admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-07 21:47:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2019-02-28 13:04:56 -05:00
parent 457bf888fa
commit 0f2b1eb54e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
295 changed files with 6838 additions and 2070 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2018/11xxx/CVE-2018-11289.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Data truncation during higher to lower type conversion which causes less memory allocation than desired can leads to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130"
"value" : "Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130."
}
]
},
@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11820.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11845.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11864.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11931.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11932.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11935.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11938.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11945.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

5
2018/11xxx/CVE-2018-11948.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

123
2018/12xxx/CVE-2018-12388.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1472639%2C1485698%2C1301547%2C1471427%2C1379411%2C1482122%2C1486314%2C1487167"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12388",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12388",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 63"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox 63"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1472639%2C1485698%2C1301547%2C1471427%2C1379411%2C1482122%2C1486314%2C1487167",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1472639%2C1485698%2C1301547%2C1471427%2C1379411%2C1482122%2C1486314%2C1487167"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

153
2018/12xxx/CVE-2018-12389.json
View File

@ -1,77 +1,84 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-28/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1498460%2C1499198"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12389",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12389",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox ESR 60.3"
"product" : {
"product_data" : [
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.3 and Thunderbird < 60.3."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox ESR 60.3"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1498460%2C1499198",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1498460%2C1499198"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-28/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-28/"
}
]
}
}

183
2018/12xxx/CVE-2018-12390.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-28/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1487098%2C1487660%2C1490234%2C1496159%2C1443748%2C1496340%2C1483905%2C1493347%2C1488803%2C1498701%2C1498482%2C1442010%2C1495245%2C1483699%2C1469486%2C1484905%2C1490561%2C1492524%2C1481844"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12390",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12390",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1487098%2C1487660%2C1490234%2C1496159%2C1443748%2C1496340%2C1483905%2C1493347%2C1488803%2C1498701%2C1498482%2C1442010%2C1495245%2C1483699%2C1469486%2C1484905%2C1490561%2C1492524%2C1481844",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1487098%2C1487660%2C1490234%2C1496159%2C1443748%2C1496340%2C1483905%2C1493347%2C1488803%2C1498701%2C1498482%2C1442010%2C1495245%2C1483699%2C1469486%2C1484905%2C1490561%2C1492524%2C1481844"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-28/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-28/"
}
]
}
}

183
2018/12xxx/CVE-2018-12391.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-28/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1478843"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12391",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12391",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "HTTP Live Stream audio data is accessible cross-origin"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "HTTP Live Stream audio data is accessible cross-origin"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1478843",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1478843"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-28/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-28/"
}
]
}
}

183
2018/12xxx/CVE-2018-12392.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-28/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1492823"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12392",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12392",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Crash with nested event loops"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Crash with nested event loops"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1492823",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1492823"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-28/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-28/"
}
]
}
}

183
2018/12xxx/CVE-2018-12393.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-28/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1495011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12393",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12393",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Integer overflow during Unicode conversion while loading JavaScript"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit builds are not vulnerable to this issue.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer overflow during Unicode conversion while loading JavaScript"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1495011",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1495011"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-28/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-28/"
}
]
}
}

153
2018/12xxx/CVE-2018-12395.json
View File

@ -1,77 +1,84 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1467523"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12395",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12395",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "WebExtension bypass of domain restrictions through header rewriting"
"product" : {
"product_data" : [
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebExtension bypass of domain restrictions through header rewriting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1467523",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1467523"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
}
]
}
}

153
2018/12xxx/CVE-2018-12396.json
View File

@ -1,77 +1,84 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1483602"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12396",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12396",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "WebExtension content scripts can execute in disallowed contexts"
"product" : {
"product_data" : [
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebExtension content scripts can execute in disallowed contexts"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1483602",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1483602"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
}
]
}
}

153
2018/12xxx/CVE-2018-12397.json
View File

@ -1,77 +1,84 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-27/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1487478"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A WebExtension can request access to local files without the warning prompt stating that the extension will \"Access your data for all websites\" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.3"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12397",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12397",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Missing warning prompt when WebExtension requests local file access"
"product" : {
"product_data" : [
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.3"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A WebExtension can request access to local files without the warning prompt stating that the extension will \"Access your data for all websites\" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing warning prompt when WebExtension requests local file access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1487478",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1487478"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-27/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-27/"
}
]
}
}

