From 0213d68b36a81ad7c8b3cfb90e916986063ccec3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 14 Nov 2019 17:02:11 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/1xxx/CVE-2012-1161.json | 93 ++++++++++++++++++++++++++++++++-- 2012/1xxx/CVE-2012-1170.json | 90 ++++++++++++++++++++++++++++++-- 2019/11xxx/CVE-2019-11136.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11137.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11151.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11152.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11153.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11154.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11155.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11156.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11168.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11170.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11171.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11172.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11173.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11174.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11175.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11177.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11178.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11179.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11180.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11181.json | 50 ++++++++++++++++-- 2019/11xxx/CVE-2019-11182.json | 50 ++++++++++++++++-- 2019/14xxx/CVE-2019-14565.json | 62 +++++++++++++++++++++++ 2019/14xxx/CVE-2019-14566.json | 62 +++++++++++++++++++++++ 2019/14xxx/CVE-2019-14602.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15425.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15426.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15427.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15428.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15429.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15430.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15431.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15432.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15433.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15434.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15435.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15436.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15437.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15438.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15439.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15440.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15441.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15442.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15443.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15444.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15445.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15446.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15447.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15448.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15449.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15450.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15451.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15452.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15453.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15454.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15455.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15456.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15457.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15458.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15459.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15460.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15461.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15462.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15463.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15464.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15465.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15466.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15467.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15468.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15469.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15470.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15471.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15472.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15473.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15474.