diff --git a/2019/12xxx/CVE-2019-12001.json b/2019/12xxx/CVE-2019-12001.json index a22e62ecb06..1b56a008feb 100644 --- a/2019/12xxx/CVE-2019-12001.json +++ b/2019/12xxx/CVE-2019-12001.json @@ -4,14 +4,73 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-12001", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage", + "version": { + "version_data": [ + { + "version_value": "HPE MSA 1040 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 2040 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 2042 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 1050 SAN Storage VE270R001-01 and earlier" + }, + { + "version_value": "HPE MSA 2050 SAN Storage VL270R001-01 and earlier" + }, + { + "version_value": "HPE MSA 2052 SAN Storage VL270R001-01 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote: Session Reuse" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier." } ] } diff --git a/2019/12xxx/CVE-2019-12002.json b/2019/12xxx/CVE-2019-12002.json index 8d2f4bd8078..955a2b6ae8d 100644 --- a/2019/12xxx/CVE-2019-12002.json +++ b/2019/12xxx/CVE-2019-12002.json @@ -4,14 +4,73 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-12002", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage", + "version": { + "version_data": [ + { + "version_value": "HPE MSA 1040 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 2040 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 2042 SAN Storage GL225P001 and earlier" + }, + { + "version_value": "HPE MSA 1050 SAN Storage VE270R001-01 and earlier" + }, + { + "version_value": "HPE MSA 2050 SAN Storage VL270R001-01 and earlier" + }, + { + "version_value": "HPE MSA 2052 SAN Storage VL270R001-01 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote: Session Reuse" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03940en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A remote session reuse vulnerability leading to access restriction bypass was discovered in HPE MSA 2040 SAN Storage; HPE MSA 1040 SAN Storage; HPE MSA 1050 SAN Storage; HPE MSA 2042 SAN Storage; HPE MSA 2050 SAN Storage; HPE MSA 2052 SAN Storage version(s): GL225P001 and earlier; GL225P001 and earlier; VE270R001-01 and earlier; GL225P001 and earlier; VL270R001-01 and earlier; VL270R001-01 and earlier." } ] } diff --git a/2019/20xxx/CVE-2019-20769.json b/2019/20xxx/CVE-2019-20769.json index 9a3f9f01c1b..bede0389cb3 100644 --- a/2019/20xxx/CVE-2019-20769.json +++ b/2019/20xxx/CVE-2019-20769.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20769", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20769", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). DLL Hijacking can occur via a Trojan horse DLL in the current working directory. The LG ID is LVE-MOT-190001 (November 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20770.json b/2019/20xxx/CVE-2019-20770.json index b635db31402..c8c22bc45c5 100644 --- a/2019/20xxx/CVE-2019-20770.json +++ b/2019/20xxx/CVE-2019-20770.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20770", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20770", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 (September 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20771.json b/2019/20xxx/CVE-2019-20771.json index bdff7ac78ae..131c5e7622e 100644 --- a/2019/20xxx/CVE-2019-20771.json +++ b/2019/20xxx/CVE-2019-20771.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20771", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20771", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 (August 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20772.json b/2019/20xxx/CVE-2019-20772.json index c11f53aee1c..151e7c096b7 100644 --- a/2019/20xxx/CVE-2019-20772.json +++ b/2019/20xxx/CVE-2019-20772.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20772", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20772", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20773.json b/2019/20xxx/CVE-2019-20773.json index 79f2d56fefc..20b49acd0ab 100644 --- a/2019/20xxx/CVE-2019-20773.json +++ b/2019/20xxx/CVE-2019-20773.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20773", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20773", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20774.json b/2019/20xxx/CVE-2019-20774.json index b05c72e39b3..37b6af3c927 100644 --- a/2019/20xxx/CVE-2019-20774.json +++ b/2019/20xxx/CVE-2019-20774.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20774", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20774", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 (August 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20775.json b/2019/20xxx/CVE-2019-20775.json index ba6ccfdc79f..ecee9062ecd 100644 --- a/2019/20xxx/CVE-2019-20775.json +++ b/2019/20xxx/CVE-2019-20775.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20775", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20775", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. Weak encryption leads to local information disclosure. The LG ID is LVE-SMP-190010 (August 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20776.json b/2019/20xxx/CVE-2019-20776.json index 030ca9665f9..ecfdaa77cf0 100644 --- a/2019/20xxx/CVE-2019-20776.json +++ b/2019/20xxx/CVE-2019-20776.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20776", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20776", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. A TZ trusted application can crash via crafted input. The LG ID is LVE-SMP-190005 (July 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20777.json b/2019/20xxx/CVE-2019-20777.json index e912f1b73be..526293d42ae 100644 --- a/2019/20xxx/CVE-2019-20777.json +++ b/2019/20xxx/CVE-2019-20777.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20777", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20777", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 (July 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20778.json b/2019/20xxx/CVE-2019-20778.json index e809594a135..6e09d896612 100644 --- a/2019/20xxx/CVE-2019-20778.json +++ b/2019/20xxx/CVE-2019-20778.