diff --git a/2013/2xxx/CVE-2013-2257.json b/2013/2xxx/CVE-2013-2257.json index aa31adbcf24..14f2ac02722 100644 --- a/2013/2xxx/CVE-2013-2257.json +++ b/2013/2xxx/CVE-2013-2257.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2257", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cryptocat", + "product": { + "product_data": [ + { + "product_name": "Cryptocat", + "version": { + "version_data": [ + { + "version_value": "before 2.0.42" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Brute Force Weakness" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2013/07/10/15", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2013/07/10/15" + }, + { + "url": "https://tobtu.com/decryptocat.php", + "refsource": "MISC", + "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61087", + "url": "https://www.securityfocus.com/bid/61087" } ] } diff --git a/2013/2xxx/CVE-2013-2258.json b/2013/2xxx/CVE-2013-2258.json index 6d01cc491a7..2023716e186 100644 --- a/2013/2xxx/CVE-2013-2258.json +++ b/2013/2xxx/CVE-2013-2258.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2258", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cryptocat", + "product": { + "product_data": [ + { + "product_name": "Cryptocat", + "version": { + "version_data": [ + { + "version_value": "before 2.0.22" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cryptocat before 2.0.22 has Nickname User Impersonation" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "User Impersonation Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2013/07/10/15", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2013/07/10/15" + }, + { + "url": "https://tobtu.com/decryptocat.php", + "refsource": "MISC", + "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61088", + "url": "https://www.securityfocus.com/bid/61088" } ] } diff --git a/2013/2xxx/CVE-2013-2259.json b/2013/2xxx/CVE-2013-2259.json index 6a05da740fc..2f581fa933b 100644 --- a/2013/2xxx/CVE-2013-2259.json +++ b/2013/2xxx/CVE-2013-2259.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2259", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cryptocat", + "product": { + "product_data": [ + { + "product_name": "Cryptocat", + "version": { + "version_data": [ + { + "version_value": "before 2.0.22" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2013/07/10/15", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2013/07/10/15" + }, + { + "url": "https://tobtu.com/decryptocat.php", + "refsource": "MISC", + "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61089", + "url": "https://www.securityfocus.com/bid/61089" } ] } diff --git a/2013/2xxx/CVE-2013-2260.json b/2013/2xxx/CVE-2013-2260.json index 666bb70ce0f..f3872c65e57 100644 --- a/2013/2xxx/CVE-2013-2260.json +++ b/2013/2xxx/CVE-2013-2260.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2260", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cryptocat", + "product": { + "product_data": [ + { + "product_name": "Cryptocat", + "version": { + "version_data": [ + { + "version_value": "before 2.0.22" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Key Entropy Weakness" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2013/07/10/15", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2013/07/10/15" + }, + { + "url": "https://tobtu.com/decryptocat.php", + "refsource": "MISC", + "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://vuldb.com/?id.9435", + "url": "https://vuldb.com/?id.9435" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61091/info", + "url": "https://www.securityfocus.com/bid/61091/info" } ] } diff --git a/2013/4xxx/CVE-2013-4101.json b/2013/4xxx/CVE-2013-4101.json index 7d1a1a0a0b7..debe85027fa 100644 --- a/2013/4xxx/CVE-2013-4101.json +++ b/2013/4xxx/CVE-2013-4101.json @@ -8,21 +8,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Cryptocat", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "before 2.1.12" + "version_value": "before 2.0.22" } ] } } ] - }, - "vendor_name": "Cryptocat" + } } ] } @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Cryptocat before 2.1.12 has a HTML Handling Weakness via Link Markup Decorator addLinks() Function" + "value": "Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness" } ] }, @@ -61,6 +61,11 @@ "url": "https://tobtu.com/decryptocat.php", "refsource": "MISC", "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61098", + "url": "https://www.securityfocus.com/bid/61098" } ] } diff --git a/2013/4xxx/CVE-2013-4102.json b/2013/4xxx/CVE-2013-4102.json index 945561715c7..b027322ba6f 100644 --- a/2013/4xxx/CVE-2013-4102.json +++ b/2013/4xxx/CVE-2013-4102.json @@ -8,21 +8,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Cryptocat", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "before 2.1.12" + "version_value": "before 2.0.22" } ] } } ] - }, - "vendor_name": "Cryptocat" + } } ] } @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Cryptocat before 2.1.12 has a strophe.js Math.random() Function Random Number Generator Weakness" + "value": "Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness" } ] }, @@ -61,6 +61,16 @@ "url": "https://tobtu.com/decryptocat.php", "refsource": "MISC", "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://vuldb.com/?id.9443", + "url": "https://vuldb.com/?id.9443" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61095", + "url": "https://www.securityfocus.com/bid/61095" } ] } diff --git a/2013/4xxx/CVE-2013-4103.json b/2013/4xxx/CVE-2013-4103.json index a737e46475d..55b338ca518 100644 --- a/2013/4xxx/CVE-2013-4103.json +++ b/2013/4xxx/CVE-2013-4103.json @@ -8,21 +8,21 @@ "vendor": { "vendor_data": [ { + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Cryptocat", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "before 2.1.12" + "version_value": "before 2.0.22" } ] } } ] - }, - "vendor_name": "Cryptocat" + } } ] } @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Cryptocat before 2.1.12 has Remote Script Injection due to improperly sanitizing user input" + "value": "Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input" } ] }, @@ -66,6 +66,16 @@ "url": "https://tobtu.com/decryptocat.php", "refsource": "MISC", "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2013-4103", + "url": "https://packetstormsecurity.com/files/cve/CVE-2013-4103" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61093", + "url": "https://www.securityfocus.com/bid/61093" } ] } diff --git a/2013/4xxx/CVE-2013-4105.json b/2013/4xxx/CVE-2013-4105.json index 3daed246615..36e783530e4 100644 --- a/2013/4xxx/CVE-2013-4105.json +++ b/2013/4xxx/CVE-2013-4105.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4105", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Cryptocat", + "product": { + "product_data": [ + { + "product_name": "Cryptocat", + "version": { + "version_data": [ + { + "version_value": "before 2.0.22" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Plaintext Traffic Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2013/07/10/15", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2013/07/10/15" + }, + { + "url": "https://tobtu.com/decryptocat.php", + "refsource": "MISC", + "name": "https://tobtu.com/decryptocat.php" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/61110", + "url": "https://www.securityfocus.com/bid/61110" } ] } diff --git a/2018/1xxx/CVE-2018-1000.json b/2018/1xxx/CVE-2018-1000.json index ee4e25f1371..44b9aabdba1 100644 --- a/2018/1xxx/CVE-2018-1000.json +++ b/2018/1xxx/CVE-2018-1000.json @@ -140,6 +140,21 @@ "name": "103603", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103603" + }, + { + "refsource": "MLIST", + "name": "[lucene-solr-user] 20190103 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", + "url": "https://lists.apache.org/thread.html/6c9991dbcb7358e18a46cd113fa0fd7586eaf312b1c7f7d4cdb16fa1@%3Csolr-user.lucene.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", + "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[lucene-solr-user] 20190103 SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", + "url": "https://lists.apache.org/thread.html/83315d9b28d9010eeeec360f3295105354b8ff30d94e75b5c67c13ac@%3Csolr-user.lucene.apache.org%3E" } ] } diff --git a/2019/13xxx/CVE-2019-13496.json b/2019/13xxx/CVE-2019-13496.json new file mode 100644 index 00000000000..3938520d934 --- /dev/null +++ b/2019/13xxx/CVE-2019-13496.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.oneidentity.com/cloud-access-manager/kb/311391/cloud-access-manager-8-1-4-hotfix-1", + "url": "https://support.oneidentity.com/cloud-access-manager/kb/311391/cloud-access-manager-8-1-4-hotfix-1" + }, + { + "refsource": "MISC", + "name": "https://github.com/FurqanKhan1/CVE-2019-13496", + "url": "https://github.com/FurqanKhan1/CVE-2019-13496" + } + ] + } +} \ No newline at end of file