diff --git a/2018/14xxx/CVE-2018-14745.json b/2018/14xxx/CVE-2018-14745.json index c9a38224f4e..1fb1ba46bb2 100644 --- a/2018/14xxx/CVE-2018-14745.json +++ b/2018/14xxx/CVE-2018-14745.json @@ -38,6 +38,11 @@ "refsource": "CONFIRM", "name": "https://security.samsungmobile.com/securityUpdate.smsb", "url": "https://security.samsungmobile.com/securityUpdate.smsb" + }, + { + "refsource": "MISC", + "name": "https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md", + "url": "https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md" } ] }, diff --git a/2018/20xxx/CVE-2018-20031.json b/2018/20xxx/CVE-2018-20031.json index daaa157a324..cee1492a1cc 100644 --- a/2018/20xxx/CVE-2018-20031.json +++ b/2018/20xxx/CVE-2018-20031.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-20031", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20031", + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Flexera Software LLC", + "product": { + "product_data": [ + { + "product_name": "FlexNet Publisher", + "version": { + "version_data": [ + { + "version_value": "11.16.1.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://secuniaresearch.flexerasoftware.com/advisories/85979/", + "url": "https://secuniaresearch.flexerasoftware.com/advisories/85979/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down." } ] } diff --git a/2018/20xxx/CVE-2018-20032.json b/2018/20xxx/CVE-2018-20032.json index 0f14eeb8982..5d7fc77ff36 100644 --- a/2018/20xxx/CVE-2018-20032.json +++ b/2018/20xxx/CVE-2018-20032.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-20032", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20032", + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Flexera Software LLC", + "product": { + "product_data": [ + { + "product_name": "FlexNet Publisher", + "version": { + "version_data": [ + { + "version_value": "11.16.1.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://secuniaresearch.flexerasoftware.com/advisories/85979/", + "url": "https://secuniaresearch.flexerasoftware.com/advisories/85979/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down." } ] } diff --git a/2018/20xxx/CVE-2018-20034.json b/2018/20xxx/CVE-2018-20034.json index 49661802845..ebc32430e02 100644 --- a/2018/20xxx/CVE-2018-20034.json +++ b/2018/20xxx/CVE-2018-20034.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-20034", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-20034", + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Flexera Software LLC", + "product": { + "product_data": [ + { + "product_name": "FlexNet Publisher", + "version": { + "version_data": [ + { + "version_value": "11.16.1.0 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://secuniaresearch.flexerasoftware.com/advisories/85979/", + "url": "https://secuniaresearch.flexerasoftware.com/advisories/85979/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Denial of Service vulnerability related to adding an item to a list in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down." } ] } diff --git a/2019/3xxx/CVE-2019-3855.json b/2019/3xxx/CVE-2019-3855.json index 823dce33095..cde93325181 100644 --- a/2019/3xxx/CVE-2019-3855.json +++ b/2019/3xxx/CVE-2019-3855.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-3855", - "ASSIGNER": "psampaio@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -52,12 +53,34 @@ "references": { "reference_data": [ { - "url": "https://www.libssh2.org/CVE-2019-3855.html" + "refsource": "MLIST", + "name": "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", + "url": "http://www.openwall.com/lists/oss-security/2019/03/18/3" + }, + { + "refsource": "BUGTRAQ", + "name": "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", + "url": "https://seclists.org/bugtraq/2019/Mar/25" + }, + { + "url": "https://www.libssh2.org/CVE-2019-3855.html", + "refsource": "MISC", + "name": "https://www.libssh2.org/CVE-2019-3855.html" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", "refsource": "CONFIRM" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", + "url": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html" + }, + { + "refsource": "BID", + "name": "107485", + "url": "http://www.securityfocus.com/bid/107485" } ] }, @@ -79,4 +102,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3858.json b/2019/3xxx/CVE-2019-3858.json index bbdc647ad4f..a09cc76a053 100644 --- a/2019/3xxx/CVE-2019-3858.json +++ b/2019/3xxx/CVE-2019-3858.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-3858", - "ASSIGNER": "psampaio@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -43,13 +44,35 @@ }, "references": { "reference_data": [ + { + "refsource": "MLIST", + "name": "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", + "url": "http://www.openwall.com/lists/oss-security/2019/03/18/3" + }, + { + "refsource": "BUGTRAQ", + "name": "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", + "url": "https://seclists.org/bugtraq/2019/Mar/25" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", "refsource": "CONFIRM" }, { - "url": "https://www.libssh2.org/CVE-2019-3858.html" + "url": "https://www.libssh2.org/CVE-2019-3858.html", + "refsource": "MISC", + "name": "https://www.libssh2.org/CVE-2019-3858.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", + "url": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html" + }, + { + "refsource": "BID", + "name": "107485", + "url": "http://www.securityfocus.com/bid/107485" } ] }, @@ -71,4 +94,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3871.json b/2019/3xxx/CVE-2019-3871.json index 8c8ddd7c53d..4df862a4455 100644 --- a/2019/3xxx/CVE-2019-3871.json +++ b/2019/3xxx/CVE-2019-3871.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-3871", - "ASSIGNER": "psampaio@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { @@ -46,13 +47,25 @@ }, "references": { "reference_data": [ + { + "refsource": "MLIST", + "name": "[oss-security] 20190318 PowerDNS Security Advisory 2019-03", + "url": "http://www.openwall.com/lists/oss-security/2019/03/18/4" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871", "refsource": "CONFIRM" }, { - "url": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html" + "url": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html", + "refsource": "MISC", + "name": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html" + }, + { + "refsource": "BID", + "name": "107491", + "url": "http://www.securityfocus.com/bid/107491" } ] }, @@ -74,4 +87,4 @@ ] ] } -} +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7539.json b/2019/7xxx/CVE-2019-7539.json index b5aa1c4ea1e..55abd4ce4bc 100644 --- a/2019/7xxx/CVE-2019-7539.json +++ b/2019/7xxx/CVE-2019-7539.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7539", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,8 +11,52 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A code injection issue was discovered in ipycache through 2016-05-31." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/rossant/ipycache/issues/47", + "url": "https://github.com/rossant/ipycache/issues/47" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8351.json b/2019/8xxx/CVE-2019-8351.json index 6e19319bc05..9846b5d12ed 100644 --- a/2019/8xxx/CVE-2019-8351.json +++ b/2019/8xxx/CVE-2019-8351.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-8351", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.heimdalsecurity.com/hc/en-us/articles/360001084158-Release-2-5-172-PROD-Update", + "refsource": "MISC", + "name": "https://support.heimdalsecurity.com/hc/en-us/articles/360001084158-Release-2-5-172-PROD-Update" } ] }