From 558f02fac9c3d101dca0eabfc107dfe60ffbeee6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 18 Dec 2019 18:01:00 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/2xxx/CVE-2012-2312.json | 60 ++++++++++++- 2018/11xxx/CVE-2018-11805.json | 10 +++ 2018/12xxx/CVE-2018-12127.json | 5 ++ 2018/12xxx/CVE-2018-12130.json | 5 ++ 2018/5xxx/CVE-2018-5743.json | 5 ++ 2019/10xxx/CVE-2019-10218.json | 5 ++ 2019/14xxx/CVE-2019-14833.json | 5 ++ 2019/14xxx/CVE-2019-14847.json | 5 ++ 2019/19xxx/CVE-2019-19333.json | 5 ++ 2019/19xxx/CVE-2019-19334.json | 5 ++ 2019/19xxx/CVE-2019-19829.json | 56 ++++++++++-- 2019/19xxx/CVE-2019-19832.json | 56 ++++++++++-- 2019/19xxx/CVE-2019-19833.json | 61 +++++++++++-- 2019/19xxx/CVE-2019-19885.json | 18 ++++ 2019/19xxx/CVE-2019-19886.json | 18 ++++ 2019/1xxx/CVE-2019-1125.json | 5 ++ 2019/2xxx/CVE-2019-2684.json | 25 ++++++ 2019/6xxx/CVE-2019-6201.json | 123 ++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6204.json | 75 ++++++++++++++-- 2019/6xxx/CVE-2019-6207.json | 107 +++++++++++++++++++++-- 2019/6xxx/CVE-2019-6222.json | 59 +++++++++++-- 2019/6xxx/CVE-2019-6232.json | 59 +++++++++++-- 2019/6xxx/CVE-2019-6236.json | 59 +++++++++++-- 2019/6xxx/CVE-2019-6237.json | 144 ++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6239.json | 64 ++++++++++++-- 2019/6xxx/CVE-2019-6467.json | 5 ++ 2019/6xxx/CVE-2019-6468.json | 5 ++ 2019/7xxx/CVE-2019-7284.json | 59 +++++++++++-- 2019/7xxx/CVE-2019-7285.json | 123 ++++++++++++++++++++++++-- 2019/7xxx/CVE-2019-7286.json | 85 ++++++++++++++++-- 2019/7xxx/CVE-2019-7287.json | 59 +++++++++++-- 2019/7xxx/CVE-2019-7289.json | 59 +++++++++++-- 2019/7xxx/CVE-2019-7290.json | 59 +++++++++++-- 2019/7xxx/CVE-2019-7292.json | 139 +++++++++++++++++++++++++++-- 2019/7xxx/CVE-2019-7293.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8502.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8503.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8504.json | 75 ++++++++++++++-- 2019/8xxx/CVE-2019-8505.json | 75 ++++++++++++++-- 2019/8xxx/CVE-2019-8506.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8507.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8508.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8510.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8511.json | 91 +++++++++++++++++-- 2019/8xxx/CVE-2019-8512.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8513.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8514.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8515.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8516.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8517.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8518.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8519.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8520.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8521.json | 75 ++++++++++++++-- 2019/8xxx/CVE-2019-8522.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8523.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8524.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8526.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8527.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8529.json | 75 ++++++++++++++-- 2019/8xxx/CVE-2019-8530.json | 91 +++++++++++++++++-- 2019/8xxx/CVE-2019-8533.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8535.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8536.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8537.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8540.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8541.json | 75 ++++++++++++++-- 2019/8xxx/CVE-2019-8542.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8544.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8545.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8546.json | 91 +++++++++++++++++-- 2019/8xxx/CVE-2019-8548.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8549.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8550.json | 91 +++++++++++++++++-- 2019/8xxx/CVE-2019-8551.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8552.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8553.json | 91 +++++++++++++++++-- 2019/8xxx/CVE-2019-8554.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8555.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8556.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8558.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8559.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8599.json | 59 +++++++++++-- 2019/8xxx/CVE-2019-8783.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8785.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8787.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8798.json | 107 +++++++++++++++++++++-- 2019/8xxx/CVE-2019-8812.json | 123 ++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8814.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8816.json | 155 +++++++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8819.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8821.json | 139 +++++++++++++++++++++++++++-- 2019/8xxx/CVE-2019-8823.json | 139 +++++++++++++++++++++++++++-- 93 files changed, 7054 insertions(+), 539 deletions(-) create mode 100644 2019/19xxx/CVE-2019-19885.json create mode 100644 2019/19xxx/CVE-2019-19886.json diff --git a/2012/2xxx/CVE-2012-2312.json b/2012/2xxx/CVE-2012-2312.json index cf78d03206b..df24fd34010 100644 --- a/2012/2xxx/CVE-2012-2312.json +++ b/2012/2xxx/CVE-2012-2312.