diff --git a/2019/7xxx/CVE-2019-7291.json b/2019/7xxx/CVE-2019-7291.json index 3b37e1291d5..b2b2f2b0ffa 100644 --- a/2019/7xxx/CVE-2019-7291.json +++ b/2019/7xxx/CVE-2019-7291.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7291", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7291", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged position may be able to perform a denial of service attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack." } ] } diff --git a/2019/8xxx/CVE-2019-8528.json b/2019/8xxx/CVE-2019-8528.json index cf8ff0eec6f..00431b4afc2 100644 --- a/2019/8xxx/CVE-2019-8528.json +++ b/2019/8xxx/CVE-2019-8528.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8528", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8528", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8534.json b/2019/8xxx/CVE-2019-8534.json index 29b1d686ebb..ad67dfad862 100644 --- a/2019/8xxx/CVE-2019-8534.json +++ b/2019/8xxx/CVE-2019-8534.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8534", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8534", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8538.json b/2019/8xxx/CVE-2019-8538.json index 14fd1ecde82..d59976e9e6a 100644 --- a/2019/8xxx/CVE-2019-8538.json +++ b/2019/8xxx/CVE-2019-8538.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8538", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8538", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted vcf file may lead to a denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial of service issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. Processing a maliciously crafted vcf file may lead to a denial of service." } ] } diff --git a/2019/8xxx/CVE-2019-8539.json b/2019/8xxx/CVE-2019-8539.json index 173464558f4..4886dfbaee8 100644 --- a/2019/8xxx/CVE-2019-8539.json +++ b/2019/8xxx/CVE-2019-8539.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8539", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8539", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210348", + "name": "https://support.apple.com/en-us/HT210348" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8547.json b/2019/8xxx/CVE-2019-8547.json index b6ae7bf7296..6b5ab1e2eed 100644 --- a/2019/8xxx/CVE-2019-8547.json +++ b/2019/8xxx/CVE-2019-8547.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8547", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8547", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to leak memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory." } ] } diff --git a/2019/8xxx/CVE-2019-8564.json b/2019/8xxx/CVE-2019-8564.json index db2e7ee2e66..91a6c8aaafd 100644 --- a/2019/8xxx/CVE-2019-8564.json +++ b/2019/8xxx/CVE-2019-8564.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8564", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8564", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position can modify driver state" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state." } ] } diff --git a/2019/8xxx/CVE-2019-8569.json b/2019/8xxx/CVE-2019-8569.json index 4f6ac523c3a..e2d349c385e 100644 --- a/2019/8xxx/CVE-2019-8569.json +++ b/2019/8xxx/CVE-2019-8569.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8569", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8569", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8570.json b/2019/8xxx/CVE-2019-8570.json index c829384c2a4..4357eea43e9 100644 --- a/2019/8xxx/CVE-2019-8570.json +++ b/2019/8xxx/CVE-2019-8570.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8570", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8570", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.1" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.0" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.9" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may disclose sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209443", + "name": "https://support.apple.com/en-us/HT209443" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209447", + "name": "https://support.apple.com/en-us/HT209447" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209449", + "name": "https://support.apple.com/en-us/HT209449" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209450", + "name": "https://support.apple.com/en-us/HT209450" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209451", + "name": "https://support.apple.com/en-us/HT209451" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information." } ] } diff --git a/2019/8xxx/CVE-2019-8572.json b/2019/8xxx/CVE-2019-8572.json index 04198d015c9..62c2ded2e34 100644 --- a/2019/8xxx/CVE-2019-8572.json +++ b/2019/8xxx/CVE-2019-8572.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8572", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8572", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8573.json b/2019/8xxx/CVE-2019-8573.json index 6038d27f9f9..4d8a53854da 100644 --- a/2019/8xxx/CVE-2019-8573.json +++ b/2019/8xxx/CVE-2019-8573.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8573", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8573", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause a system denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210122", + "name": "https://support.apple.com/en-us/HT210122" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service." } ] } diff --git a/2019/8xxx/CVE-2019-8575.json b/2019/8xxx/CVE-2019-8575.json index 039feb7b61e..1e3fb62ee5d 100644 --- a/2019/8xxx/CVE-2019-8575.json +++ b/2019/8xxx/CVE-2019-8575.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8575", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8575", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A base station factory reset may not delete all user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information." } ] } diff --git a/2019/8xxx/CVE-2019-8578.json b/2019/8xxx/CVE-2019-8578.json index 0ba3bdacb64..b6d6aff8a40 100644 --- a/2019/8xxx/CVE-2019-8578.json +++ b/2019/8xxx/CVE-2019-8578.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8578", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8578", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8579.json b/2019/8xxx/CVE-2019-8579.json index aff8d379a24..cd2aa7bb3d2 100644 --- a/2019/8xxx/CVE-2019-8579.json +++ b/2019/8xxx/CVE-2019-8579.