"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2019-12-23 01:01:01 +00:00 · 2019-12-23 01:01:01 +00:00 · f694320a10
commit f694320a10
parent 7347e44a27
7 changed files with 138 additions and 99 deletions
--- a/2019/16xxx/CVE-2019-16787.json
+++ b/2019/16xxx/CVE-2019-16787.json
@ -1,110 +1,18 @@
 {
-    "CVE_data_meta": {
-        "ASSIGNER": "security-advisories@github.com",
-        "ID": "CVE-2019-16787",
-        "STATE": "PUBLIC",
-        "TITLE": "NetHack: Privilege escalation/remote code execution/crash in configuration parsing"
-    },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "NetHack",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_affected": "=",
-                                            "version_name": "= 3.6.0",
-                                            "version_value": "3.6.0"
-                                        },
-                                        {
-                                            "version_affected": "=",
-                                            "version_name": "= 3.6.1",
-                                            "version_value": "3.6.1"
-                                        },
-                                        {
-                                            "version_affected": "=",
-                                            "version_name": "= 3.6.2",
-                                            "version_value": "3.6.2"
-                                        },
-                                        {
-                                            "version_affected": "=",
-                                            "version_name": "= 3.6.3",
-                                            "version_value": "3.6.3"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "NetHack"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
    "data_type": "CVE",
+    "data_format": "MITRE",
    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-16787",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "REJECT"
+    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "In NatHack between 3.6.0 and 3.6.3, a buffer overflow issue exists when reading very long lines from a NetHack configuration file (usually named .nethackrc). This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. All users are urged to upgrade to NetHack 3.6.4 as soon as possible."
+                "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-19905. Reason: This candidate is a duplicate of CVE-2019-19905. Notes: All CVE users should reference CVE-2019-19905 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
            }
        ]
-    },
-    "impact": {
-        "cvss": {
-            "attackComplexity": "HIGH",
-            "attackVector": "LOCAL",
-            "availabilityImpact": "LOW",
-            "baseScore": 7,
-            "baseSeverity": "HIGH",
-            "confidentialityImpact": "LOW",
-            "integrityImpact": "HIGH",
-            "privilegesRequired": "LOW",
-            "scope": "CHANGED",
-            "userInteraction": "NONE",
-            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
-            "version": "3.1"
-        }
-    },
-    "problemtype": {
-        "problemtype_data": [
-            {
-                "description": [
-                    {
-                        "lang": "eng",
-                        "value": "CWE-269"
-                    }
-                ]
-            }
-        ]
-    },
-    "references": {
-        "reference_data": [
-            {
-                "name": "https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47",
-                "refsource": "MISC",
-                "url": "https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47"
-            },
-            {
-                "name": "https://github.com/NetHack/NetHack/security/advisories/GHSA-3cm7-rgh5-9pq5",
-                "refsource": "CONFIRM",
-                "url": "https://github.com/NetHack/NetHack/security/advisories/GHSA-3cm7-rgh5-9pq5"
-            },
-            {
-                "name": "https://nethack.org/security/",
-                "refsource": "MISC",
-                "url": "https://nethack.org/security/"
-            }
-        ]
-    },
-    "source": {
-        "advisory": "GHSA-3cm7-rgh5-9pq5",
-        "discovery": "UNKNOWN"
    }
 }
--- a/2019/19xxx/CVE-2019-19905.json
+++ b/2019/19xxx/CVE-2019-19905.json
@ -66,6 +66,16 @@
                "url": "https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47",
                "refsource": "MISC",
                "name": "https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/NetHack/NetHack/security/advisories/GHSA-3cm7-rgh5-9pq5",
+                "url": "https://github.com/NetHack/NetHack/security/advisories/GHSA-3cm7-rgh5-9pq5"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://nethack.org/security/",
+                "url": "https://nethack.org/security/"
            }
        ]
    }
--- a/2019/19xxx/CVE-2019-19923.json
+++ b/2019/19xxx/CVE-2019-19923.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-19923",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2019/19xxx/CVE-2019-19924.json
+++ b/2019/19xxx/CVE-2019-19924.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-19924",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2019/19xxx/CVE-2019-19925.json
+++ b/2019/19xxx/CVE-2019-19925.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2019-19925",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2019/19xxx/CVE-2019-19926.json
+++ b/2019/19xxx/CVE-2019-19926.json
@ -0,0 +1,62 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-19926",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089",
+                "refsource": "MISC",
+                "name": "https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089"
+            }
+        ]
+    }
+}
--- a/2019/2xxx/CVE-2019-2228.json
+++ b/2019/2xxx/CVE-2019-2228.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://source.android.com/security/bulletin/2019-12-01",
                "url": "https://source.android.com/security/bulletin/2019-12-01"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20191222 [SECURITY] [DLA 2047-1] cups security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00030.html"
            }
        ]
    },