diff --git a/2016/0xxx/CVE-2016-0801.json b/2016/0xxx/CVE-2016-0801.json index 217570eaa55..6a6e1b3ee93 100644 --- a/2016/0xxx/CVE-2016-0801.json +++ b/2016/0xxx/CVE-2016-0801.json @@ -57,6 +57,11 @@ "refsource" : "EXPLOIT-DB", "url" : "https://www.exploit-db.com/exploits/39801/" }, + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "http://source.android.com/security/bulletin/2016-02-01.html", "refsource" : "CONFIRM", diff --git a/2016/5xxx/CVE-2016-5419.json b/2016/5xxx/CVE-2016-5419.json index 93b89730726..c86229380c4 100644 --- a/2016/5xxx/CVE-2016-5419.json +++ b/2016/5xxx/CVE-2016-5419.json @@ -102,6 +102,11 @@ "refsource" : "REDHAT", "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "SSA:2016-219-01", "refsource" : "SLACKWARE", diff --git a/2016/5xxx/CVE-2016-5420.json b/2016/5xxx/CVE-2016-5420.json index 52c476a49ff..d3c1b843841 100644 --- a/2016/5xxx/CVE-2016-5420.json +++ b/2016/5xxx/CVE-2016-5420.json @@ -102,6 +102,11 @@ "refsource" : "REDHAT", "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "SSA:2016-219-01", "refsource" : "SLACKWARE", diff --git a/2016/5xxx/CVE-2016-5421.json b/2016/5xxx/CVE-2016-5421.json index 678df30add1..e19e19f16b8 100644 --- a/2016/5xxx/CVE-2016-5421.json +++ b/2016/5xxx/CVE-2016-5421.json @@ -92,6 +92,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201701-47" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "SSA:2016-219-01", "refsource" : "SLACKWARE", diff --git a/2016/7xxx/CVE-2016-7141.json b/2016/7xxx/CVE-2016-7141.json index 5cfc407419a..4611ed1fa6a 100644 --- a/2016/7xxx/CVE-2016-7141.json +++ b/2016/7xxx/CVE-2016-7141.json @@ -92,6 +92,11 @@ "refsource" : "REDHAT", "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "openSUSE-SU-2016:2379", "refsource" : "SUSE", diff --git a/2016/7xxx/CVE-2016-7167.json b/2016/7xxx/CVE-2016-7167.json index de32e4d9d4e..15a6f6c61e6 100644 --- a/2016/7xxx/CVE-2016-7167.json +++ b/2016/7xxx/CVE-2016-7167.json @@ -97,6 +97,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "SSA:2016-259-01", "refsource" : "SLACKWARE", diff --git a/2016/8xxx/CVE-2016-8615.json b/2016/8xxx/CVE-2016-8615.json index 41d586e34eb..4d9110cb680 100644 --- a/2016/8xxx/CVE-2016-8615.json +++ b/2016/8xxx/CVE-2016-8615.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94096", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8616.json b/2016/8xxx/CVE-2016-8616.json index 44050344d3c..ec9cb0cfcd4 100644 --- a/2016/8xxx/CVE-2016-8616.json +++ b/2016/8xxx/CVE-2016-8616.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94094", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8617.json b/2016/8xxx/CVE-2016-8617.json index b2d5e4d6bcc..2f954a00161 100644 --- a/2016/8xxx/CVE-2016-8617.json +++ b/2016/8xxx/CVE-2016-8617.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94097", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8618.json b/2016/8xxx/CVE-2016-8618.json index 2e0fb1840d0..1a9bd1e5c0a 100644 --- a/2016/8xxx/CVE-2016-8618.json +++ b/2016/8xxx/CVE-2016-8618.json @@ -98,6 +98,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94098", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8619.json b/2016/8xxx/CVE-2016-8619.json index e131821382e..3bf270ef996 100644 --- a/2016/8xxx/CVE-2016-8619.json +++ b/2016/8xxx/CVE-2016-8619.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94100", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8620.json b/2016/8xxx/CVE-2016-8620.json index 49b40e4c81f..640eb73a2c1 100644 --- a/2016/8xxx/CVE-2016-8620.json +++ b/2016/8xxx/CVE-2016-8620.json @@ -93,6 +93,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201701-47" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94102", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8621.json b/2016/8xxx/CVE-2016-8621.json index c807e63f74a..4f70a1b90a8 100644 --- a/2016/8xxx/CVE-2016-8621.json +++ b/2016/8xxx/CVE-2016-8621.