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2312", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "JBoss AS 7", + "product": { + "product_data": [ + { + "product_name": "JBoss", + "version": { + "version_data": [ + { + "version_value": "AS 7 Community Release" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "UNKNOWN_TYPE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2012-2312", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2012-2312" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2312", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2312" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2012-2312", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2012-2312" } ] } diff --git a/2018/11xxx/CVE-2018-11805.json b/2018/11xxx/CVE-2018-11805.json index 6f4a1798913..53be138a329 100644 --- a/2018/11xxx/CVE-2018-11805.json +++ b/2018/11xxx/CVE-2018-11805.json @@ -98,6 +98,16 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20191216 [SECURITY] [DLA 2037-1] spamassassin security update", "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00019.html" + }, + { + "refsource": "MLIST", + "name": "[spamassassin-users] 20191218 CVE-2018-11805 fix and sa-exim", + "url": "https://lists.apache.org/thread.html/c1f59b7e13b7f2c12f847f7d0dec2636df3cdbcaa6d8309007395ff4@%3Cusers.spamassassin.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[spamassassin-users] 20191218 Re: CVE-2018-11805 fix and sa-exim", + "url": "https://lists.apache.org/thread.html/8534b60bae95ac3a8a4adb840f4ab26135f1c973ce197ff44439cbae@%3Cusers.spamassassin.apache.org%3E" } ] }, diff --git a/2018/12xxx/CVE-2018-12127.json b/2018/12xxx/CVE-2018-12127.json index d98fce3c159..4578da096b5 100644 --- a/2018/12xxx/CVE-2018-12127.json +++ b/2018/12xxx/CVE-2018-12127.json @@ -49,6 +49,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_24", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_24" + }, { "refsource": "FEDORA", "name": "FEDORA-2019-1f5832fc0e", diff --git a/2018/12xxx/CVE-2018-12130.json b/2018/12xxx/CVE-2018-12130.json index fc5d1e5cb50..0c6bf01cc3f 100644 --- a/2018/12xxx/CVE-2018-12130.json +++ b/2018/12xxx/CVE-2018-12130.json @@ -49,6 +49,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_24", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_24" + }, { "refsource": "FEDORA", "name": "FEDORA-2019-1f5832fc0e", diff --git a/2018/5xxx/CVE-2018-5743.json b/2018/5xxx/CVE-2018-5743.json index 61625a0c447..55822e18552 100644 --- a/2018/5xxx/CVE-2018-5743.json +++ b/2018/5xxx/CVE-2018-5743.json @@ -85,6 +85,11 @@ "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2018-5743" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_20", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_20" + }, { "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K74009656?utm_source=f5support&utm_medium=RSS", diff --git a/2019/10xxx/CVE-2019-10218.json b/2019/10xxx/CVE-2019-10218.json index 9c49cd14551..dd7fb33fb44 100644 --- a/2019/10xxx/CVE-2019-10218.json +++ b/2019/10xxx/CVE-2019-10218.json @@ -54,6 +54,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2019-10218.html" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_35", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_35" + }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:2458", diff --git a/2019/14xxx/CVE-2019-14833.json b/2019/14xxx/CVE-2019-14833.json index 79ce0eee559..462812899ae 100644 --- a/2019/14xxx/CVE-2019-14833.json +++ b/2019/14xxx/CVE-2019-14833.json @@ -54,6 +54,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2019-14833.html" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_35", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_35" + }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:2458", diff --git a/2019/14xxx/CVE-2019-14847.json b/2019/14xxx/CVE-2019-14847.json index 2868ec944d4..e52cdb13117 100644 --- a/2019/14xxx/CVE-2019-14847.json +++ b/2019/14xxx/CVE-2019-14847.json @@ -54,6 +54,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2019-14847.html" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_35", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_35" + }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:2458", diff --git a/2019/19xxx/CVE-2019-19333.json b/2019/19xxx/CVE-2019-19333.json index 4ffd13ab1a9..4b89a2a969f 100644 --- a/2019/19xxx/CVE-2019-19333.json +++ b/2019/19xxx/CVE-2019-19333.json @@ -58,6 +58,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-dfe0b42bc5", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9d83929ffa", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/" } ] }, diff --git a/2019/19xxx/CVE-2019-19334.json b/2019/19xxx/CVE-2019-19334.json index 31886765444..7cb9e7bc556 100644 --- a/2019/19xxx/CVE-2019-19334.json +++ b/2019/19xxx/CVE-2019-19334.json @@ -58,6 +58,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-dfe0b42bc5", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2019-9d83929ffa", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/" } ] }, diff --git a/2019/19xxx/CVE-2019-19829.json b/2019/19xxx/CVE-2019-19829.json index ec994a54403..44b47a03237 100644 --- a/2019/19xxx/CVE-2019-19829.json +++ b/2019/19xxx/CVE-2019-19829.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19829", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19829", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability than CVE-2018-19934 and CVE-2019-13182." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155708/Serv-U-FTP-Server-15.1.7-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/155708/Serv-U-FTP-Server-15.1.7-Cross-Site-Scripting.html" } ] } diff --git a/2019/19xxx/CVE-2019-19832.json b/2019/19xxx/CVE-2019-19832.json index 5bbfe66d5bc..be4f9ed09f4 100644 --- a/2019/19xxx/CVE-2019-19832.json +++ b/2019/19xxx/CVE-2019-19832.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19832", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19832", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Xerox AltaLink C8035 printers allow CSRF. A request to add users is made in the Device User Database form field to the xerox.set URI. (The frmUserName value must have a unique name.