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8579", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8579", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to gain elevated privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to gain elevated privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8580.json b/2019/8xxx/CVE-2019-8580.json index 7683df2736e..8f4498f740a 100644 --- a/2019/8xxx/CVE-2019-8580.json +++ b/2019/8xxx/CVE-2019-8580.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8580", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8580", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Source-routed IPv4 packets may be unexpectedly accepted" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted." } ] } diff --git a/2019/8xxx/CVE-2019-8581.json b/2019/8xxx/CVE-2019-8581.json index 6d48d3d0d2b..157ddfdc5db 100644 --- a/2019/8xxx/CVE-2019-8581.json +++ b/2019/8xxx/CVE-2019-8581.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8581", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8581", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to leak memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory." } ] } diff --git a/2019/8xxx/CVE-2019-8582.json b/2019/8xxx/CVE-2019-8582.json index 230bcfa4189..74367019cc0 100644 --- a/2019/8xxx/CVE-2019-8582.json +++ b/2019/8xxx/CVE-2019-8582.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8582", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8582", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.9" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.12" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted font may result in the disclosure of process memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210120", + "name": "https://support.apple.com/en-us/HT210120" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210124", + "name": "https://support.apple.com/en-us/HT210124" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210125", + "name": "https://support.apple.com/en-us/HT210125" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory." } ] } diff --git a/2019/8xxx/CVE-2019-8588.json b/2019/8xxx/CVE-2019-8588.json index 2e07c0c6d6f..442ae1f42d2 100644 --- a/2019/8xxx/CVE-2019-8588.json +++ b/2019/8xxx/CVE-2019-8588.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8588", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8588", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.9" + } + ] + } + }, + { + "product_name": "AirPort Base Station Firmware Update", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause a system denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210090", + "name": "https://support.apple.com/en-us/HT210090" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210091", + "name": "https://support.apple.com/en-us/HT210091" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service." } ] } diff --git a/2019/8xxx/CVE-2019-8592.json b/2019/8xxx/CVE-2019-8592.json index 371b8a53792..452dcead2ec 100644 --- a/2019/8xxx/CVE-2019-8592.json +++ b/2019/8xxx/CVE-2019-8592.json @@ -1,17 +1,174 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8592", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8592", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Playing a malicious audio file may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210122", + "name": "https://support.apple.com/en-us/HT210122" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210120", + "name": "https://support.apple.com/en-us/HT210120" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8612.json b/2019/8xxx/CVE-2019-8612.json index 8e55678a3ce..b86ab20d800 100644 --- a/2019/8xxx/CVE-2019-8612.json +++ b/2019/8xxx/CVE-2019-8612.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8612", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8612", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position can modify driver state" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210122", + "name": "https://support.apple.com/en-us/HT210122" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210120", + "name": "https://support.apple.com/en-us/HT210120" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. An attacker in a privileged network position can modify driver state." } ] } diff --git a/2019/8xxx/CVE-2019-8618.json b/2019/8xxx/CVE-2019-8618.json index 4f74fdf454d..edadb7457c1 100644 --- a/2019/8xxx/CVE-2019-8618.json +++ b/2019/8xxx/CVE-2019-8618.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8618", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8618", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A sandboxed process may be able to circumvent sandbox restrictions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions." } ] } diff --git a/2019/8xxx/CVE-2019-8631.json b/2019/8xxx/CVE-2019-8631.json index 4f333465fbe..345b77dc706 100644 --- a/2019/8xxx/CVE-2019-8631.json +++ b/2019/8xxx/CVE-2019-8631.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8631", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8631", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Users removed from an iMessage conversation may still be able to alter state" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210120", + "name": "https://support.apple.com/en-us/HT210120" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3. Users removed from an iMessage conversation may still be able to alter state." } ] } diff --git a/2019/8xxx/CVE-2019-8633.json b/2019/8xxx/CVE-2019-8633.json index 67ebff01346..4f528fb4fda 100644 --- a/2019/8xxx/CVE-2019-8633.json +++ b/2019/8xxx/CVE-2019-8633.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8633", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8633", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to read restricted memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210118", + "name": "https://support.apple.com/en-us/HT210118" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210120", + "name": "https://support.apple.com/en-us/HT210120" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210353", + "name": "https://support.apple.com/en-us/HT210353" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory." } ] } diff --git a/2019/8xxx/CVE-2019-8638.json b/2019/8xxx/CVE-2019-8638.json index 088dac63f15..02d4b456be6 100644 --- a/2019/8xxx/CVE-2019-8638.json +++ b/2019/8xxx/CVE-2019-8638.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8638", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8638", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.9" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209603", + "name": "https://support.apple.com/en-us/HT209603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209604", + "name": "https://support.apple.com/en-us/HT209604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209605", + "name": "https://support.apple.com/en-us/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8639.json b/2019/8xxx/CVE-2019-8639.json index a921cafa8de..fbf0a6d6f14 100644 --- a/2019/8xxx/CVE-2019-8639.json +++ b/2019/8xxx/CVE-2019-8639.