diff --git a/2019/0xxx/CVE-2019-0770.json b/2019/0xxx/CVE-2019-0770.json index fe0026114d7..d496219d047 100644 --- a/2019/0xxx/CVE-2019-0770.json +++ b/2019/0xxx/CVE-2019-0770.json @@ -1,70 +1,98 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0770", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0770", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] + } + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - {"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0770", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0770" + } ] } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0770" - } - ] - } -} +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0771.json b/2019/0xxx/CVE-2019-0771.json index 47245b4b5e3..5eddbe36983 100644 --- a/2019/0xxx/CVE-2019-0771.json +++ b/2019/0xxx/CVE-2019-0771.json @@ -1,82 +1,120 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0771", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0771", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - {"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "Windows Server 2019"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "ChakraCore", - "version" : { - "version_data" : [ - {"version_value" : ""} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0773, CVE-2019-0783." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0771" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0772.json b/2019/0xxx/CVE-2019-0772.json index c16c6ffefe5..0e3bf42a748 100644 --- a/2019/0xxx/CVE-2019-0772.json +++ b/2019/0xxx/CVE-2019-0772.json @@ -1,102 +1,120 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0772", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0772", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0667." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0772" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0667." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0772", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0772" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0773.json b/2019/0xxx/CVE-2019-0773.json index 63155bd47e5..e39868a1c7e 100644 --- a/2019/0xxx/CVE-2019-0773.json +++ b/2019/0xxx/CVE-2019-0773.json @@ -1,82 +1,120 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0773", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0773", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - {"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "Windows Server 2019"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "ChakraCore", - "version" : { - "version_data" : [ - {"version_value" : ""} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0783." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0773" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0774.json b/2019/0xxx/CVE-2019-0774.json index cd051fa0197..66c5d0f5d26 100644 --- a/2019/0xxx/CVE-2019-0774.json +++ b/2019/0xxx/CVE-2019-0774.json @@ -1,102 +1,135 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0774", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0774", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0775.json b/2019/0xxx/CVE-2019-0775.json index 98834858fed..fa166c0ef8b 100644 --- a/2019/0xxx/CVE-2019-0775.json +++ b/2019/0xxx/CVE-2019-0775.json @@ -1,102 +1,111 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0775", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0775", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0775" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0775", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0775" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0776.json b/2019/0xxx/CVE-2019-0776.json index 2378b2914b2..0529d00fa15 100644 --- a/2019/0xxx/CVE-2019-0776.json +++ b/2019/0xxx/CVE-2019-0776.json @@ -1,85 +1,129 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0776", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0776", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "version 1709 (Core Installation)" + }, + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0776" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0776", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0776" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0777.json b/2019/0xxx/CVE-2019-0777.json index a3d4cef36dd..28d6c9ffdc3 100644 --- a/2019/0xxx/CVE-2019-0777.json +++ b/2019/0xxx/CVE-2019-0777.json @@ -1,67 +1,75 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0777", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0777", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Team Foundation Server 2018", - "version" : { - "version_data" : [ - {"version_value" : "Update 1.2"}, -{"version_value" : "Update 3.2"} - ] - } -}, -{ -"product_name" : "Team Foundation Server", - "version" : { - "version_data" : [ - {"version_value" : "2017 Update 3.1"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Team Foundation Server 2018", + "version": { + "version_data": [ + { + "version_value": "Update 1.2" + }, + { + "version_value": "Update 3.2" + } + ] + } + }, + { + "product_name": "Team Foundation Server", + "version": { + "version_data": [ + { + "version_value": "2017 Update 3.1" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0777" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0777", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0777" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0778.json b/2019/0xxx/CVE-2019-0778.json index bbf0de3ebcb..37010bfb0a4 100644 --- a/2019/0xxx/CVE-2019-0778.json +++ b/2019/0xxx/CVE-2019-0778.json @@ -1,66 +1,72 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0778", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0778", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft SharePoint Foundation", - "version" : { - "version_data" : [ - {"version_value" : "2013 Service Pack 1"} - ] - } -}, -{ -"product_name" : "Microsoft SharePoint Enterprise Server", - "version" : { - "version_data" : [ - {"version_value" : "2016"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Tampering" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft SharePoint Foundation", + "version": { + "version_data": [ + { + "version_value": "2013 Service Pack 1" + } + ] + } + }, + { + "product_name": "Microsoft SharePoint Enterprise Server", + "version": { + "version_data": [ + { + "version_value": "2016" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Tampering" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0778" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0779.json b/2019/0xxx/CVE-2019-0779.json index 30f73483dd0..427c493504b 100644 --- a/2019/0xxx/CVE-2019-0779.json +++ b/2019/0xxx/CVE-2019-0779.json @@ -1,65 +1,83 