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155709/Xerox-AltaLink-C8035-Printer-Cross-Site-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/155709/Xerox-AltaLink-C8035-Printer-Cross-Site-Request-Forgery.html" } ] } diff --git a/2019/19xxx/CVE-2019-19833.json b/2019/19xxx/CVE-2019-19833.json index d9fc17b799f..cb28b346e81 100644 --- a/2019/19xxx/CVE-2019-19833.json +++ b/2019/19xxx/CVE-2019-19833.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19833", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19833", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Tautulli/Tautulli/compare/v2.1.9...v2.1.10-beta", + "refsource": "MISC", + "name": "https://github.com/Tautulli/Tautulli/compare/v2.1.9...v2.1.10-beta" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155710/Tautulli-2.1.9-Cross-Site-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/155710/Tautulli-2.1.9-Cross-Site-Request-Forgery.html" } ] } diff --git a/2019/19xxx/CVE-2019-19885.json b/2019/19xxx/CVE-2019-19885.json new file mode 100644 index 00000000000..42ab880d25d --- /dev/null +++ b/2019/19xxx/CVE-2019-19885.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19885", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19886.json b/2019/19xxx/CVE-2019-19886.json new file mode 100644 index 00000000000..e76a4f8a760 --- /dev/null +++ b/2019/19xxx/CVE-2019-19886.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-19886", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1125.json b/2019/1xxx/CVE-2019-1125.json index ef364d2cecd..37b94df5c2d 100644 --- a/2019/1xxx/CVE-2019-1125.json +++ b/2019/1xxx/CVE-2019-1125.json @@ -212,6 +212,11 @@ "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125" }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_32", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_32" + }, { "refsource": "REDHAT", "name": "RHSA-2019:2600", diff --git a/2019/2xxx/CVE-2019-2684.json b/2019/2xxx/CVE-2019-2684.json index fb801e61c7c..b6dc296ea92 100644 --- a/2019/2xxx/CVE-2019-2684.json +++ b/2019/2xxx/CVE-2019-2684.json @@ -156,6 +156,31 @@ "refsource": "CONFIRM", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation", + "url": "https://lists.apache.org/thread.html/f7f54b4888060d99f59993f006e25005a2b58db0c07ff866bdcd6f17@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[announce] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation", + "url": "https://lists.apache.org/thread.html/c58d6c3b49c615916b163809f963a55421cac2264885739508e68108@%3Cannounce.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-announce] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation", + "url": "https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67@%3Cannounce.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-dev] 20191218 svn commit: r1871756 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml", + "url": "https://lists.apache.org/thread.html/38a01302c92ae513910d8c851a2d111736565bd698be4e3af3e4c063@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[tomcat-users] 20191218 [SECURITY] CVE-2019-12418 Local Privilege Escalation", + "url": "https://lists.apache.org/thread.html/71bd3e4e222479c266eaafc8d0c171ef5782a69b52f68df11b650ed7@%3Cusers.tomcat.apache.org%3E" } ] } diff --git a/2019/6xxx/CVE-2019-6201.json b/2019/6xxx/CVE-2019-6201.json index 2affed2b076..684f9de524e 100644 --- a/2019/6xxx/CVE-2019-6201.json +++ b/2019/6xxx/CVE-2019-6201.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6201", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6201", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/6xxx/CVE-2019-6204.json b/2019/6xxx/CVE-2019-6204.json index 2b343ab263f..796ffb0327f 100644 --- a/2019/6xxx/CVE-2019-6204.json +++ b/2019/6xxx/CVE-2019-6204.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6204", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6204", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting." } ] } diff --git a/2019/6xxx/CVE-2019-6207.json b/2019/6xxx/CVE-2019-6207.json index 6f572672b9c..d9bd04448d4 100644 --- a/2019/6xxx/CVE-2019-6207.json +++ b/2019/6xxx/CVE-2019-6207.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6207", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6207", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to determine kernel memory layout" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout." } ] } diff --git a/2019/6xxx/CVE-2019-6222.json b/2019/6xxx/CVE-2019-6222.json index 2173696d444..1acca5cd46e 100644 --- a/2019/6xxx/CVE-2019-6222.json +++ b/2019/6xxx/CVE-2019-6222.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6222", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6222", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A website may be able to access the microphone without the microphone use indicator being shown" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A consistency issue was addressed with improved state handling. This issue is fixed in iOS 12.2. A website may be able to access the microphone without the microphone use indicator being shown." } ] } diff --git a/2019/6xxx/CVE-2019-6232.json b/2019/6xxx/CVE-2019-6232.json index 99ca0597e4a..a1ab4d34aff 100644 --- a/2019/6xxx/CVE-2019-6232.json +++ b/2019/6xxx/CVE-2019-6232.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6232", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6232", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Running the iTunes installer in an untrusted directory may result in arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution." } ] } diff --git a/2019/6xxx/CVE-2019-6236.json b/2019/6xxx/CVE-2019-6236.json index 745dec41930..c6f582f9ce9 100644 --- a/2019/6xxx/CVE-2019-6236.json +++ b/2019/6xxx/CVE-2019-6236.