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8639", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8639", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.9" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209599", + "name": "https://support.apple.com/en-us/HT209599" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209602", + "name": "https://support.apple.com/en-us/HT209602" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209603", + "name": "https://support.apple.com/en-us/HT209603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209604", + "name": "https://support.apple.com/en-us/HT209604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209605", + "name": "https://support.apple.com/en-us/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8640.json b/2019/8xxx/CVE-2019-8640.json index eae45165325..3bc62a34ae0 100644 --- a/2019/8xxx/CVE-2019-8640.json +++ b/2019/8xxx/CVE-2019-8640.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8640", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8640", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A sandboxed process may be able to circumvent sandbox restrictions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210119", + "name": "https://support.apple.com/en-us/HT210119" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions." } ] } diff --git a/2019/8xxx/CVE-2019-8642.json b/2019/8xxx/CVE-2019-8642.json index 0e01f540a5e..83f49bf45fe 100644 --- a/2019/8xxx/CVE-2019-8642.json +++ b/2019/8xxx/CVE-2019-8642.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8642", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8642", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted mail message may lead to S/MIME signature spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing." } ] } diff --git a/2019/8xxx/CVE-2019-8645.json b/2019/8xxx/CVE-2019-8645.json index 0cc905d64cc..3520d2a5774 100644 --- a/2019/8xxx/CVE-2019-8645.json +++ b/2019/8xxx/CVE-2019-8645.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8645", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8645", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail." } ] } diff --git a/2019/8xxx/CVE-2019-8656.json b/2019/8xxx/CVE-2019-8656.json index d25866992e0..26811e929a2 100644 --- a/2019/8xxx/CVE-2019-8656.json +++ b/2019/8xxx/CVE-2019-8656.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8656", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8656", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210348", + "name": "https://support.apple.com/en-us/HT210348" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper." } ] } diff --git a/2019/8xxx/CVE-2019-8668.json b/2019/8xxx/CVE-2019-8668.json index e43386f2aaa..7809b080a54 100644 --- a/2019/8xxx/CVE-2019-8668.json +++ b/2019/8xxx/CVE-2019-8668.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8668", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8668", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted image may lead to a denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210353", + "name": "https://support.apple.com/en-us/HT210353" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210346", + "name": "https://support.apple.com/en-us/HT210346" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210351", + "name": "https://support.apple.com/en-us/HT210351" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. Processing a maliciously crafted image may lead to a denial of service." } ] } diff --git a/2019/8xxx/CVE-2019-8675.json b/2019/8xxx/CVE-2019-8675.json index ccd2282c938..ae17182f2fd 100644 --- a/2019/8xxx/CVE-2019-8675.json +++ b/2019/8xxx/CVE-2019-8675.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8675", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8675", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position may be able to execute arbitrary code" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210348", + "name": "https://support.apple.com/en-us/HT210348" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code." } ] } diff --git a/2019/8xxx/CVE-2019-8696.json b/2019/8xxx/CVE-2019-8696.json index d43ba8746ec..ba5482e2f8c 100644 --- a/2019/8xxx/CVE-2019-8696.json +++ b/2019/8xxx/CVE-2019-8696.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8696", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8696", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position may be able to execute arbitrary code" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210348", + "name": "https://support.apple.com/en-us/HT210348" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code." } ] } diff --git a/2019/8xxx/CVE-2019-8706.json b/2019/8xxx/CVE-2019-8706.json index 8cd37e78c77..06c81df0c1f 100644 --- a/2019/8xxx/CVE-2019-8706.json +++ b/2019/8xxx/CVE-2019-8706.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8706", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8706", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted audio file may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8708.json b/2019/8xxx/CVE-2019-8708.json index 8c31f585406..6d6c10b7b14 100644 --- a/2019/8xxx/CVE-2019-8708.json +++ b/2019/8xxx/CVE-2019-8708.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8708", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8708", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to check for the existence of arbitrary files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. A local user may be able to check for the existence of arbitrary files." } ] } diff --git a/2019/8xxx/CVE-2019-8709.json b/2019/8xxx/CVE-2019-8709.json index fa3f6b0ced7..232a25979f6 100644 --- a/2019/8xxx/CVE-2019-8709.json +++ b/2019/8xxx/CVE-2019-8709.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8709", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8709", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8712.json b/2019/8xxx/CVE-2019-8712.json index 547d7306f0b..d336ed7fc66 100644 --- a/2019/8xxx/CVE-2019-8712.json +++ b/2019/8xxx/CVE-2019-8712.