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15475.json | 62 +++++++++++++++++++++++ 2019/15xxx/CVE-2019-15743.json | 62 +++++++++++++++++++++++ 2019/16xxx/CVE-2019-16110.json | 62 +++++++++++++++++++++++ 79 files changed, 4636 insertions(+), 69 deletions(-) create mode 100644 2019/14xxx/CVE-2019-14565.json create mode 100644 2019/14xxx/CVE-2019-14566.json create mode 100644 2019/14xxx/CVE-2019-14602.json create mode 100644 2019/15xxx/CVE-2019-15425.json create mode 100644 2019/15xxx/CVE-2019-15426.json create mode 100644 2019/15xxx/CVE-2019-15427.json create mode 100644 2019/15xxx/CVE-2019-15428.json create mode 100644 2019/15xxx/CVE-2019-15429.json create mode 100644 2019/15xxx/CVE-2019-15430.json create mode 100644 2019/15xxx/CVE-2019-15431.json create mode 100644 2019/15xxx/CVE-2019-15432.json create mode 100644 2019/15xxx/CVE-2019-15433.json create mode 100644 2019/15xxx/CVE-2019-15434.json create mode 100644 2019/15xxx/CVE-2019-15435.json create mode 100644 2019/15xxx/CVE-2019-15436.json create mode 100644 2019/15xxx/CVE-2019-15437.json create mode 100644 2019/15xxx/CVE-2019-15438.json create mode 100644 2019/15xxx/CVE-2019-15439.json create mode 100644 2019/15xxx/CVE-2019-15440.json create mode 100644 2019/15xxx/CVE-2019-15441.json create mode 100644 2019/15xxx/CVE-2019-15442.json create mode 100644 2019/15xxx/CVE-2019-15443.json create mode 100644 2019/15xxx/CVE-2019-15444.json create mode 100644 2019/15xxx/CVE-2019-15445.json create mode 100644 2019/15xxx/CVE-2019-15446.json create mode 100644 2019/15xxx/CVE-2019-15447.json create mode 100644 2019/15xxx/CVE-2019-15448.json create mode 100644 2019/15xxx/CVE-2019-15449.json create mode 100644 2019/15xxx/CVE-2019-15450.json create mode 100644 2019/15xxx/CVE-2019-15451.json create mode 100644 2019/15xxx/CVE-2019-15452.json create mode 100644 2019/15xxx/CVE-2019-15453.json create mode 100644 2019/15xxx/CVE-2019-15454.json create mode 100644 2019/15xxx/CVE-2019-15455.json create mode 100644 2019/15xxx/CVE-2019-15456.json create mode 100644 2019/15xxx/CVE-2019-15457.json create mode 100644 2019/15xxx/CVE-2019-15458.json create mode 100644 2019/15xxx/CVE-2019-15459.json create mode 100644 2019/15xxx/CVE-2019-15460.json create mode 100644 2019/15xxx/CVE-2019-15461.json create mode 100644 2019/15xxx/CVE-2019-15462.json create mode 100644 2019/15xxx/CVE-2019-15463.json create mode 100644 2019/15xxx/CVE-2019-15464.json create mode 100644 2019/15xxx/CVE-2019-15465.json create mode 100644 2019/15xxx/CVE-2019-15466.json create mode 100644 2019/15xxx/CVE-2019-15467.json create mode 100644 2019/15xxx/CVE-2019-15468.json create mode 100644 2019/15xxx/CVE-2019-15469.json create mode 100644 2019/15xxx/CVE-2019-15470.json create mode 100644 2019/15xxx/CVE-2019-15471.json create mode 100644 2019/15xxx/CVE-2019-15472.json create mode 100644 2019/15xxx/CVE-2019-15473.json create mode 100644 2019/15xxx/CVE-2019-15474.json create mode 100644 2019/15xxx/CVE-2019-15475.json create mode 100644 2019/15xxx/CVE-2019-15743.json create mode 100644 2019/16xxx/CVE-2019-16110.json diff --git a/2012/1xxx/CVE-2012-1161.json b/2012/1xxx/CVE-2012-1161.json index 6bce87c7402..53b9eb7b4f3 100644 --- a/2012/1xxx/CVE-2012-1161.json +++ b/2012/1xxx/CVE-2012-1161.json @@ -1,8 +1,34 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1161", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Moodle", + "product": { + "product_data": [ + { + "product_name": "Moodle", + "version": { + "version_data": [ + { + "version_value": "2.2 to 2.2.1+" + }, + { + "version_value": "2.1 to 2.1.4+" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +37,68 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "UNKNOWN_TYPE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2012-1161", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2012-1161" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2012-1161", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2012-1161" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html" + }, + { + "refsource": "CONFIRM", + "name": "https://moodle.org/mod/forum/discuss.php?d=198630", + "url": "https://moodle.org/mod/forum/discuss.php?d=198630" } ] } diff --git a/2012/1xxx/CVE-2012-1170.json b/2012/1xxx/CVE-2012-1170.json index 67003cdbe0d..ad10012c488 100644 --- a/2012/1xxx/CVE-2012-1170.json +++ b/2012/1xxx/CVE-2012-1170.