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94101", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8622.json b/2016/8xxx/CVE-2016-8622.json index ac934c2d0e0..4810c956c2d 100644 --- a/2016/8xxx/CVE-2016-8622.json +++ b/2016/8xxx/CVE-2016-8622.json @@ -106,6 +106,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94105", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8623.json b/2016/8xxx/CVE-2016-8623.json index 23dd31e2f23..af23231e237 100644 --- a/2016/8xxx/CVE-2016-8623.json +++ b/2016/8xxx/CVE-2016-8623.json @@ -103,6 +103,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94106", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8624.json b/2016/8xxx/CVE-2016-8624.json index b2ee3172e52..9f1d634b1bd 100644 --- a/2016/8xxx/CVE-2016-8624.json +++ b/2016/8xxx/CVE-2016-8624.json @@ -98,6 +98,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94103", "refsource" : "BID", diff --git a/2016/8xxx/CVE-2016-8625.json b/2016/8xxx/CVE-2016-8625.json index 7746ce4b68d..80f6de8b25e 100644 --- a/2016/8xxx/CVE-2016-8625.json +++ b/2016/8xxx/CVE-2016-8625.json @@ -98,6 +98,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "94107", "refsource" : "BID", diff --git a/2016/9xxx/CVE-2016-9586.json b/2016/9xxx/CVE-2016-9586.json index e9f56680707..42a3a1fbe67 100644 --- a/2016/9xxx/CVE-2016-9586.json +++ b/2016/9xxx/CVE-2016-9586.json @@ -98,6 +98,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201701-47" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "95019", "refsource" : "BID", diff --git a/2017/0xxx/CVE-2017-0561.json b/2017/0xxx/CVE-2017-0561.json index 8b5d01dc2ad..f3f91f2cdca 100644 --- a/2017/0xxx/CVE-2017-0561.json +++ b/2017/0xxx/CVE-2017-0561.json @@ -65,6 +65,11 @@ "refsource" : "EXPLOIT-DB", "url" : "https://www.exploit-db.com/exploits/41806/" }, + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://source.android.com/security/bulletin/2017-04-01", "refsource" : "CONFIRM", diff --git a/2017/1000xxx/CVE-2017-1000100.json b/2017/1000xxx/CVE-2017-1000100.json index 548dd985ec5..2930202b324 100644 --- a/2017/1000xxx/CVE-2017-1000100.json +++ b/2017/1000xxx/CVE-2017-1000100.json @@ -74,6 +74,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201709-14" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "100286", "refsource" : "BID", diff --git a/2017/1000xxx/CVE-2017-1000101.json b/2017/1000xxx/CVE-2017-1000101.json index eb3b0ebce1f..263275106e7 100644 --- a/2017/1000xxx/CVE-2017-1000101.json +++ b/2017/1000xxx/CVE-2017-1000101.json @@ -74,6 +74,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201709-14" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "100249", "refsource" : "BID", diff --git a/2017/1000xxx/CVE-2017-1000254.json b/2017/1000xxx/CVE-2017-1000254.json index 7d24c63d788..da0c948ecec 100644 --- a/2017/1000xxx/CVE-2017-1000254.json +++ b/2017/1000xxx/CVE-2017-1000254.json @@ -87,6 +87,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "101115", "refsource" : "BID", diff --git a/2017/1000xxx/CVE-2017-1000257.json b/2017/1000xxx/CVE-2017-1000257.json index bf842c9fbc8..0f37285bccb 100644 --- a/2017/1000xxx/CVE-2017-1000257.json +++ b/2017/1000xxx/CVE-2017-1000257.json @@ -79,6 +79,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:2486" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "101519", "refsource" : "BID", diff --git a/2017/13xxx/CVE-2017-13077.json b/2017/13xxx/CVE-2017-13077.json index 8633f0c6911..8a24a111d95 100644 --- a/2017/13xxx/CVE-2017-13077.json +++ b/2017/13xxx/CVE-2017-13077.json @@ -55,6 +55,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.krackattacks.com/", "refsource" : "MISC", diff --git a/2017/13xxx/CVE-2017-13078.json b/2017/13xxx/CVE-2017-13078.json index 40d0dadbc7c..d4d86176808 100644 --- a/2017/13xxx/CVE-2017-13078.json +++ b/2017/13xxx/CVE-2017-13078.json @@ -55,6 +55,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.krackattacks.com/", "refsource" : "MISC", diff --git a/2017/13xxx/CVE-2017-13079.json b/2017/13xxx/CVE-2017-13079.json index 3ff19b4fb56..c73c9fed86c 100644 --- a/2017/13xxx/CVE-2017-13079.json +++ b/2017/13xxx/CVE-2017-13079.json @@ -55,6 +55,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.krackattacks.com/", "refsource" : "MISC", diff --git a/2017/13xxx/CVE-2017-13080.json b/2017/13xxx/CVE-2017-13080.json index 7234f891b5e..77687e3a941 100644 --- a/2017/13xxx/CVE-2017-13080.json +++ b/2017/13xxx/CVE-2017-13080.json @@ -60,6 +60,11 @@ "refsource" : "MLIST", "url" : "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html" }, + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.krackattacks.com/", "refsource" : "MISC", diff --git a/2017/13xxx/CVE-2017-13081.json b/2017/13xxx/CVE-2017-13081.json index 988af746b7f..2d8899f794f 100644 --- a/2017/13xxx/CVE-2017-13081.json +++ b/2017/13xxx/CVE-2017-13081.json @@ -55,6 +55,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.krackattacks.com/", "refsource" : "MISC", diff --git a/2017/15xxx/CVE-2017-15710.json b/2017/15xxx/CVE-2017-15710.json index 8be0fac43cb..4a8418861da 100644 --- a/2017/15xxx/CVE-2017-15710.json +++ b/2017/15xxx/CVE-2017-15710.json @@ -84,6 +84,11 @@ "refsource" : "DEBIAN", "url" : "https://www.debian.org/security/2018/dsa-4164" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3627-1", "refsource" : "UBUNTU", diff --git a/2017/15xxx/CVE-2017-15715.json b/2017/15xxx/CVE-2017-15715.json index 65f4985c469..cb3e76a45d1 100644 --- a/2017/15xxx/CVE-2017-15715.json +++ b/2017/15xxx/CVE-2017-15715.json @@ -73,6 +73,11 @@ "refsource" : "DEBIAN", "url" : "https://www.debian.org/security/2018/dsa-4164" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3627-1", "refsource" : "UBUNTU", diff --git a/2017/16xxx/CVE-2017-16541.json b/2017/16xxx/CVE-2017-16541.json index f93bbc52dee..24040b30333 100644 --- a/2017/16xxx/CVE-2017-16541.json +++ b/2017/16xxx/CVE-2017-16541.json @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://blog.torproject.org/tor-browser-709-released", "refsource" : "MISC", diff --git a/2017/7xxx/CVE-2017-7407.json b/2017/7xxx/CVE-2017-7407.json index 64d89ea1cef..a8a9584d426 100644 --- a/2017/7xxx/CVE-2017-7407.json +++ b/2017/7xxx/CVE-2017-7407.json @@ -66,6 +66,11 @@ "name" : "GLSA-201709-14", "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201709-14" + }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" } ] } diff --git a/2017/8xxx/CVE-2017-8816.json b/2017/8xxx/CVE-2017-8816.json index 75fade26c52..6f49a56b1b1 100644 --- a/2017/8xxx/CVE-2017-8816.json +++ b/2017/8xxx/CVE-2017-8816.json @@ -72,6 +72,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201712-04" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "101998", "refsource" : "BID", diff --git a/2017/8xxx/CVE-2017-8817.json b/2017/8xxx/CVE-2017-8817.json index 25a6621c6d3..b558185ebf9 100644 --- a/2017/8xxx/CVE-2017-8817.json +++ b/2017/8xxx/CVE-2017-8817.json @@ -77,6 +77,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201712-04" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "102057", "refsource" : "BID", diff --git a/2017/9xxx/CVE-2017-9417.json b/2017/9xxx/CVE-2017-9417.json index ec4551b02ea..1e8169fe781 100644 --- a/2017/9xxx/CVE-2017-9417.json +++ b/2017/9xxx/CVE-2017-9417.json @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html" + }, { "name" : "https://www.blackhat.com/us-17/briefings.html#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets", "refsource" : "MISC", diff --git a/2018/0xxx/CVE-2018-0284.json b/2018/0xxx/CVE-2018-0284.json index a2c8ccf2f39..8b4cbdbdd9a 100644 --- a/2018/0xxx/CVE-2018-0284.json +++ b/2018/0xxx/CVE-2018-0284.json @@ -111,6 +111,11 @@ "name" : "20181107 Cisco Meraki Local Status Page Privilege Escalation Vulnerability", "refsource" : "CISCO", "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki" + }, + { + "name" : "105878", + "refsource" : "BID", + "url" : "http://www.securityfocus.com/bid/105878" } ] }, diff --git a/2018/1000xxx/CVE-2018-1000007.json b/2018/1000xxx/CVE-2018-1000007.json index a2a1df77c25..6b52bedbaba 100644 --- a/2018/1000xxx/CVE-2018-1000007.json +++ b/2018/1000xxx/CVE-2018-1000007.json @@ -74,6 +74,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3157" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3554-2", "refsource" : "UBUNTU", diff --git a/2018/1000xxx/CVE-2018-1000120.json b/2018/1000xxx/CVE-2018-1000120.json index bafacb63a5d..8c980da92b3 100644 --- a/2018/1000xxx/CVE-2018-1000120.json +++ b/2018/1000xxx/CVE-2018-1000120.json @@ -84,6 +84,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3157" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3598-1", "refsource" : "UBUNTU", diff --git a/2018/1000xxx/CVE-2018-1000121.json b/2018/1000xxx/CVE-2018-1000121.json index c2ea619c6ae..213765d6c43 100644 --- a/2018/1000xxx/CVE-2018-1000121.json +++ b/2018/1000xxx/CVE-2018-1000121.json @@ -84,6 +84,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3157" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3598-1", "refsource" : "UBUNTU", diff --git a/2018/1000xxx/CVE-2018-1000122.json b/2018/1000xxx/CVE-2018-1000122.json index 0d761685bb1..391d09bca40 100644 --- a/2018/1000xxx/CVE-2018-1000122.json +++ b/2018/1000xxx/CVE-2018-1000122.json @@ -84,6 +84,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3157" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3598-1", "refsource" : "UBUNTU", diff --git a/2018/1000xxx/CVE-2018-1000301.json b/2018/1000xxx/CVE-2018-1000301.json index 73795366843..1597e3852c6 100644 --- a/2018/1000xxx/CVE-2018-1000301.json +++ b/2018/1000xxx/CVE-2018-1000301.json @@ -90,6 +90,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3157" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3598-2", "refsource" : "UBUNTU", diff --git a/2018/11xxx/CVE-2018-11693.json b/2018/11xxx/CVE-2018-11693.json index 3c0fe3d086c..d154b50ee94 100644 --- a/2018/11xxx/CVE-2018-11693.json +++ b/2018/11xxx/CVE-2018-11693.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." + "value" : "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." } ] }, diff --git a/2018/11xxx/CVE-2018-11694.json b/2018/11xxx/CVE-2018-11694.json index 5eb710a7455..42fedb6c46b 100644 --- a/2018/11xxx/CVE-2018-11694.json +++ b/2018/11xxx/CVE-2018-11694.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." + "value" : "An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." } ] }, diff --git a/2018/11xxx/CVE-2018-11695.json b/2018/11xxx/CVE-2018-11695.json index 2b604f26882..8f896bc9f9a 100644 --- a/2018/11xxx/CVE-2018-11695.json +++ b/2018/11xxx/CVE-2018-11695.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue was discovered in LibSaas through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." + "value" : "An issue was discovered in LibSass through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." } ] }, diff --git a/2018/11xxx/CVE-2018-11696.json b/2018/11xxx/CVE-2018-11696.json index f4ea440d214..b3de3e5c216 100644 --- a/2018/11xxx/CVE-2018-11696.json +++ b/2018/11xxx/CVE-2018-11696.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." + "value" : "An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact." } ] }, diff --git a/2018/11xxx/CVE-2018-11698.json b/2018/11xxx/CVE-2018-11698.json index a9ce215cca7..0c2b0b08289 100644 --- a/2018/11xxx/CVE-2018-11698.json +++ b/2018/11xxx/CVE-2018-11698.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." + "value" : "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." } ] }, diff --git a/2018/11xxx/CVE-2018-11763.json b/2018/11xxx/CVE-2018-11763.json index 86eade125ee..4df9b974847 100644 --- a/2018/11xxx/CVE-2018-11763.json +++ b/2018/11xxx/CVE-2018-11763.json @@ -58,6 +58,11 @@ "refsource" : "CONFIRM", "url" : "https://httpd.apache.org/security/vulnerabilities_24.html" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3783-1", "refsource" : "UBUNTU", diff --git a/2018/11xxx/CVE-2018-11777.json b/2018/11xxx/CVE-2018-11777.json index 578341d6412..5279738a001 100644 --- a/2018/11xxx/CVE-2018-11777.json +++ b/2018/11xxx/CVE-2018-11777.json @@ -56,6 +56,11 @@ "name" : "https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E", "refsource" : "MISC", "url" : "https://lists.apache.org/thread.html/963c8e2516405c9b532b4add16c03b2c5db621e0c83e80f45049cbbb@%3Cdev.hive.apache.org%3E" + }, + { + "name" : "105886", + "refsource" : "BID", + "url" : "http://www.securityfocus.com/bid/105886" } ] } diff --git a/2018/12xxx/CVE-2018-12361.json b/2018/12xxx/CVE-2018-12361.json index 5b9847c1677..e5043b02926 100644 --- a/2018/12xxx/CVE-2018-12361.json +++ b/2018/12xxx/CVE-2018-12361.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1463244", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12367.json b/2018/12xxx/CVE-2018-12367.json index fd2c9e8a9ec..bab6c885610 100644 --- a/2018/12xxx/CVE-2018-12367.json +++ b/2018/12xxx/CVE-2018-12367.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1462891", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12376.json b/2018/12xxx/CVE-2018-12376.json index 1a6f78c98dc..f48891d4973 100644 --- a/2018/12xxx/CVE-2018-12376.json +++ b/2018/12xxx/CVE-2018-12376.