131
2018/12xxx/CVE-2018-12398.json
View File

@ -1,66 +1,73 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1460538"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1488061"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12398",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12398",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "CSP bypass through stylesheet injection in resource URIs"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security Policy (CSP). This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CSP bypass through stylesheet injection in resource URIs"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1460538",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1460538"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1488061",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1488061"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

123
2018/12xxx/CVE-2018-12399.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1490276"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12399",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12399",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Spoofing of protocol registration notification bar"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Spoofing of protocol registration notification bar"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1490276",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1490276"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

123
2018/12xxx/CVE-2018-12400.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1448305"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12400",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12400",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Favicons are cached in private browsing mode on Firefox for Android"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Favicons are cached in private browsing mode on Firefox for Android"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1448305",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1448305"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

123
2018/12xxx/CVE-2018-12401.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1422456"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12401",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12401",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "DOS attack through special resource URI parsing"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DOS attack through special resource URI parsing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1422456",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1422456"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

131
2018/12xxx/CVE-2018-12402.json
View File

@ -1,66 +1,73 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1447087"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1469916"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of \"Save Page As...\" functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the \"Save Page As...\" menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12402",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12402",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "WebBrowserPersist uses incorrect origin information"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of \"Save Page As...\" functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resources otherwise unreachable to the malicious page, if they can convince the visitor to save the complete web page. Similarly, SameSite cookies are sent on cross-origin requests when the \"Save Page As...\" menu item is selected to save a page, which can result in saving the wrong version of resources based on those cookies. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebBrowserPersist uses incorrect origin information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1447087",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1447087"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1469916",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1469916"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

123
2018/12xxx/CVE-2018-12403.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-26/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1484753"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "63"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12403",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12403",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "63"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1484753",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1484753"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-26/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-26/"
}
]
}
}

183
2018/12xxx/CVE-2018-12405.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Thunderbird"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12405",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12405",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 64, Firefox ESR 60.4, and Thunderbird 60.4"
"product" : {
"product_data" : [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox 64, Firefox ESR 60.4, and Thunderbird 60.4"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-30/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-31/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-31/"
}
]
}
}

123
2018/12xxx/CVE-2018-12406.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12406",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12406",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Memory safety bugs fixed in Firefox 64"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox 64"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1456947%2C1475669%2C1504816%2C1502886%2C1500064%2C1500310%2C1500696%2C1499198%2C1434490%2C1481745%2C1458129"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
}
]
}
}

123
2018/12xxx/CVE-2018-12407.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1505973"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-12407",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-12407",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Buffer overflow with ANGLE library when using VertexBuffer11 module"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. This vulnerability affects Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overflow with ANGLE library when using VertexBuffer11 module"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1505973",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1505973"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
}
]
}
}

5
2018/13xxx/CVE-2018-13900.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin",
"refsource" : "CONFIRM",
"url" : "https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin"
},
{
"name" : "106949",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106949"
}
]
}

5
2018/13xxx/CVE-2018-13904.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

7
2018/13xxx/CVE-2018-13905.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, SD 210/SD 212/SD 205, SD 439 / SD 429, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24"
"value" : "KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, SD 210/SD 212/SD 205, SD 439 / SD 429, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24."
}
]
},
@ -56,6 +56,11 @@
"name" : "https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin",
"refsource" : "CONFIRM",
"url" : "https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin"
},
{
"name" : "106949",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106949"
}
]
}

2
2018/13xxx/CVE-2018-13912.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Arbitrary write issue occur when user provides kernel address In compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24"
"value" : "Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24."
}
]
},

2
2018/13xxx/CVE-2018-13913.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24"
"value" : "Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24."
}
]
},

2
2018/13xxx/CVE-2018-13914.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 636, SD 820A, SD 835, SDM630, SDM660, SDX20"
"value" : "Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 636, SD 820A, SD 835, SDM630, SDM660, SDX20."
}
]
},

183
2018/18xxx/CVE-2018-18492.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1499861"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Thunderbird"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18492",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18492",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Use-after-free with select element"
"product" : {
"product_data" : [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use-after-free with select element"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1499861",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1499861"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-30/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-31/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-31/"
}
]
}
}

183
2018/18xxx/CVE-2018-18493.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1504452"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Thunderbird"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18493",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18493",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Buffer overflow in accelerated 2D canvas with Skia"
"product" : {
"product_data" : [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overflow in accelerated 2D canvas with Skia"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1504452",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1504452"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-30/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-31/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-31/"
}
]
}
}