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20778", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20778", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 (June 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20779.json b/2019/20xxx/CVE-2019-20779.json index badf6ca578e..24526cb5d37 100644 --- a/2019/20xxx/CVE-2019-20779.json +++ b/2019/20xxx/CVE-2019-20779.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20779", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20779", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A TrustZone trusted application can crash via crafted input. The LG ID is LVE-SMP-190003 (May 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20780.json b/2019/20xxx/CVE-2019-20780.json index 69b99b2c16b..3ae682fd8c4 100644 --- a/2019/20xxx/CVE-2019-20780.json +++ b/2019/20xxx/CVE-2019-20780.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20780", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20780", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20782.json b/2019/20xxx/CVE-2019-20782.json index cfa0a0e0ad3..e1992773ab0 100644 --- a/2019/20xxx/CVE-2019-20782.json +++ b/2019/20xxx/CVE-2019-20782.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20782", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20782", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20783.json b/2019/20xxx/CVE-2019-20783.json index 48864b02e8c..e7e17648555 100644 --- a/2019/20xxx/CVE-2019-20783.json +++ b/2019/20xxx/CVE-2019-20783.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20783", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20783", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key Agreement). The LG ID is LVE-SMP-180014 (February 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20784.json b/2019/20xxx/CVE-2019-20784.json index 3c4b4829d10..4faf81f2215 100644 --- a/2019/20xxx/CVE-2019-20784.json +++ b/2019/20xxx/CVE-2019-20784.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20784", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20784", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipsets) software. Interaction of GPS with 911 emergency calls is mishandled. The LG ID is LVE-SMP-180012 (January 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/20xxx/CVE-2019-20785.json b/2019/20xxx/CVE-2019-20785.json index 8515abad81e..aa05239f26d 100644 --- a/2019/20xxx/CVE-2019-20785.json +++ b/2019/20xxx/CVE-2019-20785.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20785", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20785", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carrier. RILD in the radio layer uses an uninitialized variable. The LG ID is LVE-SMP-180013 (January 2019)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2019/4xxx/CVE-2019-4446.json b/2019/4xxx/CVE-2019-4446.json index 366ad582248..2a1579225cd 100644 --- a/2019/4xxx/CVE-2019-4446.json +++ b/2019/4xxx/CVE-2019-4446.json @@ -1,90 +1,90 @@ { - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - }, - "BM" : { - "UI" : "N", - "AV" : "N", - "PR" : "L", - "SCORE" : "5.400", - "A" : "N", - "I" : "L", - "S" : "U", - "C" : "L", - "AC" : "L" - } - } - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. IBM X-Force ID: 163490." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Maximo Asset Management", - "version" : { - "version_data" : [ - { - "version_value" : "7.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + }, + "BM": { + "UI": "N", + "AV": "N", + "PR": "L", + "SCORE": "5.400", + "A": "N", + "I": "L", + "S": "U", + "C": "L", + "AC": "L" } - ] - } - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2020-04-16T00:00:00", - "STATE" : "PUBLIC", - "ID" : "CVE-2019-4446", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6190215", - "url" : "https://www.ibm.com/support/pages/node/6190215", - "title" : "IBM Security Bulletin 6190215 (Maximo Asset Management)", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-maximo-cve20194446-insecure-perms (163490)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/163490" - } - ] - } -} + } + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not authorized to by modifying request parameters. IBM X-Force ID: 163490." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Maximo Asset Management", + "version": { + "version_data": [ + { + "version_value": "7.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2020-04-16T00:00:00", + "STATE": "PUBLIC", + "ID": "CVE-2019-4446", + "ASSIGNER": "psirt@us.ibm.com" + }, + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6190215", + "url": "https://www.ibm.com/support/pages/node/6190215", + "title": "IBM Security Bulletin 6190215 (Maximo Asset Management)", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-maximo-cve20194446-insecure-perms (163490)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163490" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4644.json b/2019/4xxx/CVE-2019-4644.json index af7e8d0e91f..f2a61bd1839 100644 --- a/2019/4xxx/CVE-2019-4644.json +++ b/2019/4xxx/CVE-2019-4644.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6191583", - "name" : "https://www.ibm.com/support/pages/node/6191583", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6191583 (Maximo Asset Management)" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "name" : "ibm-maximo-cve20194644-xss (170880)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/170880" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "7.6" - } - ] - }, - "product_name" : "Maximo Asset Management" - } - ] - }, - "vendor_name" : "IBM" + "url": "https://www.ibm.com/support/pages/node/6191583", + "name": "https://www.ibm.com/support/pages/node/6191583", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6191583 (Maximo Asset Management)" + }, + { + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "name": "ibm-maximo-cve20194644-xss (170880)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170880" } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "CVE_data_meta" : { - "ID" : "CVE-2019-4644", - "DATE_PUBLIC" : "2020-04-16T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170880.", - "lang" : "eng" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "7.6" + } + ] + }, + "product_name": "Maximo