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0779", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0779", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] + } + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - {"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} + "lang": "eng", + "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0779", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0779" + } ] } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0779" - } - ] - } -} +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0780.json b/2019/0xxx/CVE-2019-0780.json index a18de1612c7..c2d1bd39022 100644 --- a/2019/0xxx/CVE-2019-0780.json +++ b/2019/0xxx/CVE-2019-0780.json @@ -1,113 +1,145 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0780", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0780", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Internet Explorer 11", - "version" : { - "version_data" : [ - {"version_value" : "Windows 7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "Windows 7 for x64-based Systems Service Pack 1"}, -{"version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "Windows 8.1 for 32-bit systems"}, -{"version_value" : "Windows 8.1 for x64-based systems"}, -{"version_value" : "Windows Server 2012 R2"}, -{"version_value" : "Windows RT 8.1"}, -{"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "Windows Server 2019"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Internet Explorer 10", - "version" : { - "version_data" : [ - {"version_value" : "Windows Server 2012"} - ] - } -}, -{ -"product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - {"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "Windows Server 2019"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Internet Explorer 11", + "version": { + "version_data": [ + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows RT 8.1" + }, + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Internet Explorer 10", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2012" + } + ] + } + }, + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "n/a" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0780" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0780", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0780" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0782.json b/2019/0xxx/CVE-2019-0782.json index 23911fd9ddf..43ee265f075 100644 --- a/2019/0xxx/CVE-2019-0782.json +++ b/2019/0xxx/CVE-2019-0782.json @@ -1,102 +1,126 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0782", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0782", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0782" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0783.json b/2019/0xxx/CVE-2019-0783.json index 2a2c7c5767c..af8b4702c1d 100644 --- a/2019/0xxx/CVE-2019-0783.json +++ b/2019/0xxx/CVE-2019-0783.json @@ -1,89 +1,141 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0783", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0783", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Internet Explorer 11", - "version" : { - "version_data" : [ - {"version_value" : "Windows 7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "Windows 7 for x64-based Systems Service Pack 1"}, -{"version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "Windows 8.1 for 32-bit systems"}, -{"version_value" : "Windows 8.1 for x64-based systems"}, -{"version_value" : "Windows Server 2012 R2"}, -{"version_value" : "Windows RT 8.1"}, -{"version_value" : "Windows 10 for 32-bit Systems"}, -{"version_value" : "Windows 10 for x64-based Systems"}, -{"version_value" : "Windows Server 2016"}, -{"version_value" : "Windows 10 Version 1607 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1607 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1703 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1703 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1709 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1709 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1803 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for 32-bit Systems"}, -{"version_value" : "Windows 10 Version 1809 for x64-based Systems"}, -{"version_value" : "Windows 10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "Windows Server 2019"}, -{"version_value" : "Windows 10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Internet Explorer 10", - "version" : { - "version_data" : [ - {"version_value" : "Windows Server 2012"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Internet Explorer 11", + "version": { + "version_data": [ + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows RT 8.1" + }, + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Internet Explorer 10", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2012" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0783" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0784.json b/2019/0xxx/CVE-2019-0784.json index 1e71c9c791d..a681ef14117 100644 --- a/2019/0xxx/CVE-2019-0784.json +++ b/2019/0xxx/CVE-2019-0784.json @@ -1,102 +1,120 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0784", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0784", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0797.json b/2019/0xxx/CVE-2019-0797.json index 7e379143831..d493b5d1f0e 100644 --- a/2019/0xxx/CVE-2019-0797.json +++ b/2019/0xxx/CVE-2019-0797.json @@ -1,92 +1,150 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0797", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0797", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"} - ] - } -}, -{ -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "version 1709 (Core Installation)" + }, + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0798.json b/2019/0xxx/CVE-2019-0798.json index 12297648100..49947e8712d 100644 --- a/2019/0xxx/CVE-2019-0798.json +++ b/2019/0xxx/CVE-2019-0798.json @@ -1,66 +1,72 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0798", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0798", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Skype for Business Server 2015", - "version" : { - "version_data" : [ - {"version_value" : "March 2019 Update"} - ] - } -}, -{ -"product_name" : "Microsoft Lync Server 2013", - "version" : { - "version_data" : [ - {"version_value" : "July 2018 Update"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Skype for Business Server 2015", + "version": { + "version_data": [ + { + "version_value": "March 2019 Update" + } + ] + } + }, + { + "product_name": "Microsoft Lync Server 2013", + "version": { + "version_data": [ + { + "version_value": "July 2018 Update" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0798" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0804.json