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-1170", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Moodle", + "product": { + "product_data": [ + { + "product_name": "Moodle", + "version": { + "version_data": [ + { + "version_value": "2.2 to 2.2.1+" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,68 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.17" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2012-1170", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2012-1170" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1170" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2012-1170", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2012-1170" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html" + }, + { + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html" + }, + { + "refsource": "CONFIRM", + "name": "https://moodle.org/mod/forum/discuss.php?d=198632", + "url": "https://moodle.org/mod/forum/discuss.php?d=198632" } ] } diff --git a/2019/11xxx/CVE-2019-11136.json b/2019/11xxx/CVE-2019-11136.json index d5cc5d07a42..cd6890977dd 100644 --- a/2019/11xxx/CVE-2019-11136.json +++ b/2019/11xxx/CVE-2019-11136.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11136", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "2019.2 IPU \u2013 UEFI", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11137.json b/2019/11xxx/CVE-2019-11137.json index 3fc8bbf4606..f7c7b4b5a58 100644 --- a/2019/11xxx/CVE-2019-11137.json +++ b/2019/11xxx/CVE-2019-11137.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11137", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "2019.2 IPU \u2013 UEFI", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00280.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11151.json b/2019/11xxx/CVE-2019-11151.json index 5cc48241692..b73c9267429 100644 --- a/2019/11xxx/CVE-2019-11151.json +++ b/2019/11xxx/CVE-2019-11151.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11151", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11152.json b/2019/11xxx/CVE-2019-11152.json index 5cb90e78fdd..15bb1c2136f 100644 --- a/2019/11xxx/CVE-2019-11152.json +++ b/2019/11xxx/CVE-2019-11152.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11152", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via adjacent access." } ] } diff --git a/2019/11xxx/CVE-2019-11153.json b/2019/11xxx/CVE-2019-11153.json index 90f9c97d14e..a072c909323 100644 --- a/2019/11xxx/CVE-2019-11153.json +++ b/2019/11xxx/CVE-2019-11153.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11153", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) WIFI Drivers and Intel(R) PROSet/Wireless WiFi Software extension DLL", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00287.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software extension DLL before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and a denial of service via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11154.json b/2019/11xxx/CVE-2019-11154.json index eac19b31c24..faee715c5b9 100644 --- a/2019/11xxx/CVE-2019-11154.json +++ b/2019/11xxx/CVE-2019-11154.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11154", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi Software Security", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11155.json b/2019/11xxx/CVE-2019-11155.json index 168a512bf1c..062de8ab9d9 100644 --- a/2019/11xxx/CVE-2019-11155.json +++ b/2019/11xxx/CVE-2019-11155.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11155", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi Software Security", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable denial of service and information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11156.json b/2019/11xxx/CVE-2019-11156.json index 00b7aade2db..d0430743a6e 100644 --- a/2019/11xxx/CVE-2019-11156.json +++ b/2019/11xxx/CVE-2019-11156.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11156", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi Software Security", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00288.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Logic errors in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may allow an authenticated user to potentially enable escalation of privilege, denial of service, and information disclosure via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11168.json b/2019/11xxx/CVE-2019-11168.json index 8359f527314..0e25bd9d368 100644 --- a/2019/11xxx/CVE-2019-11168.json +++ b/2019/11xxx/CVE-2019-11168.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11168", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11170.json b/2019/11xxx/CVE-2019-11170.json index 20e9cd7b5c9..07c91931c0b 100644 --- a/2019/11xxx/CVE-2019-11170.json +++ b/2019/11xxx/CVE-2019-11170.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11170", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Authentication bypass in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11171.json b/2019/11xxx/CVE-2019-11171.json index 74c99a0ce37..0948369f53f 100644 --- a/2019/11xxx/CVE-2019-11171.json +++ b/2019/11xxx/CVE-2019-11171.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11171", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11172.json b/2019/11xxx/CVE-2019-11172.json index 6ca0974c779..3f5daf87b6a 100644 --- a/2019/11xxx/CVE-2019-11172.json +++ b/2019/11xxx/CVE-2019-11172.