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6236", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6236", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Running the iCloud installer in an untrusted directory may result in arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution." } ] } diff --git a/2019/6xxx/CVE-2019-6237.json b/2019/6xxx/CVE-2019-6237.json index 98a3e433820..40361a4e8ad 100644 --- a/2019/6xxx/CVE-2019-6237.json +++ b/2019/6xxx/CVE-2019-6237.json @@ -1,17 +1,147 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6237", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6237", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.3" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.3" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": " iTunes for Windows 12.9.5" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.12" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210118", + "refsource": "MISC", + "name": "https://support.apple.com/HT210118" + }, + { + "url": "https://support.apple.com/HT210119", + "refsource": "MISC", + "name": "https://support.apple.com/HT210119" + }, + { + "url": "https://support.apple.com/HT210120", + "refsource": "MISC", + "name": "https://support.apple.com/HT210120" + }, + { + "url": "https://support.apple.com/HT210123", + "refsource": "MISC", + "name": "https://support.apple.com/HT210123" + }, + { + "url": "https://support.apple.com/HT210124", + "refsource": "MISC", + "name": "https://support.apple.com/HT210124" + }, + { + "url": "https://support.apple.com/HT210125", + "refsource": "MISC", + "name": "https://support.apple.com/HT210125" + }, + { + "url": "https://support.apple.com/HT210212", + "refsource": "MISC", + "name": "https://support.apple.com/HT210212" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/6xxx/CVE-2019-6239.json b/2019/6xxx/CVE-2019-6239.json index e9f2201eab9..8e561b5d907 100644 --- a/2019/6xxx/CVE-2019-6239.json +++ b/2019/6xxx/CVE-2019-6239.json @@ -1,17 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6239", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6239", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may bypass Gatekeeper checks" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209446", + "refsource": "MISC", + "name": "https://support.apple.com/HT209446" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks." } ] } diff --git a/2019/6xxx/CVE-2019-6467.json b/2019/6xxx/CVE-2019-6467.json index 57e7d7e4c99..b524554e480 100644 --- a/2019/6xxx/CVE-2019-6467.json +++ b/2019/6xxx/CVE-2019-6467.json @@ -84,6 +84,11 @@ "name": "https://kb.isc.org/docs/cve-2019-6467", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2019-6467" + }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_20", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_20" } ] }, diff --git a/2019/6xxx/CVE-2019-6468.json b/2019/6xxx/CVE-2019-6468.json index 34c1167a4c1..26d188e2427 100644 --- a/2019/6xxx/CVE-2019-6468.json +++ b/2019/6xxx/CVE-2019-6468.json @@ -84,6 +84,11 @@ "name": "https://kb.isc.org/docs/cve-2019-6468", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/cve-2019-6468" + }, + { + "refsource": "CONFIRM", + "name": "https://www.synology.com/security/advisory/Synology_SA_19_20", + "url": "https://www.synology.com/security/advisory/Synology_SA_19_20" } ] }, diff --git a/2019/7xxx/CVE-2019-7284.json b/2019/7xxx/CVE-2019-7284.json index 49710bd021a..5cc3ebcdfe1 100644 --- a/2019/7xxx/CVE-2019-7284.json +++ b/2019/7xxx/CVE-2019-7284.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7284", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7284", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted mail message may lead to S/MIME signature spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing." } ] } diff --git a/2019/7xxx/CVE-2019-7285.json b/2019/7xxx/CVE-2019-7285.json index 6f5b9849773..29e036a802e 100644 --- a/2019/7xxx/CVE-2019-7285.json +++ b/2019/7xxx/CVE-2019-7285.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7285", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7285", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/7xxx/CVE-2019-7286.json b/2019/7xxx/CVE-2019-7286.json index dbe2cc83741..8b1d67b6e74 100644 --- a/2019/7xxx/CVE-2019-7286.json +++ b/2019/7xxx/CVE-2019-7286.json @@ -1,17 +1,88 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7286", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7286", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.1.4" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.3 Supplemental Update" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to gain elevated privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + }, + { + "url": "https://support.apple.com/HT209520", + "refsource": "MISC", + "name": "https://support.apple.com/HT209520" + }, + { + "url": "https://support.apple.com/HT209521", + "refsource": "MISC", + "name": "https://support.apple.com/HT209521" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges." } ] } diff --git a/2019/7xxx/CVE-2019-7287.json b/2019/7xxx/CVE-2019-7287.json index d44d436db6d..688f951f50c 100644 --- a/2019/7xxx/CVE-2019-7287.json +++ b/2019/7xxx/CVE-2019-7287.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7287", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7287", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209520", + "refsource": "MISC", + "name": "https://support.apple.com/HT209520" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/7xxx/CVE-2019-7289.json b/2019/7xxx/CVE-2019-7289.json index c637d8bcfd8..da1610e28e3 100644 --- a/2019/7xxx/CVE-2019-7289.json +++ b/2019/7xxx/CVE-2019-7289.