diff --git a/2017/12xxx/CVE-2017-12805.json b/2017/12xxx/CVE-2017-12805.json index d870c24f86b..6cc14bb3a09 100644 --- a/2017/12xxx/CVE-2017-12805.json +++ b/2017/12xxx/CVE-2017-12805.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-425a1aa7c9", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2017/12xxx/CVE-2017-12806.json b/2017/12xxx/CVE-2017-12806.json index fd9a97302c7..fb992af68f1 100644 --- a/2017/12xxx/CVE-2017-12806.json +++ b/2017/12xxx/CVE-2017-12806.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-425a1aa7c9", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/0xxx/CVE-2019-0285.json b/2019/0xxx/CVE-2019-0285.json index 644b74f4d8f..949805d13bc 100644 --- a/2019/0xxx/CVE-2019-0285.json +++ b/2019/0xxx/CVE-2019-0285.json @@ -54,6 +54,11 @@ "refsource": "CONFIRM", "name": "https://launchpad.support.sap.com/#/notes/2687663", "url": "https://launchpad.support.sap.com/#/notes/2687663" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153471/SAP-Crystal-Reports-Information-Disclosure.html", + "url": "http://packetstormsecurity.com/files/153471/SAP-Crystal-Reports-Information-Disclosure.html" } ] }, diff --git a/2019/10xxx/CVE-2019-10131.json b/2019/10xxx/CVE-2019-10131.json index 62ca79e0658..ab427ded2a9 100644 --- a/2019/10xxx/CVE-2019-10131.json +++ b/2019/10xxx/CVE-2019-10131.json @@ -68,6 +68,11 @@ "refsource": "UBUNTU", "name": "USN-4034-1", "url": "https://usn.ubuntu.com/4034-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11354.json b/2019/11xxx/CVE-2019-11354.json index 3af0fdf1c83..3f82c774fad 100644 --- a/2019/11xxx/CVE-2019-11354.json +++ b/2019/11xxx/CVE-2019-11354.json @@ -106,6 +106,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html", "url": "http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html" } ] } diff --git a/2019/11xxx/CVE-2019-11470.json b/2019/11xxx/CVE-2019-11470.json index 6243cb79b54..056efdcf885 100644 --- a/2019/11xxx/CVE-2019-11470.json +++ b/2019/11xxx/CVE-2019-11470.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-425a1aa7c9", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/11xxx/CVE-2019-11472.json b/2019/11xxx/CVE-2019-11472.json index c33a1e50012..c6e6156fa81 100644 --- a/2019/11xxx/CVE-2019-11472.json +++ b/2019/11xxx/CVE-2019-11472.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-425a1aa7c9", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/11xxx/CVE-2019-11505.json b/2019/11xxx/CVE-2019-11505.json index aeded6795cb..c7cea094877 100644 --- a/2019/11xxx/CVE-2019-11505.json +++ b/2019/11xxx/CVE-2019-11505.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1603", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/11xxx/CVE-2019-11506.json b/2019/11xxx/CVE-2019-11506.json index 01d94c52d25..bf24104d943 100644 --- a/2019/11xxx/CVE-2019-11506.json +++ b/2019/11xxx/CVE-2019-11506.json @@ -86,6 +86,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1603", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/11xxx/CVE-2019-11597.json b/2019/11xxx/CVE-2019-11597.json index c2768304f5a..e1f3d253487 100644 --- a/2019/11xxx/CVE-2019-11597.json +++ b/2019/11xxx/CVE-2019-11597.json @@ -71,6 +71,11 @@ "refsource": "UBUNTU", "name": "USN-4034-1", "url": "https://usn.ubuntu.com/4034-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/11xxx/CVE-2019-11598.json b/2019/11xxx/CVE-2019-11598.json index c63f6a6f26f..738930b76ed 100644 --- a/2019/11xxx/CVE-2019-11598.json +++ b/2019/11xxx/CVE-2019-11598.json @@ -76,6 +76,11 @@ "refsource": "UBUNTU", "name": "USN-4034-1", "url": "https://usn.ubuntu.com/4034-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1683", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html" } ] } diff --git a/2019/12xxx/CVE-2019-12098.json b/2019/12xxx/CVE-2019-12098.json index be641b9df47..86177765acc 100644 --- a/2019/12xxx/CVE-2019-12098.json +++ b/2019/12xxx/CVE-2019-12098.json @@ -81,6 +81,11 @@ "refsource": "DEBIAN", "name": "DSA-4455", "url": "https://www.debian.org/security/2019/dsa-4455" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1682", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html" } ] } diff --git a/2019/12xxx/CVE-2019-12826.json b/2019/12xxx/CVE-2019-12826.json index eb48c84349f..17b49f8d26b 100644 --- a/2019/12xxx/CVE-2019-12826.json +++ b/2019/12xxx/CVE-2019-12826.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12826", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12826", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that are attached to widgets and then eval'd to dynamically determine their visibility) by crafting a malicious POST request that tricks administrators into adding the code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://dannewitz.ninja/posts/widget-logic-csrf-to-rce", + "url": "https://dannewitz.ninja/posts/widget-logic-csrf-to-rce" + }, + { + "refsource": "CONFIRM", + "name": "https://plugins.trac.wordpress.org/changeset/2112753/widget-logic", + "url": "https://plugins.trac.wordpress.org/changeset/2112753/widget-logic" } ] } diff --git a/2019/12xxx/CVE-2019-12970.json b/2019/12xxx/CVE-2019-12970.json index fe0329924f3..d87e5bf36b0 100644 --- a/2019/12xxx/CVE-2019-12970.json +++ b/2019/12xxx/CVE-2019-12970.json @@ -61,6 +61,11 @@ "refsource": "BUGTRAQ", "name": "20190701 [SYSS-2019-016] SquirrelMail script filter bypass/XSS", "url": "https://seclists.org/bugtraq/2019/Jul/0" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153495/SquirrelMail-1.4.22-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/153495/SquirrelMail-1.4.22-Cross-Site-Scripting.html" } ] } diff --git a/2019/13xxx/CVE-2019-13045.json b/2019/13xxx/CVE-2019-13045.json index de27c1bee45..cd73aeae457 100644 --- a/2019/13xxx/CVE-2019-13045.json +++ b/2019/13xxx/CVE-2019-13045.json @@ -71,6 +71,11 @@ "refsource": "BUGTRAQ", "name": "20190630 [slackware-security] irssi (SSA:2019-180-01)", "url": "https://seclists.org/bugtraq/2019/Jun/41" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153480/Slackware-Security-Advisory-irssi-Updates.html", + "url": "http://packetstormsecurity.com/files/153480/Slackware-Security-Advisory-irssi-Updates.html" } ] }