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1469309%2C1469914%2C1450989%2C1480092%2C1480517%2C1481093%2C1478575%2C1471953%2C1473161%2C1466991%2C1468738%2C1483120%2C1467363%2C1472925%2C1466577%2C1467889%2C1480521%2C1478849", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12377.json b/2018/12xxx/CVE-2018-12377.json index 9f6e1ad7c82..04032b66792 100644 --- a/2018/12xxx/CVE-2018-12377.json +++ b/2018/12xxx/CVE-2018-12377.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1470260", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12378.json b/2018/12xxx/CVE-2018-12378.json index 7a1e5c634a4..e7df8e8d1ff 100644 --- a/2018/12xxx/CVE-2018-12378.json +++ b/2018/12xxx/CVE-2018-12378.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1459383", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12379.json b/2018/12xxx/CVE-2018-12379.json index 6a8ecce4468..810bda91750 100644 --- a/2018/12xxx/CVE-2018-12379.json +++ b/2018/12xxx/CVE-2018-12379.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1473113", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12383.json b/2018/12xxx/CVE-2018-12383.json index cee4664d9b0..fe7c1a6de0a 100644 --- a/2018/12xxx/CVE-2018-12383.json +++ b/2018/12xxx/CVE-2018-12383.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1475775", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12385.json b/2018/12xxx/CVE-2018-12385.json index a5bd0a2efd6..000581cb99c 100644 --- a/2018/12xxx/CVE-2018-12385.json +++ b/2018/12xxx/CVE-2018-12385.json @@ -75,6 +75,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1575-1] thunderbird security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" + }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1490585", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12891.json b/2018/12xxx/CVE-2018-12891.json index c067656205d..d43107a19cc 100644 --- a/2018/12xxx/CVE-2018-12891.json +++ b/2018/12xxx/CVE-2018-12891.json @@ -57,6 +57,11 @@ "refsource" : "MLIST", "url" : "http://www.openwall.com/lists/oss-security/2018/06/27/10" }, + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" + }, { "name" : "http://xenbits.xen.org/xsa/advisory-264.html", "refsource" : "CONFIRM", diff --git a/2018/12xxx/CVE-2018-12893.json b/2018/12xxx/CVE-2018-12893.json index 1583a1ff73c..d7c1b526334 100644 --- a/2018/12xxx/CVE-2018-12893.json +++ b/2018/12xxx/CVE-2018-12893.json @@ -57,6 +57,11 @@ "refsource" : "MLIST", "url" : "http://www.openwall.com/lists/oss-security/2018/06/27/11" }, + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" + }, { "name" : "http://xenbits.xen.org/xsa/advisory-265.html", "refsource" : "CONFIRM", diff --git a/2018/14xxx/CVE-2018-14618.json b/2018/14xxx/CVE-2018-14618.json index 51631375d9b..edfed1adc94 100644 --- a/2018/14xxx/CVE-2018-14618.json +++ b/2018/14xxx/CVE-2018-14618.json @@ -90,6 +90,11 @@ "refsource" : "DEBIAN", "url" : "https://www.debian.org/security/2018/dsa-4286" }, + { + "name" : "RHSA-2018:3558", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3558" + }, { "name" : "USN-3765-1", "refsource" : "UBUNTU", diff --git a/2018/15xxx/CVE-2018-15452.json b/2018/15xxx/CVE-2018-15452.json index 691aeaf6cf7..76b68632876 100644 --- a/2018/15xxx/CVE-2018-15452.json +++ b/2018/15xxx/CVE-2018-15452.json @@ -1,18 +1,86 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15452", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2018-10-29T16:00:00-0500", + "ID": "CVE-2018-15452", + "STATE": "PUBLIC", + "TITLE": "Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco AMP for Endpoints ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the attacker would need to have administrative credentials on the Windows system.\nThe vulnerability is due to the improper validation of resources loaded by a system process at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. A successful exploit could allow the attacker to disable the targeted system's scanning services and ultimately prevent the system from being protected from further intrusion.\nThere are no workarounds that address this vulnerability.