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8712", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8712", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8715.json b/2019/8xxx/CVE-2019-8715.json index 214805aa167..cc0271370ff 100644 --- a/2019/8xxx/CVE-2019-8715.json +++ b/2019/8xxx/CVE-2019-8715.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8715", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8715", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8716.json b/2019/8xxx/CVE-2019-8716.json index 19d0b908363..7054cd90ff1 100644 --- a/2019/8xxx/CVE-2019-8716.json +++ b/2019/8xxx/CVE-2019-8716.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8716", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8716", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8718.json b/2019/8xxx/CVE-2019-8718.json index 97a44d87015..ba75273904b 100644 --- a/2019/8xxx/CVE-2019-8718.json +++ b/2019/8xxx/CVE-2019-8718.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8718", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8718", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8728.json b/2019/8xxx/CVE-2019-8728.json index 2d68ebd204f..95f301a3bf8 100644 --- a/2019/8xxx/CVE-2019-8728.json +++ b/2019/8xxx/CVE-2019-8728.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8728", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8728", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210608", + "name": "https://support.apple.com/en-us/HT210608" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8732.json b/2019/8xxx/CVE-2019-8732.json index bbdd263f1e8..9bc09c0b703 100644 --- a/2019/8xxx/CVE-2019-8732.json +++ b/2019/8xxx/CVE-2019-8732.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8732", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8732", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Deleted calls remained visible on the device" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device." } ] } diff --git a/2019/8xxx/CVE-2019-8734.json b/2019/8xxx/CVE-2019-8734.json index 938c415c60e..552edd881b4 100644 --- a/2019/8xxx/CVE-2019-8734.json +++ b/2019/8xxx/CVE-2019-8734.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8734", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8734", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210608", + "name": "https://support.apple.com/en-us/HT210608" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8736.json b/2019/8xxx/CVE-2019-8736.json index a7f2feaf725..ad42c28b75a 100644 --- a/2019/8xxx/CVE-2019-8736.json +++ b/2019/8xxx/CVE-2019-8736.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8736", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8736", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position may be able to leak sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An input validation issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged network position may be able to leak sensitive user information." } ] } diff --git a/2019/8xxx/CVE-2019-8737.json b/2019/8xxx/CVE-2019-8737.json index 5d9d9408542..c3e67e61e1a 100644 --- a/2019/8xxx/CVE-2019-8737.json +++ b/2019/8xxx/CVE-2019-8737.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8737", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8737", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged position may be able to perform a denial of service attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A denial of service issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged position may be able to perform a denial of service attack." } ] } diff --git a/2019/8xxx/CVE-2019-8740.json b/2019/8xxx/CVE-2019-8740.json index da4c02a8e02..612139d859d 100644 --- a/2019/8xxx/CVE-2019-8740.json +++ b/2019/8xxx/CVE-2019-8740.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8740", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8740", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8744.json b/2019/8xxx/CVE-2019-8744.json index 2b38e9ff02b..178dd3f3872 100644 --- a/2019/8xxx/CVE-2019-8744.json +++ b/2019/8xxx/CVE-2019-8744.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8744", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8744", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to determine kernel memory layout" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout." } ] } diff --git a/2019/8xxx/CVE-2019-8746.json b/2019/8xxx/CVE-2019-8746.json index 5d91bab40d9..668a19f63bd 100644 --- a/2019/8xxx/CVE-2019-8746.json +++ b/2019/8xxx/CVE-2019-8746.json @@ -1,17 +1,174 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8746", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8746", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause unexpected application termination or arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8749.json b/2019/8xxx/CVE-2019-8749.json index 44468cced25..4f847f07352 100644 --- a/2019/8xxx/CVE-2019-8749.json +++ b/2019/8xxx/CVE-2019-8749.json @@ -1,17 +1,174 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8749", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8749", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Multiple issues in libxml2" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2." } ] } diff --git a/2019/8xxx/CVE-2019-8751.json b/2019/8xxx/CVE-2019-8751.json index 765b7ef178e..144ac63193b 100644 --- a/2019/8xxx/CVE-2019-8751.json +++ b/2019/8xxx/CVE-2019-8751.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8751", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8751", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210605", + "name": "https://support.apple.com/en-us/HT210605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8752.json b/2019/8xxx/CVE-2019-8752.json index 99edacbe0e3..380fcc6006f 100644 --- a/2019/8xxx/CVE-2019-8752.json +++ b/2019/8xxx/CVE-2019-8752.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8752", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8752", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210605", + "name": "https://support.apple.com/en-us/HT210605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8753.json b/2019/8xxx/CVE-2019-8753.json index e06641d8468..9017f3045e4 100644 --- a/2019/8xxx/CVE-2019-8753.json +++ b/2019/8xxx/CVE-2019-8753.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8753", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8753", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to a cross site scripting attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. Processing maliciously crafted web content may lead to a cross site scripting attack." } ] } diff --git a/2019/8xxx/CVE-2019-8754.json b/2019/8xxx/CVE-2019-8754.json index d0af8945544..00b24a1bb81 100644 --- a/2019/8xxx/CVE-2019-8754.json +++ b/2019/8xxx/CVE-2019-8754.