183
2018/18xxx/CVE-2018-18494.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1487964"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Thunderbird"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18494",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18494",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs"
"product" : {
"product_data" : [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1487964",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1487964"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-30/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-31/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-31/"
}
]
}
}

123
2018/18xxx/CVE-2018-18495.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1427585"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18495",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18495",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "WebExtension content scripts can be loaded in about: pages"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebExtension content scripts can be loaded in about: pages"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1427585",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1427585"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
}
]
}
}

123
2018/18xxx/CVE-2018-18496.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1422231"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18496",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18496",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Embedded feed preview page can be abused for clickjacking"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*. This vulnerability affects Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Embedded feed preview page can be abused for clickjacking"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1422231",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1422231"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
}
]
}
}

123
2018/18xxx/CVE-2018-18497.json
View File

@ -1,63 +1,68 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1488180"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18497",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18497",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "WebExtensions can load arbitrary URLs through pipe separators"
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebExtensions can load arbitrary URLs through pipe separators"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1488180",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1488180"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
}
]
}
}

183
2018/18xxx/CVE-2018-18498.json
View File

@ -1,91 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-31/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1500011"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Thunderbird"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "60.4"
}
]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "64"
}
]
},
"product_name": "Firefox"
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18498",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18498",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "Integer overflow when calculating buffer sizes for images"
"product" : {
"product_data" : [
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.4"
}
]
}
},
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "64"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64."
}
]
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer overflow when calculating buffer sizes for images"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1500011",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1500011"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-29/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-29/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-30/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-30/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-31/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-31/"
}
]
}
}

171
2018/18xxx/CVE-2018-18499.json
View File

@ -1,75 +1,100 @@
{
"data_version": "4.0",
"references": {
"reference_data": [{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-25/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-21/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2018-20/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1468523"
}
]
},
"description": {
"description_data": [{
"lang": "eng",
"value": "A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv=\"refresh\" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1."
}]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [{
"product": {
"product_data": [{
"version": {
"version_data": [{
"version_affected": "<",
"version_value": "62"
}]
},
"product_name": "Firefox"
},
{
"version": {
"version_data": [{
"version_affected": "<",
"version_value": "60.2"
}]
},
"product_name": "Firefox ESR"
},
{
"version": {
"version_data": [{
"version_affected": "<",
"version_value": "60.2.1"
}]
},
"product_name": "Thunderbird"
}
]
},
"vendor_name": "Mozilla"
}]
}
},
"CVE_data_meta": {
"ID": "CVE-2018-18499",
"ASSIGNER": "security@mozilla.org"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [{
"description": [{
"lang": "eng",
"value": "Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs"
}]
}]
}
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-18499",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "62"
}
]
}
},
{
"product_name" : "Firefox ESR",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.2"
}
]
}
},
{
"product_name" : "Thunderbird",
"version" : {
"version_data" : [
{
"version_affected" : "<",
"version_value" : "60.2.1"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv=\"refresh\" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1468523",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1468523"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-20/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-20/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-21/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-21/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-25/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-25/"
}
]
}
}

5
2018/5xxx/CVE-2018-5839.json
View File

@ -56,6 +56,11 @@
"name" : "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins"
},
{
"name" : "106845",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106845"
}
]
}

212
2019/1xxx/CVE-2019-1663.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-02-27T16:00:00-0800",
"ID": "CVE-2019-1663",
"STATE": "PUBLIC",
"TITLE": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RV110W Wireless-N VPN Firewall",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.2.2.1"
}
]
}
},
{
"product_name": "RV130W Wireless-N Multifunction VPN Router",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.0.3.45"
}
]
}
},
{
"product_name": "RV215W Wireless-N VPN Router",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "1.3.1.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"DATE_PUBLIC" : "2019-02-27T16:00:00-0800",
"ID" : "CVE-2019-1663",
"STATE" : "PUBLIC",
"TITLE" : "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018. "
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product" : {
"product_data" : [
{
"product_name" : "RV110W Wireless-N VPN Firewall",
"version" : {
"version_data" : [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
}
]
},
"source": {
"advisory": "cisco-sa-20190227-rmi-cmd-ex",
"defect": [
[
"CSCvn18638",
"CSCvn18639",
"CSCvn18642"
"affected" : "<",
"version_value" : "1.2.2.1"
}
]
}
},
{
"product_name" : "RV130W Wireless-N Multifunction VPN Router",
"version" : {
"version_data" : [
{
"affected" : "<",
"version_value" : "1.0.3.45"
}
]
}
},
{
"product_name" : "RV215W Wireless-N VPN Router",
"version" : {
"version_data" : [
{
"affected" : "<",
"version_value" : "1.3.1.1"
}
]
}
}
]
],
"discovery": "INTERNAL"
}
},
"vendor_name" : "Cisco"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "9.8",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-119"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
"refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
}
]
},
"source" : {
"advisory" : "cisco-sa-20190227-rmi-cmd-ex",
"defect" : [
[
"CSCvn18638",
"CSCvn18639",
"CSCvn18642"
]
],
"discovery" : "INTERNAL"
}
}