\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181029-amp-dll" + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\n" + } + ], + "impact": { + "cvss": { + "baseScore": "6.7", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\n", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-427" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20181029 Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181029-amp-dll" + } + ] + }, + "source": { + "advisory": "cisco-sa-20181029-amp-dll", + "defect": [ + [ + "CSCvm93525" + ] + ], + "discovery": "INTERNAL" + } } diff --git a/2018/15xxx/CVE-2018-15469.json b/2018/15xxx/CVE-2018-15469.json index 2a5e8c7b303..c8cbbc2d8ba 100644 --- a/2018/15xxx/CVE-2018-15469.json +++ b/2018/15xxx/CVE-2018-15469.json @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" + }, { "name" : "http://xenbits.xen.org/xsa/advisory-268.html", "refsource" : "MISC", diff --git a/2018/15xxx/CVE-2018-15470.json b/2018/15xxx/CVE-2018-15470.json index 555b3e5da8c..411a0256c16 100644 --- a/2018/15xxx/CVE-2018-15470.json +++ b/2018/15xxx/CVE-2018-15470.json @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html" + }, { "name" : "http://xenbits.xen.org/xsa/advisory-272.html", "refsource" : "MISC", diff --git a/2018/15xxx/CVE-2018-15686.json b/2018/15xxx/CVE-2018-15686.json index 4e5da3f51a5..bbf315342c8 100644 --- a/2018/15xxx/CVE-2018-15686.json +++ b/2018/15xxx/CVE-2018-15686.json @@ -92,6 +92,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201810-10" }, + { + "name" : "USN-3816-1", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3816-1/" + }, { "name" : "105747", "refsource" : "BID", diff --git a/2018/15xxx/CVE-2018-15687.json b/2018/15xxx/CVE-2018-15687.json index 7885fea3b81..7d29787e226 100644 --- a/2018/15xxx/CVE-2018-15687.json +++ b/2018/15xxx/CVE-2018-15687.json @@ -92,6 +92,11 @@ "refsource" : "GENTOO", "url" : "https://security.gentoo.org/glsa/201810-10" }, + { + "name" : "USN-3816-1", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3816-1/" + }, { "name" : "105748", "refsource" : "BID", diff --git a/2018/15xxx/CVE-2018-15771.json b/2018/15xxx/CVE-2018-15771.json index d72a423ff93..d1fc4fa3b0b 100644 --- a/2018/15xxx/CVE-2018-15771.json +++ b/2018/15xxx/CVE-2018-15771.json @@ -1,18 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15771", - "STATE" : "RESERVED" + "CVE_data_meta": { + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2018-11-09T05:00:00.000Z", + "ID": "CVE-2018-15771", + "STATE": "PUBLIC", + "TITLE": "Dell EMC RecoverPoint Information Disclosure Vulnerability" }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Dell EMC RecoverPoint", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "5.1.2.1" + } + ] + } + }, + { + "product_name": "Dell EMC RecoverPoint Virtual Machine (VM)", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "5.2.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Dell EMC" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "lang": "eng", + "value": "Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "url": "https://seclists.org/fulldisclosure/2018/Nov/34" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15772.json b/2018/15xxx/CVE-2018-15772.json index f89203ba505..287b63956fa 100644 --- a/2018/15xxx/CVE-2018-15772.json +++ b/2018/15xxx/CVE-2018-15772.json @@ -1,18 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15772", - "STATE" : "RESERVED" + "CVE_data_meta": { + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2018-11-09T05:00:00.000Z", + "ID": "CVE-2018-15772", + "STATE": "PUBLIC", + "TITLE": "Dell EMC RecoverPoint Uncontrolled Resource Consumption Vulnerability" }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Dell EMC RecoverPoint", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "5.1.2.1" + } + ] + } + }, + { + "product_name": "Dell EMC RecoverPoint Virtual Machine (VM)", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "5.2.