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8754", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8754", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious HTML document may be able to render iframes with sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information." } ] } diff --git a/2019/8xxx/CVE-2019-8756.json b/2019/8xxx/CVE-2019-8756.json index b2ee86ab449..a0f5a3e3d5e 100644 --- a/2019/8xxx/CVE-2019-8756.json +++ b/2019/8xxx/CVE-2019-8756.json @@ -1,17 +1,174 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8756", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8756", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Multiple issues in libxml2" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2." } ] } diff --git a/2019/8xxx/CVE-2019-8759.json b/2019/8xxx/CVE-2019-8759.json index 1abd20a476d..2f00078f6c8 100644 --- a/2019/8xxx/CVE-2019-8759.json +++ b/2019/8xxx/CVE-2019-8759.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8759", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8759", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to cause unexpected system termination or read kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory." } ] } diff --git a/2019/8xxx/CVE-2019-8761.json b/2019/8xxx/CVE-2019-8761.json index 74e4e3ea88b..a3879fac41c 100644 --- a/2019/8xxx/CVE-2019-8761.json +++ b/2019/8xxx/CVE-2019-8761.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8761", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8761", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a maliciously crafted text file may lead to disclosure of user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information." } ] } diff --git a/2019/8xxx/CVE-2019-8762.json b/2019/8xxx/CVE-2019-8762.json index 945110ec0fd..7ce264218b5 100644 --- a/2019/8xxx/CVE-2019-8762.json +++ b/2019/8xxx/CVE-2019-8762.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8762", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8762", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to universal cross site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210605", + "name": "https://support.apple.com/en-us/HT210605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting." } ] } diff --git a/2019/8xxx/CVE-2019-8767.json b/2019/8xxx/CVE-2019-8767.json index 804b45c0d10..3118fccc436 100644 --- a/2019/8xxx/CVE-2019-8767.json +++ b/2019/8xxx/CVE-2019-8767.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8767", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8767", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted string may lead to heap corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption." } ] } diff --git a/2019/8xxx/CVE-2019-8771.json b/2019/8xxx/CVE-2019-8771.json index c3f3776d08e..4e7b5949abc 100644 --- a/2019/8xxx/CVE-2019-8771.json +++ b/2019/8xxx/CVE-2019-8771.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8771", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8771", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Maliciously crafted web content may violate iframe sandboxing policy" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210605", + "name": "https://support.apple.com/en-us/HT210605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy." } ] } diff --git a/2019/8xxx/CVE-2019-8773.json b/2019/8xxx/CVE-2019-8773.json index e58b2b1be74..d9ed30fdda1 100644 --- a/2019/8xxx/CVE-2019-8773.json +++ b/2019/8xxx/CVE-2019-8773.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8773", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8773", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210605", + "name": "https://support.apple.com/en-us/HT210605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8774.json b/2019/8xxx/CVE-2019-8774.json index 3912ef34656..6924d762f76 100644 --- a/2019/8xxx/CVE-2019-8774.json +++ b/2019/8xxx/CVE-2019-8774.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8774", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8774", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service." } ] } diff --git a/2019/8xxx/CVE-2019-8776.json b/2019/8xxx/CVE-2019-8776.json index dcc93e02baa..27fb138e0e9 100644 --- a/2019/8xxx/CVE-2019-8776.json +++ b/2019/8xxx/CVE-2019-8776.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8776", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8776", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8777.json b/2019/8xxx/CVE-2019-8777.json index 163aeb856bb..cfeecccaf04 100644 --- a/2019/8xxx/CVE-2019-8777.json +++ b/2019/8xxx/CVE-2019-8777.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8777", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8777", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.14" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local attacker may be able to view contacts from the lock screen" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT209600", + "name": "https://support.apple.com/en-us/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A local attacker may be able to view contacts from the lock screen." } ] } diff --git a/2019/8xxx/CVE-2019-8780.json b/2019/8xxx/CVE-2019-8780.json index 1f9827c04f0..3a5b190d727 100644 --- a/2019/8xxx/CVE-2019-8780.json +++ b/2019/8xxx/CVE-2019-8780.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8780", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8780", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to determine kernel memory layout" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout." } ] } diff --git a/2019/8xxx/CVE-2019-8790.json b/2019/8xxx/CVE-2019-8790.json index 062ab920f61..1819d5e7bfd 100644 --- a/2019/8xxx/CVE-2019-8790.json +++ b/2019/8xxx/CVE-2019-8790.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8790", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8790", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Swift for Ubuntu", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210647", + "name": "https://support.apple.com/en-us/HT210647" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure." } ] } diff --git a/2019/8xxx/CVE-2019-8799.json b/2019/8xxx/CVE-2019-8799.json index e55345510c6..170cf0e76ef 100644 --- a/2019/8xxx/CVE-2019-8799.json +++ b/2019/8xxx/CVE-2019-8799.