diff --git a/2017/9xxx/CVE-2017-9809.json b/2017/9xxx/CVE-2017-9809.json index 2c58631f511..97d19a8b113 100644 --- a/2017/9xxx/CVE-2017-9809.json +++ b/2017/9xxx/CVE-2017-9809.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-9809", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://ox.com", + "refsource": "MISC", + "name": "http://ox.com" + }, + { + "refsource": "CONFIRM", + "name": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html", + "url": "https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html" } ] } diff --git a/2018/12xxx/CVE-2018-12886.json b/2018/12xxx/CVE-2018-12886.json index cb1962b2249..4a3cc5fdcfa 100644 --- a/2018/12xxx/CVE-2018-12886.json +++ b/2018/12xxx/CVE-2018-12886.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12886", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.gnu.org/software/gcc/gcc-8/changes.html", + "refsource": "MISC", + "name": "https://www.gnu.org/software/gcc/gcc-8/changes.html" + }, + { + "refsource": "CONFIRM", + "name": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup", + "url": "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379&view=markup" } ] } diff --git a/2019/5xxx/CVE-2019-5625.json b/2019/5xxx/CVE-2019-5625.json index 8826dc3d210..9a2acbdacb1 100644 --- a/2019/5xxx/CVE-2019-5625.json +++ b/2019/5xxx/CVE-2019-5625.json @@ -9,6 +9,7 @@ "vendor": { "vendor_data": [ { + "vendor_name": "Eaton", "product": { "product_data": [ { @@ -16,15 +17,13 @@ "version": { "version_data": [ { - "version_affected": "<", - "version_value": "1.11.0" + "version_value": "before 1.11.0" } ] } } ] - }, - "vendor_name": "Eaton" + } } ] } @@ -42,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "The Android mobile application Halo Home stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by reusing the stored OAuth token, thus allowing them to view and change the user's personal information stored in the backend cloud service. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app." + "value": "The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by reusing the stored OAuth token, thus allowing them to view and change the user's personal information stored in the backend cloud service. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app." } ] }, @@ -81,11 +80,13 @@ "reference_data": [ { "refsource": "MISC", - "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" + "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/", + "name": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" }, { - "refsource": "CONFIRM", - "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/CVE-2019-5625-Halo-home-smart-lighting-vulnerability-advisory.pdf" + "refsource": "MISC", + "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/CVE-2019-5625-Halo-home-smart-lighting-vulnerability-advisory.pdf", + "name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/CVE-2019-5625-Halo-home-smart-lighting-vulnerability-advisory.pdf" } ] }, @@ -99,4 +100,4 @@ "advisory": "R7-2019-07.1", "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5626.json b/2019/5xxx/CVE-2019-5626.json index 78ee9b87405..57390d11a20 100644 --- a/2019/5xxx/CVE-2019-5626.json +++ b/2019/5xxx/CVE-2019-5626.json @@ -9,6 +9,7 @@ "vendor": { "vendor_data": [ { + "vendor_name": "BlueCats", "product": { "product_data": [ { @@ -16,15 +17,13 @@ "version": { "version_data": [ { - "version_affected": "<", - "version_value": "3.0.19" + "version_value": "before 3.0.19" } ] } } ] - }, - "vendor_name": "BlueCats" + } } ] } @@ -42,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "The Android mobile application BlueCats Reveal stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage (30 days of no user activity). This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app." + "value": "The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage (30 days of no user activity). This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the Android device or compromise it with a malicious app." } ] }, @@ -81,11 +80,13 @@ "reference_data": [ { "refsource": "MISC", - "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" + "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/", + "name": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" }, { - "refsource": "CONFIRM", - "url": "https://play.google.com/store/apps/details?id=com.bluecats.bcreveal" + "refsource": "MISC", + "url": "https://play.google.com/store/apps/details?id=com.bluecats.bcreveal", + "name": "https://play.google.com/store/apps/details?id=com.bluecats.bcreveal" } ] }, @@ -99,4 +100,4 @@ "advisory": "R7-2018-65.1", "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5627.json b/2019/5xxx/CVE-2019-5627.json index efc5cb699b8..2ffcb6a3236 100644 --- a/2019/5xxx/CVE-2019-5627.json +++ b/2019/5xxx/CVE-2019-5627.json @@ -9,6 +9,7 @@ "vendor": { "vendor_data": [ { + "vendor_name": "BlueCats", "product": { "product_data": [ { @@ -16,15 +17,13 @@ "version": { "version_data": [ { - "version_affected": "<", - "version_value": "5.14" + "version_value": "before 5.14" } ] } } ] - }, - "vendor_name": "BlueCats" + } } ] } @@ -42,7 +41,7 @@ "description_data": [ { "lang": "eng", - "value": "The iOS mobile application BlueCats Reveal stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the iOS