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7289", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7289", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Shortcuts", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Shortcuts 2.1.3 for iOS" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to view senstive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209522", + "refsource": "MISC", + "name": "https://support.apple.com/HT209522" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information." } ] } diff --git a/2019/7xxx/CVE-2019-7290.json b/2019/7xxx/CVE-2019-7290.json index f7e360b916a..123214bdc45 100644 --- a/2019/7xxx/CVE-2019-7290.json +++ b/2019/7xxx/CVE-2019-7290.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7290", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7290", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Shortcuts", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Shortcuts 2.1.3 for iOS" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A sandboxed process may be able to circumvent sandbox restrictions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209522", + "refsource": "MISC", + "name": "https://support.apple.com/HT209522" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions." } ] } diff --git a/2019/7xxx/CVE-2019-7292.json b/2019/7xxx/CVE-2019-7292.json index fcc5156ae35..8b474448947 100644 --- a/2019/7xxx/CVE-2019-7292.json +++ b/2019/7xxx/CVE-2019-7292.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7292", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7292", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may result in the disclosure of process memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory." } ] } diff --git a/2019/7xxx/CVE-2019-7293.json b/2019/7xxx/CVE-2019-7293.json index f78d7461c1d..243e40a6773 100644 --- a/2019/7xxx/CVE-2019-7293.json +++ b/2019/7xxx/CVE-2019-7293.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7293", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-7293", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to read kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory." } ] } diff --git a/2019/8xxx/CVE-2019-8502.json b/2019/8xxx/CVE-2019-8502.json index 50d8efa3366..6433d1e86be 100644 --- a/2019/8xxx/CVE-2019-8502.json +++ b/2019/8xxx/CVE-2019-8502.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8502", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8502", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to initiate a Dictation request without user authorization" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization." } ] } diff --git a/2019/8xxx/CVE-2019-8503.json b/2019/8xxx/CVE-2019-8503.json index 80b44473bfb..d9c6ce122c5 100644 --- a/2019/8xxx/CVE-2019-8503.json +++ b/2019/8xxx/CVE-2019-8503.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8503", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8503", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious website may be able to execute scripts in the context of another website" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website." } ] } diff --git a/2019/8xxx/CVE-2019-8504.json b/2019/8xxx/CVE-2019-8504.json index b81fd0c50f4..08f7ea94865 100644 --- a/2019/8xxx/CVE-2019-8504.json +++ b/2019/8xxx/CVE-2019-8504.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8504", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8504", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to read kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory." } ] } diff --git a/2019/8xxx/CVE-2019-8505.json b/2019/8xxx/CVE-2019-8505.json index 117c83b4794..810933e713f 100644 --- a/2019/8xxx/CVE-2019-8505.json +++ b/2019/8xxx/CVE-2019-8505.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8505", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8505", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting." } ] } diff --git a/2019/8xxx/CVE-2019-8506.json b/2019/8xxx/CVE-2019-8506.json index d6701f5ee86..d4e5bdc9703 100644 --- a/2019/8xxx/CVE-2019-8506.json +++ b/2019/8xxx/CVE-2019-8506.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8506", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8506", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8507.json b/2019/8xxx/CVE-2019-8507.json index f45323a3906..619537aef07 100644 --- a/2019/8xxx/CVE-2019-8507.json +++ b/2019/8xxx/CVE-2019-8507.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8507", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8507", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing malicious data may lead to unexpected application termination" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination." } ] } diff --git a/2019/8xxx/CVE-2019-8508.json b/2019/8xxx/CVE-2019-8508.json index dd64dc1e74f..f63e67ab906 100644 --- a/2019/8xxx/CVE-2019-8508.json +++ b/2019/8xxx/CVE-2019-8508.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8508", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8508", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8510.json b/2019/8xxx/CVE-2019-8510.json index 534deeb1d63..4b42aa1fee8 100644 --- a/2019/8xxx/CVE-2019-8510.json +++ b/2019/8xxx/CVE-2019-8510.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8510", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8510", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to determine kernel memory layout" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout." } ] } diff --git a/2019/8xxx/CVE-2019-8511.json b/2019/8xxx/CVE-2019-8511.json index 6db235c9998..271b343237d 100644 --- a/2019/8xxx/CVE-2019-8511.json +++ b/2019/8xxx/CVE-2019-8511.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8511", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8511", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to elevate privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8512.json b/2019/8xxx/CVE-2019-8512.json index cf5d599102d..73b449340d2 100644 --- a/2019/8xxx/CVE-2019-8512.json +++ b/2019/8xxx/CVE-2019-8512.