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Dell EMC" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "lang": "eng", + "value": "Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "uncontrolled resource consumption vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "FULLDISC", + "url": "https://seclists.org/fulldisclosure/2018/Nov/34" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15795.json b/2018/15xxx/CVE-2018-15795.json index 7109f7e68b6..9e0f5baa4a8 100644 --- a/2018/15xxx/CVE-2018-15795.json +++ b/2018/15xxx/CVE-2018-15795.json @@ -1,18 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15795", - "STATE" : "RESERVED" + "CVE_data_meta": { + "ASSIGNER": "secure@dell.com", + "DATE_PUBLIC": "2018-11-09T08:00:00.000Z", + "ID": "CVE-2018-15795", + "STATE": "PUBLIC", + "TITLE": "CredHub Service Broker uses guessable client secret" }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CredHub Service Broker", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "all versions", + "version_value": "1.1.0" + } + ] + } + } + ] + }, + "vendor_name": "Pivotal Cloud Foundry" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "lang": "eng", + "value": "Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Predictability problems" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2018-15795" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16837.json b/2018/16xxx/CVE-2018-16837.json index 53bccb4bc72..703ac4569ad 100644 --- a/2018/16xxx/CVE-2018-16837.json +++ b/2018/16xxx/CVE-2018-16837.json @@ -62,6 +62,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1576-1] ansible security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00012.html" + }, { "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16837", "refsource" : "CONFIRM", diff --git a/2018/17xxx/CVE-2018-17456.json b/2018/17xxx/CVE-2018-17456.json index a4dbe7c8c4d..f23f2b8b347 100644 --- a/2018/17xxx/CVE-2018-17456.json +++ b/2018/17xxx/CVE-2018-17456.json @@ -97,6 +97,11 @@ "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2018:3505" }, + { + "name" : "RHSA-2018:3541", + "refsource" : "REDHAT", + "url" : "https://access.redhat.com/errata/RHSA-2018:3541" + }, { "name" : "USN-3791-1", "refsource" : "UBUNTU", diff --git a/2018/18xxx/CVE-2018-18025.json b/2018/18xxx/CVE-2018-18025.json index 2ff36e994ac..043e2685edb 100644 --- a/2018/18xxx/CVE-2018-18025.json +++ b/2018/18xxx/CVE-2018-18025.json @@ -52,6 +52,11 @@ }, "references" : { "reference_data" : [ + { + "name" : "[debian-lts-announce] 20181112 [SECURITY] [DLA 1574-1] imagemagick security update", + "refsource" : "MLIST", + "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html" + }, { "name" : "https://github.com/ImageMagick/ImageMagick/issues/1335", "refsource" : "MISC", diff --git a/2018/18xxx/CVE-2018-18584.json b/2018/18xxx/CVE-2018-18584.json index 9b7f7806835..6fadc661c42 100644 --- a/2018/18xxx/CVE-2018-18584.json +++ b/2018/18xxx/CVE-2018-18584.json @@ -76,6 +76,16 @@ "name" : "https://www.openwall.com/lists/oss-security/2018/10/22/1", "refsource" : "MISC", "url" : "https://www.openwall.com/lists/oss-security/2018/10/22/1" + }, + { + "name" : "USN-3814-1", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3814-1/" + }, + { + "name" : "USN-3814-2", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3814-2/" } ] } diff --git a/2018/18xxx/CVE-2018-18585.json b/2018/18xxx/CVE-2018-18585.json index f1bf8caf34c..125831d7875 100644 --- a/2018/18xxx/CVE-2018-18585.json +++ b/2018/18xxx/CVE-2018-18585.json @@ -71,6 +71,16 @@ "name" : "https://www.openwall.com/lists/oss-security/2018/10/22/1", "refsource" : "MISC", "url" : "https://www.openwall.com/lists/oss-security/2018/10/22/1" + }, + { + "name" : "USN-3814-1", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3814-1/" + }, + { + "name" : "USN-3814-2", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3814-2/" } ] } diff --git a/2018/18xxx/CVE-2018-18591.json b/2018/18xxx/CVE-2018-18591.json index 69137cbef38..60aa84b3225 100644 --- a/2018/18xxx/CVE-2018-18591.json +++ b/2018/18xxx/CVE-2018-18591.json @@ -1,8 +1,33 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "security@microfocus.com", + "DATE_PUBLIC" : "2018-11-12T17:00:00.000Z", "ID" : "CVE-2018-18591", - "STATE" : "RESERVED" + "STATE" : "PUBLIC", + "TITLE" : "MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Micro Focus Service Manager", + "version" : { + "version_data" : [ + { + "version_value" : "9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51" + } + ] + } + } + ] + }, + "vendor_name" : "Micro Focus" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,8 +36,54 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data." } ] + }, + "exploit" : [ + { + "lang" : "eng", + "value" : "Unauthorized Disclosure of Data" + } + ], + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "NETWORK", + "availabilityImpact" : "NONE", + "baseScore" : 6.8, + "baseSeverity" : "MEDIUM", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "NONE", + "privilegesRequired" : "LOW", + "scope" : "CHANGED", + "userInteraction" : "REQUIRED", + "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N", + "version" : "3.0" + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Unauthorized Disclosure of Data" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176", + "refsource" : "CONFIRM", + "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176" + } + ] + }, + "source" : { + "discovery" : "UNKNOWN" } } diff --git a/2018/18xxx/CVE-2018-18751.json b/2018/18xxx/CVE-2018-18751.json index 73e7dc06e76..74caccc39ee 100644 --- a/2018/18xxx/CVE-2018-18751.json +++ b/2018/18xxx/CVE-2018-18751.json @@ -61,6 +61,11 @@ "name" : "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption", "refsource" : "MISC", "url" : "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption" + }, + { + "name" : "USN-3815-2", + "refsource" : "UBUNTU", + "url" : "https://usn.ubuntu.com/3815-2/" } ] } diff --git a/2018/19xxx/CVE-2018-19201.json b/2018/19xxx/CVE-2018-19201.json new file mode 100644 index 00000000000..3a057f46146 --- /dev/null +++ b/2018/19xxx/CVE-2018-19201.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19201", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19202.json b/2018/19xxx/CVE-2018-19202.json new file mode 100644 index 00000000000..ef49f442a4b --- /dev/null +++ b/2018/19xxx/CVE-2018-19202.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19202", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19203.json b/2018/19xxx/CVE-2018-19203.json new file mode 100644 index 00000000000..928b5753231 --- /dev/null +++ b/2018/19xxx/CVE-2018-19203.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19203", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://en.securitylab.ru/lab/PT-2018-22", + "refsource" : "MISC", + "url" : "http://en.securitylab.ru/lab/PT-2018-22" + }, + { + "name" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652", + "refsource" : "MISC", + "url" : "https://www.paessler.com/prtg/history/stable#18.2.41.1652" + }, + { + "name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/", + "refsource" : "MISC", + "url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-22/" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19204.json b/2018/19xxx/CVE-2018-19204.json new file mode 100644 index 00000000000..c70707f9dab --- /dev/null +++ b/2018/19xxx/CVE-2018-19204.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19204", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \\Custom Sensors\\EXE directory and execute it by creating EXE/Script Sensor." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://en.securitylab.ru/lab/PT-2018-23", + "refsource" : "MISC", + "url" : "http://en.securitylab.ru/lab/PT-2018-23" + }, + { + "name" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054", + "refsource" : "MISC", + "url" : "https://www.paessler.com/prtg/history/stable#18.3.44.2054" + }, + { + "name" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/", + "refsource" : "MISC", + "url" : "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2018-23/" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19205.json b/2018/19xxx/CVE-2018-19205.json new file mode 100644 index 00000000000..92965158f42 --- /dev/null +++ b/2018/19xxx/CVE-2018-19205.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19205", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.7", + "refsource" : "MISC", + "url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.7" + }, + { + "name" : "https://roundcube.net/news/2018/07/27/update-1.3.7-released", + "refsource" : "MISC", + "url" : "https://roundcube.net/news/2018/07/27/update-1.3.7-released" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19206.json b/2018/19xxx/CVE-2018-19206.json new file mode 100644 index 00000000000..f8f1df3a434 --- /dev/null +++ b/2018/19xxx/CVE-2018-19206.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19206", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of