194
2019/1xxx/CVE-2019-1674.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-02-27T16:00:00-0800",
"ID": "CVE-2019-1674",
"STATE": "PUBLIC",
"TITLE": "Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Webex Meetings Desktop App ",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "33.6.6"
},
{
"affected": "<",
"version_value": "33.9.1"
}
]
}
},
{
"product_name": "Cisco Webex Productivity Tools",
"version": {
"version_data": [
{
"affected": "<",
"version_value": "33.0.7"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
"CVE_data_meta" : {
"ASSIGNER" : "psirt@cisco.com",
"DATE_PUBLIC" : "2019-02-27T16:00:00-0800",
"ID" : "CVE-2019-1674",
"STATE" : "PUBLIC",
"TITLE" : "Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection Vulnerability"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools. This vulnerability is fixed in Cisco Webex Meetings Desktop App Release 33.6.6 and 33.9.1 releases. This vulnerability is fixed in Cisco Webex Productivity Tools Release 33.0.7. "
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "7.8",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product" : {
"product_data" : [
{
"product_name" : "Cisco Webex Meetings Desktop App ",
"version" : {
"version_data" : [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190227 Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-wmda-cmdinj"
}
]
},
"source": {
"advisory": "cisco-sa-20190227-wmda-cmdinj",
"defect": [
[
"CSCvn55874"
"affected" : "<",
"version_value" : "33.6.6"
},
{
"affected" : "<",
"version_value" : "33.9.1"
}
]
}
},
{
"product_name" : "Cisco Webex Productivity Tools",
"version" : {
"version_data" : [
{
"affected" : "<",
"version_value" : "33.0.7"
}
]
}
}
]
],
"discovery": "INTERNAL"
}
},
"vendor_name" : "Cisco"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools. This vulnerability is fixed in Cisco Webex Meetings Desktop App Release 33.6.6 and 33.9.1 releases. This vulnerability is fixed in Cisco Webex Productivity Tools Release 33.0.7."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "7.8",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-78"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20190227 Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools Update Service Command Injection Vulnerability",
"refsource" : "CISCO",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-wmda-cmdinj"
}
]
},
"source" : {
"advisory" : "cisco-sa-20190227-wmda-cmdinj",
"defect" : [
[
"CSCvn55874"
]
],
"discovery" : "INTERNAL"
}
}

18
2019/9xxx/CVE-2019-9232.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9232",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9233.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9233",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9234.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9234",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9235.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9235",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9236.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9236",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9237.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9237",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9238.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9238",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9239.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9239",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9240.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9240",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9241.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9241",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9242.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9242",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9243.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9243",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9244.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9244",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9245.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9245",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9246.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9246",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9247.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9247",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9248.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9248",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9249.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9249",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9250.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9250",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9251.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9251",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9252.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9252",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9253.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9253",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9254.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9254",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9255.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9255",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9256.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9256",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9257.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9257",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9258.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9258",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9259.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9259",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9260.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9260",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9261.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9261",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9262.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9262",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9263.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9263",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9264.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9264",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9265.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9265",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9266.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9266",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9267.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9267",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9268.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9268",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9269.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9269",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9270.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9270",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9271.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9271",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9272.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9272",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9273.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9273",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9274.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9274",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9275.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9275",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9276.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9276",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9277.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9277",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9278.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9278",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9279.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9279",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9280.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9280",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9281.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9281",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9282.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9282",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9283.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9283",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9284.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9284",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9285.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9285",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/9xxx/CVE-2019-9286.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9286",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

Some files were not shown because too many files have changed in this diff Show More