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8512", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8512", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure." } ] } diff --git a/2019/8xxx/CVE-2019-8513.json b/2019/8xxx/CVE-2019-8513.json index f16daa0fd59..72ebacafb4d 100644 --- a/2019/8xxx/CVE-2019-8513.json +++ b/2019/8xxx/CVE-2019-8513.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8513", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8513", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to execute arbitrary shell commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands." } ] } diff --git a/2019/8xxx/CVE-2019-8514.json b/2019/8xxx/CVE-2019-8514.json index 7a5571234ec..e0aca11222d 100644 --- a/2019/8xxx/CVE-2019-8514.json +++ b/2019/8xxx/CVE-2019-8514.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8514", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8514", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to gain elevated privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8515.json b/2019/8xxx/CVE-2019-8515.json index 01ace1d5ebc..6b844d55c21 100644 --- a/2019/8xxx/CVE-2019-8515.json +++ b/2019/8xxx/CVE-2019-8515.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8515", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8515", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may disclose sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information." } ] } diff --git a/2019/8xxx/CVE-2019-8516.json b/2019/8xxx/CVE-2019-8516.json index 7913c5aaf4f..8c9479322d5 100644 --- a/2019/8xxx/CVE-2019-8516.json +++ b/2019/8xxx/CVE-2019-8516.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8516", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8516", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted string may lead to a denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service." } ] } diff --git a/2019/8xxx/CVE-2019-8517.json b/2019/8xxx/CVE-2019-8517.json index 1a930604f56..e6f0a95609f 100644 --- a/2019/8xxx/CVE-2019-8517.json +++ b/2019/8xxx/CVE-2019-8517.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8517", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8517", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing a maliciously crafted font may result in the disclosure of process memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory." } ] } diff --git a/2019/8xxx/CVE-2019-8518.json b/2019/8xxx/CVE-2019-8518.json index 4d059fcbcb6..129296cb2ff 100644 --- a/2019/8xxx/CVE-2019-8518.json +++ b/2019/8xxx/CVE-2019-8518.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8518", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8518", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8519.json b/2019/8xxx/CVE-2019-8519.json index e80a34e7f0a..b6ee9834812 100644 --- a/2019/8xxx/CVE-2019-8519.json +++ b/2019/8xxx/CVE-2019-8519.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8519", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8519", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to read restricted memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. An application may be able to read restricted memory." } ] } diff --git a/2019/8xxx/CVE-2019-8520.json b/2019/8xxx/CVE-2019-8520.json index bd3e2dd6272..2b3981c1781 100644 --- a/2019/8xxx/CVE-2019-8520.json +++ b/2019/8xxx/CVE-2019-8520.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8520", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8520", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to read restricted memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory." } ] } diff --git a/2019/8xxx/CVE-2019-8521.json b/2019/8xxx/CVE-2019-8521.json index af4f4d19f58..dd9d8dd2b48 100644 --- a/2019/8xxx/CVE-2019-8521.json +++ b/2019/8xxx/CVE-2019-8521.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8521", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8521", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to overwrite arbitrary files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files." } ] } diff --git a/2019/8xxx/CVE-2019-8522.json b/2019/8xxx/CVE-2019-8522.json index 1e674c2f498..f55a6c62596 100644 --- a/2019/8xxx/CVE-2019-8522.json +++ b/2019/8xxx/CVE-2019-8522.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8522", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8522", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An encrypted volume may be unmounted and remounted by a different user without prompting for the password" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password." } ] } diff --git a/2019/8xxx/CVE-2019-8523.json b/2019/8xxx/CVE-2019-8523.json index 1450ba1f1b3..1d84208dd18 100644 --- a/2019/8xxx/CVE-2019-8523.json +++ b/2019/8xxx/CVE-2019-8523.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8523", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8523", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8524.json b/2019/8xxx/CVE-2019-8524.json index 795121c8a11..6c6406a5de7 100644 --- a/2019/8xxx/CVE-2019-8524.json +++ b/2019/8xxx/CVE-2019-8524.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8524", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8524", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8526.json b/2019/8xxx/CVE-2019-8526.json index 43409b9e409..a5f14785bc0 100644 --- a/2019/8xxx/CVE-2019-8526.json +++ b/2019/8xxx/CVE-2019-8526.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8526", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8526", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to gain elevated privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8527.json b/2019/8xxx/CVE-2019-8527.json index 66c7d0b154d..15a589d3fd0 100644 --- a/2019/8xxx/CVE-2019-8527.json +++ b/2019/8xxx/CVE-2019-8527.