a/2019/3xxx/CVE-2019-3586.json +++ b/2019/3xxx/CVE-2019-3586.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.\n" + "value": "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection." } ] }, @@ -84,4 +84,4 @@ "source": { "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3602.json b/2019/3xxx/CVE-2019-3602.json index ac131679ff0..7a82e43379c 100644 --- a/2019/3xxx/CVE-2019-3602.json +++ b/2019/3xxx/CVE-2019-3602.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML.\n" + "value": "Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML." } ] }, @@ -84,4 +84,4 @@ "source": { "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3724.json b/2019/3xxx/CVE-2019-3724.json index 3ff39d424d4..271c1d6a2e0 100644 --- a/2019/3xxx/CVE-2019-3724.json +++ b/2019/3xxx/CVE-2019-3724.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", + "ASSIGNER": "security_alert@emc.com", "DATE_PUBLIC": "2019-05-09T05:00:00.000Z", "ID": "CVE-2019-3724", "STATE": "PUBLIC", @@ -51,7 +51,7 @@ "credit": [ { "lang": "eng", - "value": "\t\nRSA would like to thank Mantas Juškauskas for reporting CVE-2019-3724." + "value": "\t\nRSA would like to thank Mantas Ju\u0161kauskas for reporting CVE-2019-3724." } ], "data_format": "MITRE", diff --git a/2019/3xxx/CVE-2019-3725.json b/2019/3xxx/CVE-2019-3725.json index ec46321d49d..47c0c27f031 100644 --- a/2019/3xxx/CVE-2019-3725.json +++ b/2019/3xxx/CVE-2019-3725.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", + "ASSIGNER": "security_alert@emc.com", "DATE_PUBLIC": "2019-05-09T05:00:00.000Z", "ID": "CVE-2019-3725", "STATE": "PUBLIC", diff --git a/2019/3xxx/CVE-2019-3727.json b/2019/3xxx/CVE-2019-3727.json index 7714b2d8900..87c68a348ff 100644 --- a/2019/3xxx/CVE-2019-3727.json +++ b/2019/3xxx/CVE-2019-3727.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "secure@dell.com", + "ASSIGNER": "security_alert@emc.com", "DATE_PUBLIC": "2019-05-14T05:00:00.000Z", "ID": "CVE-2019-3727", "STATE": "PUBLIC", @@ -81,8 +81,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability" + "refsource": "MISC", + "url": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability", + "name": "https://www.dell.com/support/security/us/en/04/details/533842/DSA-2019-078-Dell-EMC-RecoverPoint-OS-Command-Injection-Vulnerability" } ] }, diff --git a/2019/5xxx/CVE-2019-5526.json b/2019/5xxx/CVE-2019-5526.json index 42d600e3628..5c7afda0e46 100644 --- a/2019/5xxx/CVE-2019-5526.json +++ b/2019/5xxx/CVE-2019-5526.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5526", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5526", + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware Workstation", + "version": { + "version_data": [ + { + "version_value": "VMware Workstation (15.x before 15.1.0)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DLL hijacking vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2019-0007.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2019-0007.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed." } ] } diff --git a/2019/5xxx/CVE-2019-5597.json b/2019/5xxx/CVE-2019-5597.json index f382501be41..f7056398ea3 100644 --- a/2019/5xxx/CVE-2019-5597.json +++ b/2019/5xxx/CVE-2019-5597.json @@ -1,17 +1,66 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5597", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5597", + "ASSIGNER": "secteam@freebsd.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "FreeBSD", + "version": { + "version_data": [ + { + "version_value": "FreeBSD 11.2 before 11.2-RELEASE-p10 and 12.0 before 12.0-RELEASE-p4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc" + }, + { + "refsource": "MISC", + "name": "https://www.synacktiv.com/ressources/Synacktiv_OpenBSD_PacketFilter_CVE-2019-5597_ipv6_frag.pdf", + "url": "https://www.synacktiv.com/ressources/Synacktiv_OpenBSD_PacketFilter_CVE-2019-5597_ipv6_frag.pdf" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of the first packet allowing maliciously crafted IPv6 packets to cause a crash or potentially bypass the packet filter." } ] } diff --git a/2019/5xxx/CVE-2019-5598.json b/2019/5xxx/CVE-2019-5598.json index 9808c55eb51..4ec8f16bc2a 100644 --- a/2019/5xxx/CVE-2019-5598.json +++ b/2019/5xxx/CVE-2019-5598.json @@ -1,17 +1,66 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5598", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5598", + "ASSIGNER": "secteam@freebsd.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "FreeBSD", + "version": { + "version_data": [ + { + "version_value": "FreeBSD 11.2 before 11.2-RELEASE-p10 and 12.0 before 12.0-RELEASE-p4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc" + }, + { + "refsource": "MISC", + "name": "https://www.synacktiv.com/posts/systems/icmp-reachable.html", + "url": "https://www.synacktiv.com/posts/systems/icmp-reachable.html" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable." } ] } diff --git a/2019/6xxx/CVE-2019-6578.json b/2019/6xxx/CVE-2019-6578.json index 589c76fb0f9..e126f057ced 100644 --- a/2019/6xxx/CVE-2019-6578.json +++ b/2019/6xxx/CVE-2019-6578.json @@ -58,6 +58,11 @@ "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf" + }, + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-134-05", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-134-05" } ] }, diff --git a/2019/8xxx/CVE-2019-8936.json b/2019/8xxx/CVE-2019-8936.json index 57f8e107250..91f2868a532 100644 --- a/2019/8xxx/CVE-2019-8936.json +++ b/2019/8xxx/CVE-2019-8936.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-8936", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,78 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NTP through 4.2.8p12 has a NULL Pointer Dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "GENTOO", + "name": "GLSA-201903-15", + "url": "https://security.gentoo.org/glsa/201903-15" + }, + { + "url": "http://support.ntp.org/bin/view/Main/SecurityNotice", + "refsource": "MISC", + "name": "http://support.ntp.org/bin/view/Main/SecurityNotice" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1143", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1158", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-b0c7f0d94a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-694e3aa4e8", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-f781d5c4c6", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190503-0001/", + "url": "https://security.netapp.com/advisory/ntap-20190503-0001/" + }, + { + "refsource": "FREEBSD", + "name": "FreeBSD-SA-19:04", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc" + }, + { + "refsource": "BUGTRAQ", + "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:04.ntp", + "url": "https://seclists.org/bugtraq/2019/May/39" + }, + { + "refsource": "CONFIRM", + "name": "http://bugs.ntp.org/show_bug.cgi?id=3565", + "url": "http://bugs.ntp.org/show_bug.cgi?id=3565" } ] }