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11172", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11173.json b/2019/11xxx/CVE-2019-11173.json index 980a1b1d9e9..d6d7fb8c349 100644 --- a/2019/11xxx/CVE-2019-11173.json +++ b/2019/11xxx/CVE-2019-11173.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11173", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via local access." } ] } diff --git a/2019/11xxx/CVE-2019-11174.json b/2019/11xxx/CVE-2019-11174.json index 492a2682ecf..4bf2b5a61ac 100644 --- a/2019/11xxx/CVE-2019-11174.json +++ b/2019/11xxx/CVE-2019-11174.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11174", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11175.json b/2019/11xxx/CVE-2019-11175.json index 6c14f9c4d06..e278142de1d 100644 --- a/2019/11xxx/CVE-2019-11175.json +++ b/2019/11xxx/CVE-2019-11175.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11175", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11177.json b/2019/11xxx/CVE-2019-11177.json index 3d8f4af52ed..5ca811c6870 100644 --- a/2019/11xxx/CVE-2019-11177.json +++ b/2019/11xxx/CVE-2019-11177.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11177", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unhandled exception in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11178.json b/2019/11xxx/CVE-2019-11178.json index 73d1467bfad..5ed8b26903a 100644 --- a/2019/11xxx/CVE-2019-11178.json +++ b/2019/11xxx/CVE-2019-11178.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11178", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11179.json b/2019/11xxx/CVE-2019-11179.json index 422e2b54c8f..75ebb2b1eb1 100644 --- a/2019/11xxx/CVE-2019-11179.json +++ b/2019/11xxx/CVE-2019-11179.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11179", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11180.json b/2019/11xxx/CVE-2019-11180.json index 6e5364c8c16..42769745d69 100644 --- a/2019/11xxx/CVE-2019-11180.json +++ b/2019/11xxx/CVE-2019-11180.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11180", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11181.json b/2019/11xxx/CVE-2019-11181.json index c3ef35c04ff..f0336f65a64 100644 --- a/2019/11xxx/CVE-2019-11181.json +++ b/2019/11xxx/CVE-2019-11181.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11181", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bound read in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable escalation of privilege via network access." } ] } diff --git a/2019/11xxx/CVE-2019-11182.json b/2019/11xxx/CVE-2019-11182.json index a891d6c6535..acc4b71ff81 100644 --- a/2019/11xxx/CVE-2019-11182.json +++ b/2019/11xxx/CVE-2019-11182.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-11182", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) BMC", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00313.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Memory corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access." } ] } diff --git a/2019/14xxx/CVE-2019-14565.json b/2019/14xxx/CVE-2019-14565.json new file mode 100644 index 00000000000..0078b4fc874 --- /dev/null +++ b/2019/14xxx/CVE-2019-14565.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14565", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Intel", + "product": { + "product_data": [ + { + "product_name": "2019.2 IPU \u2013 Intel(R) SGX", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14566.json b/2019/14xxx/CVE-2019-14566.json new file mode 100644 index 00000000000..3b96a77decf --- /dev/null +++ b/2019/14xxx/CVE-2019-14566.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14566", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Intel", + "product": { + "product_data": [ + { + "product_name": "2019.2 IPU \u2013 Intel(R) SGX", + "version": { + "version_data": [ + { + "version_value": "See provided reference" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00293.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access." + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14602.json b/2019/14xxx/CVE-2019-14602.json new file mode 100644 index 00000000000..5c82a3f5b5b --- /dev/null +++ b/2019/14xxx/CVE-2019-14602.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14602", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nuvoton* CIR Driver for Windows* 8 for Intel(R) NUC", + "version": { + "version_data": [ + { + "version_value": "Before version 1.02.1002" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00309.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00309.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15425.json b/2019/15xxx/CVE-2019-15425.json new file mode 100644 index 00000000000..5b9358df098 --- /dev/null +++ b/2019/15xxx/CVE-2019-15425.