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8527", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8527", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory." } ] } diff --git a/2019/8xxx/CVE-2019-8529.json b/2019/8xxx/CVE-2019-8529.json index ffbfe4c7a5c..3dd18db119c 100644 --- a/2019/8xxx/CVE-2019-8529.json +++ b/2019/8xxx/CVE-2019-8529.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8529", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8529", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8530.json b/2019/8xxx/CVE-2019-8530.json index 34bfa08bc61..1fbd93096c2 100644 --- a/2019/8xxx/CVE-2019-8530.json +++ b/2019/8xxx/CVE-2019-8530.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8530", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8530", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to overwrite arbitrary files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files." } ] } diff --git a/2019/8xxx/CVE-2019-8533.json b/2019/8xxx/CVE-2019-8533.json index 52471caf8d0..100b57019c8 100644 --- a/2019/8xxx/CVE-2019-8533.json +++ b/2019/8xxx/CVE-2019-8533.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8533", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8533", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A Mac may not lock when disconnecting from an external monitor" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor." } ] } diff --git a/2019/8xxx/CVE-2019-8535.json b/2019/8xxx/CVE-2019-8535.json index 96b64a83973..30a18932f1a 100644 --- a/2019/8xxx/CVE-2019-8535.json +++ b/2019/8xxx/CVE-2019-8535.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8535", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8535", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8536.json b/2019/8xxx/CVE-2019-8536.json index 2d98abc5808..a3af72a5ced 100644 --- a/2019/8xxx/CVE-2019-8536.json +++ b/2019/8xxx/CVE-2019-8536.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8536", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8536", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8537.json b/2019/8xxx/CVE-2019-8537.json index 28e3f757d29..ad07fb2923c 100644 --- a/2019/8xxx/CVE-2019-8537.json +++ b/2019/8xxx/CVE-2019-8537.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8537", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8537", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to view a user\u2019s locked notes" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to view a user\u2019s locked notes." } ] } diff --git a/2019/8xxx/CVE-2019-8540.json b/2019/8xxx/CVE-2019-8540.json index 239668ffd54..e698b89038e 100644 --- a/2019/8xxx/CVE-2019-8540.json +++ b/2019/8xxx/CVE-2019-8540.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8540", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8540", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to determine kernel memory layout" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout." } ] } diff --git a/2019/8xxx/CVE-2019-8541.json b/2019/8xxx/CVE-2019-8541.json index 4054e574978..e0a898f5e44 100644 --- a/2019/8xxx/CVE-2019-8541.json +++ b/2019/8xxx/CVE-2019-8541.json @@ -1,17 +1,78 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8541", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8541", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious app may be able to track users between installs" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs." } ] } diff --git a/2019/8xxx/CVE-2019-8542.json b/2019/8xxx/CVE-2019-8542.json index 9285256d404..7845ef3df96 100644 --- a/2019/8xxx/CVE-2019-8542.json +++ b/2019/8xxx/CVE-2019-8542.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8542", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8542", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to elevate privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8544.json b/2019/8xxx/CVE-2019-8544.json index 8840259dab2..55c1bbd1b09 100644 --- a/2019/8xxx/CVE-2019-8544.json +++ b/2019/8xxx/CVE-2019-8544.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8544", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8544", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8545.json b/2019/8xxx/CVE-2019-8545.json index e9ea6284338..5c5a8f91b9c 100644 --- a/2019/8xxx/CVE-2019-8545.json +++ b/2019/8xxx/CVE-2019-8545.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8545", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8545", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to cause unexpected system termination or read kernel memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory." } ] } diff --git a/2019/8xxx/CVE-2019-8546.json b/2019/8xxx/CVE-2019-8546.json index b229c916971..ad97635dfc2 100644 --- a/2019/8xxx/CVE-2019-8546.json +++ b/2019/8xxx/CVE-2019-8546.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8546", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8546", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A local user may be able to view sensitive user information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A local user may be able to view sensitive user information." } ] } diff --git a/2019/8xxx/CVE-2019-8548.json b/2019/8xxx/CVE-2019-8548.json index 7ab93f3845c..86380b14035 100644 --- a/2019/8xxx/CVE-2019-8548.json +++ b/2019/8xxx/CVE-2019-8548.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8548", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8548", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A partially entered passcode may not clear when the device goes to sleep" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep." } ] } diff --git a/2019/8xxx/CVE-2019-8549.json b/2019/8xxx/CVE-2019-8549.json index 92ea22f7247..c45fac39a96 100644 --- a/2019/8xxx/CVE-2019-8549.json +++ b/2019/8xxx/CVE-2019-8549.