b/2019/0xxx/CVE-2019-0804.json index 09f54307e20..5df7ae6d700 100644 --- a/2019/0xxx/CVE-2019-0804.json +++ b/2019/0xxx/CVE-2019-0804.json @@ -1,58 +1,62 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0804", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0804", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Azure", + "version": { + "version_data": [ + { + "version_value": "multiple" + } + ] + } + } + ] + } + } + ] + } + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { -"product_name" : "", - "version" : { - "version_data" : [ - {"version_value" : ""} + "lang": "eng", + "value": "An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804" + } ] } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804" - } - ] - } -} +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0808.json b/2019/0xxx/CVE-2019-0808.json index 66bbf53fecd..c8ce879467c 100644 --- a/2019/0xxx/CVE-2019-0808.json +++ b/2019/0xxx/CVE-2019-0808.json @@ -1,74 +1,96 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0808", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0808", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0809.json b/2019/0xxx/CVE-2019-0809.json index c110a1007b7..c2328a19e07 100644 --- a/2019/0xxx/CVE-2019-0809.json +++ b/2019/0xxx/CVE-2019-0809.json @@ -1,58 +1,62 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0809", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0809", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "version 15.9" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] + } + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { -"product_name" : "Microsoft Visual Studio 2017", - "version" : { - "version_data" : [ - {"version_value" : "version 15.9"} + "lang": "eng", + "value": "A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809" + } ] } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0809" - } - ] - } -} +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0816.json b/2019/0xxx/CVE-2019-0816.json index ae3a8e089b7..964ce22b18a 100644 --- a/2019/0xxx/CVE-2019-0816.json +++ b/2019/0xxx/CVE-2019-0816.json @@ -1,58 +1,62 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0816", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0816", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Ubuntu Server", + "version": { + "version_data": [ + { + "version_value": "18.04-LTS" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] + } + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { -"product_name" : "Ubuntu Server", - "version" : { - "version_data" : [ - {"version_value" : "18.04-LTS"} + "lang": "eng", + "value": "A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816" + } ] } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0816" - } - ] - } -} +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0821.json b/2019/0xxx/CVE-2019-0821.json index cf1ead6b340..03725479a5d 100644 --- a/2019/0xxx/CVE-2019-0821.json +++ b/2019/0xxx/CVE-2019-0821.json @@ -1,102 +1,129 @@ { - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0821", - "STATE" : "PUBLIC" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0821", + "STATE": "PUBLIC" }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { -"product_name" : "Windows", - "version" : { - "version_data" : [ - {"version_value" : "7 for 32-bit Systems Service Pack 1"}, -{"version_value" : "7 for x64-based Systems Service Pack 1"}, -{"version_value" : "8.1 for 32-bit systems"}, -{"version_value" : "8.1 for x64-based systems"}, -{"version_value" : "RT 8.1"}, -{"version_value" : "10 for 32-bit Systems"}, -{"version_value" : "10 for x64-based Systems"}, -{"version_value" : "10 Version 1607 for 32-bit Systems"}, -{"version_value" : "10 Version 1607 for x64-based Systems"}, -{"version_value" : "10 Version 1703 for 32-bit Systems"}, -{"version_value" : "10 Version 1703 for x64-based Systems"}, -{"version_value" : "10 Version 1709 for 32-bit Systems"}, -{"version_value" : "10 Version 1709 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for 32-bit Systems"}, -{"version_value" : "10 Version 1803 for x64-based Systems"}, -{"version_value" : "10 Version 1803 for ARM64-based Systems"}, -{"version_value" : "10 Version 1809 for 32-bit Systems"}, -{"version_value" : "10 Version 1809 for x64-based Systems"}, -{"version_value" : "10 Version 1809 for ARM64-based Systems"}, -{"version_value" : "10 Version 1709 for ARM64-based Systems"} - ] - } -}, -{ -"product_name" : "Windows Server", - "version" : { - "version_data" : [ - {"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"}, -{"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"}, -{"version_value" : "2008 R2 for x64-based Systems Service Pack 1"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"}, -{"version_value" : "2012"}, -{"version_value" : "2012 (Core installation)"}, -{"version_value" : "2012 R2"}, -{"version_value" : "2012 R2 (Core installation)"}, -{"version_value" : "2016"}, -{"version_value" : "2016 (Core installation)"}, -{"version_value" : "version 1709 (Core Installation)"}, -{"version_value" : "version 1803 (Core Installation)"}, -{"version_value" : "2019"}, -{"version_value" : "2019 (Core installation)"}, -{"version_value" : "2008 for Itanium-Based Systems Service Pack 2"}, -{"version_value" : "2008 for 32-bit Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2"}, -{"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"} - ] - } -} - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "n/a" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821" - } - ] - } -} + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0703, CVE-2019-0704." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0821" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9634.json b/2019/9xxx/CVE-2019-9634.json index 4c5284361db..646b7782087 100644 --- a/2019/9xxx/CVE-2019-9634.json +++ b/2019/9xxx/CVE-2019-9634.json @@ -61,6 +61,11 @@ "refsource": "BID", "name": "107450", "url": "http://www.securityfocus.com/bid/107450" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20190409 DLL injection in Go < 1.12.2 [CVE-2019-9634]", + "url": "http://www.openwall.com/lists/oss-security/2019/04/09/1" } ] } diff --git a/2019/9xxx/CVE-2019-9857.json b/2019/9xxx/CVE-2019-9857.json index 336d1cbb637..041fa7b90c1 100644 --- a/2019/9xxx/CVE-2019-9857.json +++ b/2019/9xxx/CVE-2019-9857.json @@ -71,6 +71,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190404-0002/", "url": "https://security.netapp.com/advisory/ntap-20190404-0002/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-65c6d11eba", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXLZ2V2ES37A3J7DMK4MZYIWV2LEZFLM/" } ] }