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8799", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8799", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in physical proximity may be able to passively observe device names in AWDL communications" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications." } ] } diff --git a/2019/8xxx/CVE-2019-8809.json b/2019/8xxx/CVE-2019-8809.json index 8b57a18a56e..c12ddda26c9 100644 --- a/2019/8xxx/CVE-2019-8809.json +++ b/2019/8xxx/CVE-2019-8809.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8809", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8809", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local app may be able to read a persistent account identifier" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier." } ] } diff --git a/2019/8xxx/CVE-2019-8824.json b/2019/8xxx/CVE-2019-8824.json index 3faf90bc3a1..cffc11ffb01 100644 --- a/2019/8xxx/CVE-2019-8824.json +++ b/2019/8xxx/CVE-2019-8824.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8824", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8824", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8825.json b/2019/8xxx/CVE-2019-8825.json index 26a585ef57f..63544e63539 100644 --- a/2019/8xxx/CVE-2019-8825.json +++ b/2019/8xxx/CVE-2019-8825.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8825", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8825", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.7" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.14" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210606", + "name": "https://support.apple.com/en-us/HT210606" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210635", + "name": "https://support.apple.com/en-us/HT210635" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210636", + "name": "https://support.apple.com/en-us/HT210636" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210637", + "name": "https://support.apple.com/en-us/HT210637" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8826.json b/2019/8xxx/CVE-2019-8826.json index 6a96fc4ebbc..89bd5320fae 100644 --- a/2019/8xxx/CVE-2019-8826.json +++ b/2019/8xxx/CVE-2019-8826.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8826", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8826", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8827.json b/2019/8xxx/CVE-2019-8827.json index 09aa0a73f2c..63f0e8c1f29 100644 --- a/2019/8xxx/CVE-2019-8827.json +++ b/2019/8xxx/CVE-2019-8827.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8827", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8827", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.15" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Visiting a maliciously crafted website may reveal the sites a user has visited" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210721", + "name": "https://support.apple.com/en-us/HT210721" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210723", + "name": "https://support.apple.com/en-us/HT210723" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210725", + "name": "https://support.apple.com/en-us/HT210725" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210726", + "name": "https://support.apple.com/en-us/HT210726" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210728", + "name": "https://support.apple.com/en-us/HT210728" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210947", + "name": "https://support.apple.com/en-us/HT210947" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited." } ] } diff --git a/2019/8xxx/CVE-2019-8828.json b/2019/8xxx/CVE-2019-8828.json index 96544380a4f..4f1c7170d28 100644 --- a/2019/8xxx/CVE-2019-8828.json +++ b/2019/8xxx/CVE-2019-8828.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8828", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8828", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8829.json b/2019/8xxx/CVE-2019-8829.json index 643ed1054d3..d74518614b6 100644 --- a/2019/8xxx/CVE-2019-8829.json +++ b/2019/8xxx/CVE-2019-8829.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8829", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8829", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210721", + "name": "https://support.apple.com/en-us/HT210721" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210723", + "name": "https://support.apple.com/en-us/HT210723" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210724", + "name": "https://support.apple.com/en-us/HT210724" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8830.json b/2019/8xxx/CVE-2019-8830.json index 4863acf41a1..8706b92a476 100644 --- a/2019/8xxx/CVE-2019-8830.json +++ b/2019/8xxx/CVE-2019-8830.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8830", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8830", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.4" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing malicious video via FaceTime may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210787", + "name": "https://support.apple.com/en-us/HT210787" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210791", + "name": "https://support.apple.com/en-us/HT210791" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8831.json b/2019/8xxx/CVE-2019-8831.json index be2eb0a9ba1..baa7e28f33a 100644 --- a/2019/8xxx/CVE-2019-8831.json +++ b/2019/8xxx/CVE-2019-8831.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8831", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8831", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210634", + "name": "https://support.apple.com/en-us/HT210634" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210722", + "name": "https://support.apple.com/en-us/HT210722" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210604", + "name": "https://support.apple.com/en-us/HT210604" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210607", + "name": "https://support.apple.com/en-us/HT210607" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210603", + "name": "https://support.apple.com/en-us/HT210603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8832.json b/2019/8xxx/CVE-2019-8832.json index b49a16c2b6c..e9fba0baca8 100644 --- a/2019/8xxx/CVE-2019-8832.json +++ b/2019/8xxx/CVE-2019-8832.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8832", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8832", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8833.json b/2019/8xxx/CVE-2019-8833.json index f9ed025f5fc..9c24790bcf3 100644 --- a/2019/8xxx/CVE-2019-8833.json +++ b/2019/8xxx/CVE-2019-8833.