Asset Management" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "H", - "RL" : "O", - "RC" : "C" - }, - "BM" : { - "AC" : "L", - "C" : "L", - "S" : "C", - "I" : "L", - "A" : "N", - "SCORE" : "6.100", - "PR" : "N", - "UI" : "R", - "AV" : "N" - } - } - }, - "data_version" : "4.0" -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "CVE_data_meta": { + "ID": "CVE-2019-4644", + "DATE_PUBLIC": "2020-04-16T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "description": { + "description_data": [ + { + "value": "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170880.", + "lang": "eng" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "E": "H", + "RL": "O", + "RC": "C" + }, + "BM": { + "AC": "L", + "C": "L", + "S": "C", + "I": "L", + "A": "N", + "SCORE": "6.100", + "PR": "N", + "UI": "R", + "AV": "N" + } + } + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4749.json b/2019/4xxx/CVE-2019-4749.json index 33ea75b2859..fbf0f3ec16f 100644 --- a/2019/4xxx/CVE-2019-4749.json +++ b/2019/4xxx/CVE-2019-4749.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4749", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2020-04-16T00:00:00" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Maximo Asset Management", - "version" : { - "version_data" : [ - { - "version_value" : "7.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6193479", - "url" : "https://www.ibm.com/support/pages/node/6193479", - "title" : "IBM Security Bulletin 6193479 (Maximo Asset Management)", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/173308", - "name" : "ibm-maximo-cve20194749-xss (173308)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "H" - }, - "BM" : { - "PR" : "L", - "UI" : "R", - "AV" : "N", - "SCORE" : "5.400", - "A" : "N", - "AC" : "L", - "C" : "L", - "I" : "L", - "S" : "C" - } - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4749", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2020-04-16T00:00:00" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Maximo Asset Management", + "version": { + "version_data": [ + { + "version_value": "7.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173308." - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6193479", + "url": "https://www.ibm.com/support/pages/node/6193479", + "title": "IBM Security Bulletin 6193479 (Maximo Asset Management)", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173308", + "name": "ibm-maximo-cve20194749-xss (173308)", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + }, + "BM": { + "PR": "L", + "UI": "R", + "AV": "N", + "SCORE": "5.400", + "A": "N", + "AC": "L", + "C": "L", + "I": "L", + "S": "C" + } + } + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173308." + } + ] + } +} \ No newline at end of file diff --git a/2020/11xxx/CVE-2020-11873.json b/2020/11xxx/CVE-2020-11873.json index 32466be85db..1f6d27cf426 100644 --- a/2020/11xxx/CVE-2020-11873.json +++ b/2020/11xxx/CVE-2020-11873.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11873", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11873", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2020/11xxx/CVE-2020-11874.json b/2020/11xxx/CVE-2020-11874.json index 30a758c2cb6..c1b4e5d32a3 100644 --- a/2020/11xxx/CVE-2020-11874.json +++ b/2020/11xxx/CVE-2020-11874.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11874", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11874", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. Attackers can bypass Factory Reset Protection (FRP). The LG ID is LVE-SMP-200004 (March 2020)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2020/11xxx/CVE-2020-11875.json b/2020/11xxx/CVE-2020-11875.json index bc9595b3a4a..9ffef05039f 100644 --- a/2020/11xxx/CVE-2020-11875.json +++ b/2020/11xxx/CVE-2020-11875.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11875", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11875", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lgsecurity.lge.com/", + "url": "https://lgsecurity.lge.com/" } ] } diff --git a/2020/4xxx/CVE-2020-4277.json b/2020/4xxx/CVE-2020-4277.json index ea8a21ed49e..77ffded1936 100644 --- a/2020/4xxx/CVE-2020-4277.json +++ b/2020/4xxx/CVE-2020-4277.json @@ -1,93 +1,93 @@ { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "I" : "N", - "S" : "U", - "C" : "L", - "AC" : "L", - "A" : "N", - "SCORE" : "5.300", - "AV" : "N", - "UI" : "N", - "PR" : "N" - }, - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - } - } - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6193467", - "url" : "https://www.ibm.com/support/pages/node/6193467", - "title" : "IBM Security Bulletin 6193467 (TRIRIGA Application Platform)", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175993", - "name" : "ibm-tririga-cve20204277-info-disc (175993)" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "3.5.3" - }, - { - "version_value" : "3.6.1" - } - ] - }, - "product_name" : "TRIRIGA Application Platform" - } - ] - } + "lang": "eng", + "value": "IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive information in error messages that could aid an attacker formulate future attacks. IBM X-Force ID: 175993." } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2020-4277", - "DATE_PUBLIC" : "2020-04-16T00:00:00", - "STATE" : "PUBLIC" - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "I": "N", + "S": "U", + "C": "L", + "AC": "L", + "A": "N", + "SCORE": "5.300", + "AV": "N", + "UI": "N", + "PR": "N" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/pages/node/6193467", + "url": "https://www.ibm.com/support/pages/node/6193467", + "title": "IBM Security Bulletin 6193467 (TRIRIGA Application Platform)", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/175993", + "name": "ibm-tririga-cve20204277-info-disc (175993)" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "3.5.3" + }, + { + "version_value": "3.6.1" + } + ] + }, + "product_name": "TRIRIGA Application Platform" + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2020-4277", + "DATE_PUBLIC": "2020-04-16T00:00:00", + "STATE": "PUBLIC" + } +} \ No newline at end of file