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Kata M4s Android device with a build fingerprint of alps/full_hct6750_66_n/hct6750_66_n:7.0/NRD90M/1495624556:user/test-keys contains a pre-installed app with a package name of com.mediatek.factorymode app (versionCode=1, versionName=1) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15426.json b/2019/15xxx/CVE-2019-15426.json new file mode 100644 index 00000000000..d0f89572706 --- /dev/null +++ b/2019/15xxx/CVE-2019-15426.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/natrium/natrium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15427.json b/2019/15xxx/CVE-2019-15427.json new file mode 100644 index 00000000000..e9b96cb8268 --- /dev/null +++ b/2019/15xxx/CVE-2019-15427.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15428.json b/2019/15xxx/CVE-2019-15428.json new file mode 100644 index 00000000000..ffcf1515797 --- /dev/null +++ b/2019/15xxx/CVE-2019-15428.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app (versionCode=40000, versionName=4.0.00) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15429.json b/2019/15xxx/CVE-2019-15429.json new file mode 100644 index 00000000000..a21cfb6c70f --- /dev/null +++ b/2019/15xxx/CVE-2019-15429.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15430.json b/2019/15xxx/CVE-2019-15430.json new file mode 100644 index 00000000000..77c4786d64e --- /dev/null +++ b/2019/15xxx/CVE-2019-15430.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Bluboo D3 Pro Android device with a build fingerprint of BLUBOO/Bluboo_D2_Pro/Bluboo_D2_Pro:7.0/NRD90M/1510370501:user/release-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0.0_VER_32516508295515) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15431.json b/2019/15xxx/CVE-2019-15431.json new file mode 100644 index 00000000000..77880bac949 --- /dev/null +++ b/2019/15xxx/CVE-2019-15431.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15431", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Evercoss U50A Android device with a build fingerprint of EVERCOSS/U50A./EVERCOSS:7.0/NRD90M/1499911028:eng/test-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0_VER_2017.04.21_17:55:55) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15432.json b/2019/15xxx/CVE-2019-15432.json new file mode 100644 index 00000000000..40390d5ca31 --- /dev/null +++ b/2019/15xxx/CVE-2019-15432.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Evercoss U6 Android device with a build fingerprint of EVERCOSS/U6/U6:7.0/NRD90M/1504236704:user/release-keys contains a pre-installed app with a package name of com.qiku.cleaner app (versionCode=2, versionName=2.0.0_VER_32516486284094) that allows other pre-installed apps to perform system properties modification via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15433.json b/2019/15xxx/CVE-2019-15433.json new file mode 100644 index 00000000000..31d3bcc7aac --- /dev/null +++ b/2019/15xxx/CVE-2019-15433.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15434.json b/2019/15xxx/CVE-2019-15434.json new file mode 100644 index 00000000000..4145ff85c18 --- /dev/null +++ b/2019/15xxx/CVE-2019-15434.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15434", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15435.json b/2019/15xxx/CVE-2019-15435.json new file mode 100644 index 00000000000..54514eaf6aa --- /dev/null +++ b/2019/15xxx/CVE-2019-15435.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung A7 Android device with a build fingerprint of samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15436.json b/2019/15xxx/CVE-2019-15436.json new file mode 100644 index 00000000000..a51d4dc6607 --- /dev/null +++ b/2019/15xxx/CVE-2019-15436.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15437.json b/2019/15xxx/CVE-2019-15437.json new file mode 100644 index 00000000000..5054898cb75 --- /dev/null +++ b/2019/15xxx/CVE-2019-15437.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15437", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15438.json b/2019/15xxx/CVE-2019-15438.json new file mode 100644 index 00000000000..7517359d941 --- /dev/null +++ b/2019/15xxx/CVE-2019-15438.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15438", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15439.json b/2019/15xxx/CVE-2019-15439.json new file mode 100644 index 00000000000..78800029085 --- /dev/null +++ b/2019/15xxx/CVE-2019-15439.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15440.json b/2019/15xxx/CVE-2019-15440.json new file mode 100644 index 00000000000..4f20ddafeea --- /dev/null +++ b/2019/15xxx/CVE-2019-15440.