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8833", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8833", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8834.json b/2019/8xxx/CVE-2019-8834.json index 9d94c7509a1..2258b6540cf 100644 --- a/2019/8xxx/CVE-2019-8834.json +++ b/2019/8xxx/CVE-2019-8834.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8834", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8834", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.9" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.16" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210793", + "name": "https://support.apple.com/en-us/HT210793" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210794", + "name": "https://support.apple.com/en-us/HT210794" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210795", + "name": "https://support.apple.com/en-us/HT210795" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list." } ] } diff --git a/2019/8xxx/CVE-2019-8835.json b/2019/8xxx/CVE-2019-8835.json index 50a5f4e27b1..6b9a443b2b0 100644 --- a/2019/8xxx/CVE-2019-8835.json +++ b/2019/8xxx/CVE-2019-8835.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8835", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8835", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.9" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.16" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210793", + "name": "https://support.apple.com/en-us/HT210793" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210794", + "name": "https://support.apple.com/en-us/HT210794" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210792", + "name": "https://support.apple.com/en-us/HT210792" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210795", + "name": "https://support.apple.com/en-us/HT210795" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8836.json b/2019/8xxx/CVE-2019-8836.json index b36aae6615b..c60916cf952 100644 --- a/2019/8xxx/CVE-2019-8836.json +++ b/2019/8xxx/CVE-2019-8836.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8836", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8836", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210918", + "name": "https://support.apple.com/en-us/HT210918" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210920", + "name": "https://support.apple.com/en-us/HT210920" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210921", + "name": "https://support.apple.com/en-us/HT210921" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8837.json b/2019/8xxx/CVE-2019-8837.json index a08fdfa8939..01ca139fbfa 100644 --- a/2019/8xxx/CVE-2019-8837.json +++ b/2019/8xxx/CVE-2019-8837.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8837", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8837", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to access restricted files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A malicious application may be able to access restricted files." } ] } diff --git a/2019/8xxx/CVE-2019-8838.json b/2019/8xxx/CVE-2019-8838.json index 44fd1f68935..27921270129 100644 --- a/2019/8xxx/CVE-2019-8838.json +++ b/2019/8xxx/CVE-2019-8838.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8838", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8838", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8839.json b/2019/8xxx/CVE-2019-8839.json index b98ea0f73c6..3f1d0753f93 100644 --- a/2019/8xxx/CVE-2019-8839.json +++ b/2019/8xxx/CVE-2019-8839.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8839", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8839", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An attacker in a privileged position may be able to perform a denial of service attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack." } ] } diff --git a/2019/8xxx/CVE-2019-8840.json b/2019/8xxx/CVE-2019-8840.json index 0b615c5f171..bb8c2f3e1ea 100644 --- a/2019/8xxx/CVE-2019-8840.json +++ b/2019/8xxx/CVE-2019-8840.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8840", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8840", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Xcode", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "11.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Compiling with untrusted sources may lead to arbitrary code execution with user privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210796", + "name": "https://support.apple.com/en-us/HT210796" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8841.json b/2019/8xxx/CVE-2019-8841.json index 2e57bbe664b..6b52e7dd286 100644 --- a/2019/8xxx/CVE-2019-8841.json +++ b/2019/8xxx/CVE-2019-8841.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8841", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8841", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8842.json b/2019/8xxx/CVE-2019-8842.json index fa61aa5de27..79db521cd08 100644 --- a/2019/8xxx/CVE-2019-8842.json +++ b/2019/8xxx/CVE-2019-8842.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8842", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8842", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "In certain configurations, a remote attacker may be able to submit arbitrary print jobs" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs." } ] } diff --git a/2019/8xxx/CVE-2019-8844.json b/2019/8xxx/CVE-2019-8844.json index 0cdd560fa51..85692cef38b 100644 --- a/2019/8xxx/CVE-2019-8844.json +++ b/2019/8xxx/CVE-2019-8844.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8844", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8844", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS and iPadOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "6.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.0" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.10" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.9" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "7.16" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210785", + "name": "https://support.apple.com/en-us/HT210785" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210789", + "name": "https://support.apple.com/en-us/HT210789" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210790", + "name": "https://support.apple.com/en-us/HT210790" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210793", + "name": "https://support.apple.com/en-us/HT210793" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210794", + "name": "https://support.apple.com/en-us/HT210794" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210792", + "name": "https://support.apple.com/en-us/HT210792" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210795", + "name": "https://support.apple.com/en-us/HT210795" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8851.json b/2019/8xxx/CVE-2019-8851.json index a34ae11cc1b..bee72ab3b47 100644 --- a/2019/8xxx/CVE-2019-8851.json +++ b/2019/8xxx/CVE-2019-8851.