diff --git a/2017/8xxx/CVE-2017-8533.json b/2017/8xxx/CVE-2017-8533.json index 9cec398fc91..6de17324e98 100644 --- a/2017/8xxx/CVE-2017-8533.json +++ b/2017/8xxx/CVE-2017-8533.json @@ -61,6 +61,11 @@ "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8533", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8533" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-581/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-581/" } ] } diff --git a/2018/16xxx/CVE-2018-16119.json b/2018/16xxx/CVE-2018-16119.json index 63cec134cf6..90422a2dad9 100644 --- a/2018/16xxx/CVE-2018-16119.json +++ b/2018/16xxx/CVE-2018-16119.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16119", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://tp-link.com/", + "refsource": "MISC", + "name": "http://tp-link.com/" + }, + { + "refsource": "MISC", + "name": "https://www.secsignal.org/news/exploiting-routers-just-another-tp-link-0day", + "url": "https://www.secsignal.org/news/exploiting-routers-just-another-tp-link-0day" } ] } diff --git a/2018/16xxx/CVE-2018-16247.json b/2018/16xxx/CVE-2018-16247.json index cbaa31b0b8e..c59b46f915f 100644 --- a/2018/16xxx/CVE-2018-16247.json +++ b/2018/16xxx/CVE-2018-16247.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16247", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "YzmCMS 5.1 has XSS via the admin/system_manage/user_config_add.html title parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/yzmcms/yzmcms/issues/3", + "refsource": "MISC", + "name": "https://github.com/yzmcms/yzmcms/issues/3" } ] } diff --git a/2018/16xxx/CVE-2018-16248.json b/2018/16xxx/CVE-2018-16248.json index 117adf8e7e9..02e81b6c2f6 100644 --- a/2018/16xxx/CVE-2018-16248.json +++ b/2018/16xxx/CVE-2018-16248.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16248", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "b3log Solo 2.9.3 has XSS in the Input page under the \"Publish Articles\" menu with an ID of \"articleTags\" stored in the \"tag\" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/b3log/solo/issues/12489", + "refsource": "MISC", + "name": "https://github.com/b3log/solo/issues/12489" } ] } diff --git a/2019/0xxx/CVE-2019-0092.json b/2019/0xxx/CVE-2019-0092.json index 0d7bf7fa327..67dbbf17454 100644 --- a/2019/0xxx/CVE-2019-0092.json +++ b/2019/0xxx/CVE-2019-0092.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K84591451", + "url": "https://support.f5.com/csp/article/K84591451" } ] }, diff --git a/2019/0xxx/CVE-2019-0094.json b/2019/0xxx/CVE-2019-0094.json index ce3a7fc756a..74882646c03 100644 --- a/2019/0xxx/CVE-2019-0094.json +++ b/2019/0xxx/CVE-2019-0094.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K84591451", + "url": "https://support.f5.com/csp/article/K84591451" } ] }, diff --git a/2019/0xxx/CVE-2019-0096.json b/2019/0xxx/CVE-2019-0096.json index 55efe3ffd0c..fa49b549018 100644 --- a/2019/0xxx/CVE-2019-0096.json +++ b/2019/0xxx/CVE-2019-0096.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K84591451", + "url": "https://support.f5.com/csp/article/K84591451" } ] }, diff --git a/2019/0xxx/CVE-2019-0097.json b/2019/0xxx/CVE-2019-0097.json index 4c90173c5a1..9a5bbcf4b0e 100644 --- a/2019/0xxx/CVE-2019-0097.json +++ b/2019/0xxx/CVE-2019-0097.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K84591451", + "url": "https://support.f5.com/csp/article/K84591451" } ] }, diff --git a/2019/12xxx/CVE-2019-12905.json b/2019/12xxx/CVE-2019-12905.json new file mode 100644 index 00000000000..7af94323c00 --- /dev/null +++ b/2019/12xxx/CVE-2019-12905.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/", + "refsource": "MISC", + "name": "https://github.com/EmreOvunc/FileRun-Vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1013.json b/2019/1xxx/CVE-2019-1013.json index a13a6c499b5..d3146db75f3 100644 --- a/2019/1xxx/CVE-2019-1013.json +++ b/2019/1xxx/CVE-2019-1013.json @@ -95,6 +95,11 @@ "refsource": "MISC", "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-573/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-573/" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-580/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-580/" } ] }