device or compromise it with a malicious app." + "value": "The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The attacker would first need to gain physical control of the iOS device or compromise it with a malicious app." } ] }, @@ -81,11 +80,13 @@ "reference_data": [ { "refsource": "MISC", - "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" + "url": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/", + "name": "https://blog.rapid7.com/2019/05/21/investigating-the-plumbing-of-the-iot-ecosystem-r7-2018-65-r7-2019-07-fixed/" }, { - "refsource": "CONFIRM", - "url": "https://itunes.apple.com/us/app/bc-reveal/id852676494" + "refsource": "MISC", + "url": "https://itunes.apple.com/us/app/bc-reveal/id852676494", + "name": "https://itunes.apple.com/us/app/bc-reveal/id852676494" } ] }, @@ -99,4 +100,4 @@ "advisory": "R7-2018-65.2", "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7834.json b/2019/7xxx/CVE-2019-7834.json index e7f96881999..3bd9233ffc1 100644 --- a/2019/7xxx/CVE-2019-7834.json +++ b/2019/7xxx/CVE-2019-7834.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7834", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7834", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7835.json b/2019/7xxx/CVE-2019-7835.json index 334569497ce..ee2416fdd39 100644 --- a/2019/7xxx/CVE-2019-7835.json +++ b/2019/7xxx/CVE-2019-7835.json @@ -1,18 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7835", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html" + }, + { + "refsource": "BID", + "name": "108320", + "url": "http://www.securityfocus.com/bid/108320" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7835", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7836.json b/2019/7xxx/CVE-2019-7836.json index bdceb2fdbf2..7c3af34a86a 100644 --- a/2019/7xxx/CVE-2019-7836.json +++ b/2019/7xxx/CVE-2019-7836.json @@ -1,18 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7836", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html" + }, + { + "refsource": "BID", + "name": "108326", + "url": "http://www.securityfocus.com/bid/108326" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7836", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7837.json b/2019/7xxx/CVE-2019-7837.json index 9aca0c898a2..f6e8acb198d 100644 --- a/2019/7xxx/CVE-2019-7837.json +++ b/2019/7xxx/CVE-2019-7837.json @@ -1,18 +1,77 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7837", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 \u202fand earlier versions" + } + ] + }, + "product_name": "Adobe Flash Player" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/flash-player/apsb19-26.html" + }, + { + "refsource": "BID", + "name": "108312", + "url": "http://www.securityfocus.com/bid/108312" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-498/" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1234", + "url": "https://access.redhat.com/errata/RHSA-2019:1234" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7837", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7841.json b/2019/7xxx/CVE-2019-7841.json index 2f1725a1d90..977f3d5113e 100644 --- a/2019/7xxx/CVE-2019-7841.json +++ b/2019/7xxx/CVE-2019-7841.json @@ -1,18 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7841", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html" + }, + { + "refsource": "BID", + "name": "108326", + "url": "http://www.securityfocus.com/bid/108326" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7841", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7842.json b/2019/7xxx/CVE-2019-7842.json index 2382c579ad2..b78c7d4cf81 100644 --- a/2019/7xxx/CVE-2019-7842.json +++ b/2019/7xxx/CVE-2019-7842.json @@ -1,18 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7842", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "13.0.2 versions" + } + ] + }, + "product_name": "Adobe Media Encoder" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-After-Free" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/media-encoder/apsb19-29.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/media-encoder/apsb19-29.html" + }, + { + "refsource": "BID", + "name": "108317", + "url": "http://www.securityfocus.com/bid/108317" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-477/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-477/" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7842", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7844.json b/2019/7xxx/CVE-2019-7844.json index 59ead8ac4ca..5e16d20b192 100644 --- a/2019/7xxx/CVE-2019-7844.json +++ b/2019/7xxx/CVE-2019-7844.json @@ -1,18 +1,72 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7844", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "13.0.2 versions" + } + ] + }, + "product_name": "Adobe Media Encoder" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/media-encoder/apsb19-29.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/media-encoder/apsb19-29.html" + }, + { + "refsource": "BID", + "name": "108318", + "url": "http://www.securityfocus.com/bid/108318" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-476/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-476/" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7844", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file