diff --git a/2016/6xxx/CVE-2016-6587.json b/2016/6xxx/CVE-2016-6587.json index 41ad2f11ed8..2c456652968 100644 --- a/2016/6xxx/CVE-2016-6587.json +++ b/2016/6xxx/CVE-2016-6587.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secure@symantec.com", "ID": "CVE-2016-6587", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Symantec", + "product": { + "product_data": [ + { + "product_name": "Norton Mobile Security for Android", + "version": { + "version_data": [ + { + "version_value": "before 3.16" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Local Information Disclosure Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securitytracker.com/id/1037225", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1037225" + }, + { + "url": "http://www.securityfocus.com/bid/93858", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/93858" + }, + { + "refsource": "CONFIRM", + "name": "https://support.symantec.com/us/en/article.symsa1384.html", + "url": "https://support.symantec.com/us/en/article.symsa1384.html" + }, + { + "refsource": "MISC", + "name": "https://vuldb.com/?id.93273", + "url": "https://vuldb.com/?id.93273" } ] } diff --git a/2019/15xxx/CVE-2019-15807.json b/2019/15xxx/CVE-2019-15807.json index 5b03b3d16f1..b99f4ba1a8d 100644 --- a/2019/15xxx/CVE-2019-15807.json +++ b/2019/15xxx/CVE-2019-15807.json @@ -81,6 +81,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" + }, + { + "refsource": "CONFIRM", + "name": "https://support.f5.com/csp/article/K52136304?utm_source=f5support&utm_medium=RSS", + "url": "https://support.f5.com/csp/article/K52136304?utm_source=f5support&utm_medium=RSS" } ] } diff --git a/2019/19xxx/CVE-2019-19495.json b/2019/19xxx/CVE-2019-19495.json index e3da64eb250..22a7f57acdc 100644 --- a/2019/19xxx/CVE-2019-19495.json +++ b/2019/19xxx/CVE-2019-19495.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19495", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19495", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://cablehaunt.com", + "url": "https://cablehaunt.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/Lyrebirds/Fast8690-exploit", + "url": "https://github.com/Lyrebirds/Fast8690-exploit" + }, + { + "refsource": "MISC", + "name": "https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf", + "url": "https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf" } ] } diff --git a/2019/2xxx/CVE-2019-2204.json b/2019/2xxx/CVE-2019-2204.json index 204a15093a5..1fe2f39606f 100644 --- a/2019/2xxx/CVE-2019-2204.json +++ b/2019/2xxx/CVE-2019-2204.json @@ -18,6 +18,9 @@ "product_name": "Android", "version": { "version_data": [ + { + "version_value": "Android-8.1" + }, { "version_value": "Android-9" } @@ -45,9 +48,9 @@ "references": { "reference_data": [ { - "refsource": "MISC", - "name": "https://source.android.com/security/bulletin/2019-11-01", - "url": "https://source.android.com/security/bulletin/2019-11-01" + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/2020-01-09", + "url": "https://source.android.com/security/bulletin/2020-01-09" } ] }, @@ -55,7 +58,7 @@ "description_data": [ { "lang": "eng", - "value": "In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-138442295" + "value": "In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8, Android-9 Android ID: A-138442295" } ] } diff --git a/2020/5xxx/CVE-2020-5183.json b/2020/5xxx/CVE-2020-5183.json index 58ce5870e32..f3ad45fe995 100644 --- a/2020/5xxx/CVE-2020-5183.json +++ b/2020/5xxx/CVE-2020-5183.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5183", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5183", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. This memory corruption bug can possibly be classified as a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155832/FTPGetter-Professional-5.97.0.223-Denial-Of-Service.html", + "url": "http://packetstormsecurity.com/files/155832/FTPGetter-Professional-5.97.0.223-Denial-Of-Service.html" + }, + { + "refsource": "EXPLOIT-DB", + "name": "47871", + "url": "https://www.exploit-db.com/exploits/47871" } ] } diff --git a/2020/5xxx/CVE-2020-5510.json b/2020/5xxx/CVE-2020-5510.json index e6c0385ac94..ab539b912d8 100644 --- a/2020/5xxx/CVE-2020-5510.json +++ b/2020/5xxx/CVE-2020-5510.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5510", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5510", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "47854", + "url": "https://www.exploit-db.com/exploits/47854" } ] } diff --git a/2020/5xxx/CVE-2020-5511.json b/2020/5xxx/CVE-2020-5511.json index ff39eb1e4c9..ea921edc0f5 100644 --- a/2020/5xxx/CVE-2020-5511.json +++ b/2020/5xxx/CVE-2020-5511.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5511", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5511", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "47874", + "url": "https://www.exploit-db.com/exploits/47874" } ] } diff --git a/2020/6xxx/CVE-2020-6583.json b/2020/6xxx/CVE-2020-6583.json new file mode 100644 index 00000000000..0d2804a0566 --- /dev/null +++ b/2020/6xxx/CVE-2020-6583.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6583", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file