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8851", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8851", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "10.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A Mac may not lock immediately upon wake" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT210788", + "name": "https://support.apple.com/en-us/HT210788" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A Mac may not lock immediately upon wake." } ] } diff --git a/2020/12xxx/CVE-2020-12830.json b/2020/12xxx/CVE-2020-12830.json index 6fbeb31e309..853df0b8f20 100644 --- a/2020/12xxx/CVE-2020-12830.json +++ b/2020/12xxx/CVE-2020-12830.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12830", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12830", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.wdc.com/downloads.aspx?g=907&lang=en", + "refsource": "MISC", + "name": "https://support.wdc.com/downloads.aspx?g=907&lang=en" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114" } ] } diff --git a/2020/13xxx/CVE-2020-13934.json b/2020/13xxx/CVE-2020-13934.json index 7ff64636d9c..c5d0cd4bcac 100644 --- a/2020/13xxx/CVE-2020-13934.json +++ b/2020/13xxx/CVE-2020-13934.json @@ -83,6 +83,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200724-0003/", "url": "https://security.netapp.com/advisory/ntap-20200724-0003/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4596-1", + "url": "https://usn.ubuntu.com/4596-1/" } ] }, diff --git a/2020/13xxx/CVE-2020-13935.json b/2020/13xxx/CVE-2020-13935.json index e6489844b54..e01e4cf58fb 100644 --- a/2020/13xxx/CVE-2020-13935.json +++ b/2020/13xxx/CVE-2020-13935.json @@ -88,6 +88,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" + }, + { + "refsource": "UBUNTU", + "name": "USN-4596-1", + "url": "https://usn.ubuntu.com/4596-1/" } ] }, diff --git a/2020/15xxx/CVE-2020-15238.json b/2020/15xxx/CVE-2020-15238.json index 5bc0f6ea059..1a98a08e595 100644 --- a/2020/15xxx/CVE-2020-15238.json +++ b/2020/15xxx/CVE-2020-15238.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability.\n\nThe impact highly depends on the system configuration.\n\nIf Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. \n\nOn systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program.\n\nOn systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name.\n\nPatches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available.\n\nAs a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules." + "value": "Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. On systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name. Patches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available. As a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules." } ] }, diff --git a/2020/25xxx/CVE-2020-25765.json b/2020/25xxx/CVE-2020-25765.json index 34e7a683db7..a41c695d4c1 100644 --- a/2020/25xxx/CVE-2020-25765.json +++ b/2020/25xxx/CVE-2020-25765.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25765", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25765", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.westerndigital.com/support/productsecurity", + "refsource": "MISC", + "name": "https://www.westerndigital.com/support/productsecurity" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114" } ] } diff --git a/2020/27xxx/CVE-2020-27158.json b/2020/27xxx/CVE-2020-27158.json index 6749b74f2ee..1cc2b61ea82 100644 --- a/2020/27xxx/CVE-2020-27158.json +++ b/2020/27xxx/CVE-2020-27158.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27158", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27158", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.westerndigital.com/support/productsecurity", + "refsource": "MISC", + "name": "https://www.westerndigital.com/support/productsecurity" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114" } ] } diff --git a/2020/27xxx/CVE-2020-27159.json b/2020/27xxx/CVE-2020-27159.json index d615a103bb6..3ea5eeca237 100644 --- a/2020/27xxx/CVE-2020-27159.json +++ b/2020/27xxx/CVE-2020-27159.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27159", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27159", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.westerndigital.com/support/productsecurity", + "refsource": "MISC", + "name": "https://www.westerndigital.com/support/productsecurity" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114" } ] } diff --git a/2020/27xxx/CVE-2020-27160.json b/2020/27xxx/CVE-2020-27160.json index fed13dcd71d..0761c13699f 100644 --- a/2020/27xxx/CVE-2020-27160.json +++ b/2020/27xxx/CVE-2020-27160.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27160", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27160", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.westerndigital.com/support/productsecurity", + "refsource": "MISC", + "name": "https://www.westerndigital.com/support/productsecurity" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114" } ] } diff --git a/2020/27xxx/CVE-2020-27888.json b/2020/27xxx/CVE-2020-27888.json new file mode 100644 index 00000000000..c4b704c453d --- /dev/null +++ b/2020/27xxx/CVE-2020-27888.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27888", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://community.ui.com/questions/Possible-authentication-bypass-for-access-into-LAN/7965adb2-5d70-4410-8467-4c7bec76bc00", + "refsource": "MISC", + "name": "https://community.ui.com/questions/Possible-authentication-bypass-for-access-into-LAN/7965adb2-5d70-4410-8467-4c7bec76bc00" + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27889.json b/2020/27xxx/CVE-2020-27889.json new file mode 100644 index 00000000000..2723a654896 --- /dev/null +++ b/2020/27xxx/CVE-2020-27889.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27889", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9484.json b/2020/9xxx/CVE-2020-9484.json index d5be42e9f34..4ddef2d46e4 100644 --- a/2020/9xxx/CVE-2020-9484.json +++ b/2020/9xxx/CVE-2020-9484.json @@ -163,6 +163,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" + }, + { + "refsource": "UBUNTU", + "name": "USN-4596-1", + "url": "https://usn.ubuntu.com/4596-1/" } ] },