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J5 Android device with a build fingerprint of samsung/on5xeltedx/on5xelte:8.0.0/R16NW/G570YDXU2CRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15441.json b/2019/15xxx/CVE-2019-15441.json new file mode 100644 index 00000000000..0cfc1d33237 --- /dev/null +++ b/2019/15xxx/CVE-2019-15441.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15442.json b/2019/15xxx/CVE-2019-15442.json new file mode 100644 index 00000000000..be381590818 --- /dev/null +++ b/2019/15xxx/CVE-2019-15442.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15443.json b/2019/15xxx/CVE-2019-15443.json new file mode 100644 index 00000000000..9861bcd61f5 --- /dev/null +++ b/2019/15xxx/CVE-2019-15443.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Max Android device with a build fingerprint of samsung/j7maxlteins/j7maxlte:8.1.0/M1AJQ/G615FXXU2BSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15444.json b/2019/15xxx/CVE-2019-15444.json new file mode 100644 index 00000000000..99261cfe94a --- /dev/null +++ b/2019/15xxx/CVE-2019-15444.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15444", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15445.json b/2019/15xxx/CVE-2019-15445.json new file mode 100644 index 00000000000..7b2994f5081 --- /dev/null +++ b/2019/15xxx/CVE-2019-15445.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15446.json b/2019/15xxx/CVE-2019-15446.json new file mode 100644 index 00000000000..c194aed3c55 --- /dev/null +++ b/2019/15xxx/CVE-2019-15446.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXU3ESAC:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15447.json b/2019/15xxx/CVE-2019-15447.json new file mode 100644 index 00000000000..3a38f854858 --- /dev/null +++ b/2019/15xxx/CVE-2019-15447.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15448.json b/2019/15xxx/CVE-2019-15448.json new file mode 100644 index 00000000000..72376553087 --- /dev/null +++ b/2019/15xxx/CVE-2019-15448.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15448", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15449.json b/2019/15xxx/CVE-2019-15449.json new file mode 100644 index 00000000000..89d67f28713 --- /dev/null +++ b/2019/15xxx/CVE-2019-15449.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15450.json b/2019/15xxx/CVE-2019-15450.json new file mode 100644 index 00000000000..8e11aee06c5 --- /dev/null +++ b/2019/15xxx/CVE-2019-15450.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15451.json b/2019/15xxx/CVE-2019-15451.json new file mode 100644 index 00000000000..61884cd0f0d --- /dev/null +++ b/2019/15xxx/CVE-2019-15451.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15452.json b/2019/15xxx/CVE-2019-15452.json new file mode 100644 index 00000000000..da74f6b315f --- /dev/null +++ b/2019/15xxx/CVE-2019-15452.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15453.json b/2019/15xxx/CVE-2019-15453.json new file mode 100644 index 00000000000..3bfa45bae07 --- /dev/null +++ b/2019/15xxx/CVE-2019-15453.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15454.json b/2019/15xxx/CVE-2019-15454.json new file mode 100644 index 00000000000..f09383261dd --- /dev/null +++ b/2019/15xxx/CVE-2019-15454.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15455.json b/2019/15xxx/CVE-2019-15455.json new file mode 100644 index 00000000000..93a9f23dc40 --- /dev/null +++ b/2019/15xxx/CVE-2019-15455.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15456.json b/2019/15xxx/CVE-2019-15456.json new file mode 100644 index 00000000000..badf6428676 --- /dev/null +++ b/2019/15xxx/CVE-2019-15456.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15457.json b/2019/15xxx/CVE-2019-15457.json new file mode 100644 index 00000000000..05c1c682602 --- /dev/null +++ b/2019/15xxx/CVE-2019-15457.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15458.json b/2019/15xxx/CVE-2019-15458.json new file mode 100644 index 00000000000..9b83a10e68f --- /dev/null +++ b/2019/15xxx/CVE-2019-15458.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15459.json b/2019/15xxx/CVE-2019-15459.json new file mode 100644 index 00000000000..27ef478f193 --- /dev/null +++ b/2019/15xxx/CVE-2019-15459.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15460.json b/2019/15xxx/CVE-2019-15460.json new file mode 100644 index 00000000000..c46c81b4fe3 --- /dev/null +++ b/2019/15xxx/CVE-2019-15460.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15460", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15461.json b/2019/15xxx/CVE-2019-15461.json new file mode 100644 index 00000000000..514a3ae82bd --- /dev/null +++ b/2019/15xxx/CVE-2019-15461.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15462.json b/2019/15xxx/CVE-2019-15462.json new file mode 100644 index 00000000000..29b4fcbfca6 --- /dev/null +++ b/2019/15xxx/CVE-2019-15462.