"-Synchronized-Data."

2019/10xxx/CVE-2019-10640.json

@@ -1,17 +1,71 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2019-10640",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2019-10640",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.7.10, 11.8.x before 11.8.6, and 11.9.x before 11.9.4. A regex input validation issue for the .gitlab-ci.yml refs value allows Uncontrolled Resource Consumption."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://about.gitlab.com/blog/categories/releases/",
+                "refsource": "MISC",
+                "name": "https://about.gitlab.com/blog/categories/releases/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/",
+                "url": "https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/49665",
+                "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/49665"
             }
         ]
     }

2019/11xxx/CVE-2019-11884.json

@@ -76,6 +76,11 @@
                 "refsource": "FEDORA",
                 "name": "FEDORA-2019-640f8d8dd1",
                 "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAYXGGJUUYPOMCBZGGDCUZFLUU3JOZG5/"
+            },
+            {
+                "refsource": "FEDORA",
+                "name": "FEDORA-2019-e6bf55e821",
+                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF2PDXUGOFEOTPVEACKFIHQB6O4XUIZD/"
             }
         ]
     }

2019/1xxx/CVE-2019-1735.json

@@ -37,7 +37,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability. "
+                "value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability."
             }
         ]
     },
@@ -91,4 +91,4 @@
         ],
         "discovery": "INTERNAL"
     }
-}
+}

2019/1xxx/CVE-2019-1767.json

@@ -37,7 +37,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Multiple vulnerabilities in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition  or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerabilities are due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit these vulnerabilities by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities. "
+                "value": "Multiple vulnerabilities in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerabilities are due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit these vulnerabilities by including malicious input as the argument of the affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. An attacker would need valid administrator credentials to exploit these vulnerabilities."
             }
         ]
     },
@@ -87,4 +87,4 @@
         ],
         "discovery": "INTERNAL"
     }
-}
+}

2019/3xxx/CVE-2019-3724.json

@@ -102,6 +102,11 @@
                 "name": "https://community.rsa.com/docs/DOC-104202",
                 "refsource": "CONFIRM",
                 "url": "https://community.rsa.com/docs/DOC-104202"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/152943/RSA-NetWitness-Authorization-Bypass.html",
+                "url": "http://packetstormsecurity.com/files/152943/RSA-NetWitness-Authorization-Bypass.html"
             }
         ]
     },

2019/5xxx/CVE-2019-5021.json

@@ -58,6 +58,11 @@
                 "refsource": "CONFIRM",
                 "name": "https://security.netapp.com/advisory/ntap-20190510-0001/",
                 "url": "https://security.netapp.com/advisory/ntap-20190510-0001/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://alpinelinux.org/posts/Docker-image-vulnerability-CVE-2019-5021.html",
+                "url": "https://alpinelinux.org/posts/Docker-image-vulnerability-CVE-2019-5021.html"
             }
         ]
     },