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15462", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15463.json b/2019/15xxx/CVE-2019-15463.json new file mode 100644 index 00000000000..0fa1546ed14 --- /dev/null +++ b/2019/15xxx/CVE-2019-15463.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15463", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15464.json b/2019/15xxx/CVE-2019-15464.json new file mode 100644 index 00000000000..1969a67fb49 --- /dev/null +++ b/2019/15xxx/CVE-2019-15464.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15465.json b/2019/15xxx/CVE-2019-15465.json new file mode 100644 index 00000000000..aa6d87def0a --- /dev/null +++ b/2019/15xxx/CVE-2019-15465.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15466.json b/2019/15xxx/CVE-2019-15466.json new file mode 100644 index 00000000000..d9f68acc50e --- /dev/null +++ b/2019/15xxx/CVE-2019-15466.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakura_india/sakura_india:8.1.0/OPM1.171019.019/V10.2.6.0.ODMMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812191721) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15467.json b/2019/15xxx/CVE-2019-15467.json new file mode 100644 index 00000000000..115f67b069e --- /dev/null +++ b/2019/15xxx/CVE-2019-15467.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15467", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=A2060_201801032053) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15468.json b/2019/15xxx/CVE-2019-15468.json new file mode 100644 index 00000000000..4e61913ba94 --- /dev/null +++ b/2019/15xxx/CVE-2019-15468.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15468", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812071953) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15469.json b/2019/15xxx/CVE-2019-15469.json new file mode 100644 index 00000000000..3a0a4f31b26 --- /dev/null +++ b/2019/15xxx/CVE-2019-15469.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/clover/clover:8.1.0/OPM1.171019.019/V9.6.26.0.ODJCNFD:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15470.json b/2019/15xxx/CVE-2019-15470.json new file mode 100644 index 00000000000..18c82741213 --- /dev/null +++ b/2019/15xxx/CVE-2019-15470.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15471.json b/2019/15xxx/CVE-2019-15471.json new file mode 100644 index 00000000000..2344948463f --- /dev/null +++ b/2019/15xxx/CVE-2019-15471.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15471", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=27, versionName=8.1.0) that allows other pre-installed apps to perform microphone audio recording via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that export their capabilities to other pre-installed app. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15472.json b/2019/15xxx/CVE-2019-15472.json new file mode 100644 index 00000000000..678a0c40dd2 --- /dev/null +++ b/2019/15xxx/CVE-2019-15472.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15473.json b/2019/15xxx/CVE-2019-15473.json new file mode 100644 index 00000000000..dc480b6e7a6 --- /dev/null +++ b/2019/15xxx/CVE-2019-15473.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/jasmine/jasmine_sprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15474.json b/2019/15xxx/CVE-2019-15474.json new file mode 100644 index 00000000000..ff8492fbdbd --- /dev/null +++ b/2019/15xxx/CVE-2019-15474.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15474", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/cepheus/cepheus:9/PKQ1.181121.001/V10.2.6.0.PFAMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15475.json b/2019/15xxx/CVE-2019-15475.json new file mode 100644 index 00000000000..646b87fe2bc --- /dev/null +++ b/2019/15xxx/CVE-2019-15475.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc_eea/onc:9/PKQ1.181021.001/V10.2.8.0.PFLEUXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15743.json b/2019/15xxx/CVE-2019-15743.json new file mode 100644 index 00000000000..5975f85bc45 --- /dev/null +++ b/2019/15xxx/CVE-2019-15743.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-15743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audio to external storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.kryptowire.com/android-firmware-2019/", + "refsource": "MISC", + "name": "https://www.kryptowire.com/android-firmware-2019/" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16110.json b/2019/16xxx/CVE-2019-16110.json new file mode 100644 index 00000000000..b4357817944 --- /dev/null +++ b/2019/16xxx/CVE-2019-16110.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://sigint.sh/#/cve-2019-16110", + "url": "https://sigint.sh/#/cve-2019-16110" + } + ] + } +} \ No newline at end of file