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8549", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8549", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8550.json b/2019/8xxx/CVE-2019-8550.json index 0c8590a07b3..85324513e97 100644 --- a/2019/8xxx/CVE-2019-8550.json +++ b/2019/8xxx/CVE-2019-8550.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8550", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8550", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A user\u2019s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user\u2019s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing." } ] } diff --git a/2019/8xxx/CVE-2019-8551.json b/2019/8xxx/CVE-2019-8551.json index 4ca26217475..43e4327a2b7 100644 --- a/2019/8xxx/CVE-2019-8551.json +++ b/2019/8xxx/CVE-2019-8551.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8551", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8551", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to universal cross site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting." } ] } diff --git a/2019/8xxx/CVE-2019-8552.json b/2019/8xxx/CVE-2019-8552.json index b687d2c74c0..1837d191eff 100644 --- a/2019/8xxx/CVE-2019-8552.json +++ b/2019/8xxx/CVE-2019-8552.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8552", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8552", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to elevate privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8553.json b/2019/8xxx/CVE-2019-8553.json index d6a6718e401..7698ed8c1d9 100644 --- a/2019/8xxx/CVE-2019-8553.json +++ b/2019/8xxx/CVE-2019-8553.json @@ -1,17 +1,94 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8553", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8553", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Clicking a malicious SMS link may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2. Clicking a malicious SMS link may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8554.json b/2019/8xxx/CVE-2019-8554.json index 8c6ce28b976..c7f3667ae93 100644 --- a/2019/8xxx/CVE-2019-8554.json +++ b/2019/8xxx/CVE-2019-8554.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8554", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8554", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A website may be able to access sensor information without user consent" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A permissions issue existed in the handling of motion and orientation data. This issue was addressed with improved restrictions. This issue is fixed in iOS 12.2. A website may be able to access sensor information without user consent." } ] } diff --git a/2019/8xxx/CVE-2019-8555.json b/2019/8xxx/CVE-2019-8555.json index 29c69f2ffdb..fb32499aad2 100644 --- a/2019/8xxx/CVE-2019-8555.json +++ b/2019/8xxx/CVE-2019-8555.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8555", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8555", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Mojave 10.14.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A malicious application may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209600", + "refsource": "MISC", + "name": "https://support.apple.com/HT209600" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8556.json b/2019/8xxx/CVE-2019-8556.json index f74b1ebd2e6..98cb1a310d6 100644 --- a/2019/8xxx/CVE-2019-8556.json +++ b/2019/8xxx/CVE-2019-8556.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8556", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8556", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8558.json b/2019/8xxx/CVE-2019-8558.json index 43e5c8a2402..16a7918f9f0 100644 --- a/2019/8xxx/CVE-2019-8558.json +++ b/2019/8xxx/CVE-2019-8558.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8558", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8558", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8559.json b/2019/8xxx/CVE-2019-8559.json index 15c6d085f86..2bdca8a1ddb 100644 --- a/2019/8xxx/CVE-2019-8559.json +++ b/2019/8xxx/CVE-2019-8559.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8559", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8559", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 12.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 5.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 12.1" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes 12.9.4 for Windows" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT209599", + "refsource": "MISC", + "name": "https://support.apple.com/HT209599" + }, + { + "url": "https://support.apple.com/HT209601", + "refsource": "MISC", + "name": "https://support.apple.com/HT209601" + }, + { + "url": "https://support.apple.com/HT209603", + "refsource": "MISC", + "name": "https://support.apple.com/HT209603" + }, + { + "url": "https://support.apple.com/HT209604", + "refsource": "MISC", + "name": "https://support.apple.com/HT209604" + }, + { + "url": "https://support.apple.com/HT209605", + "refsource": "MISC", + "name": "https://support.apple.com/HT209605" + }, + { + "url": "https://support.apple.com/HT209602", + "refsource": "MISC", + "name": "https://support.apple.com/HT209602" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8599.json b/2019/8xxx/CVE-2019-8599.json index eaed55b46bf..c731dbfadfc 100644 --- a/2019/8xxx/CVE-2019-8599.json +++ b/2019/8xxx/CVE-2019-8599.json @@ -1,17 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8599", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8599", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 12.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A person with physical access to an iOS device may be able to see the email address used for iTunes" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210118", + "refsource": "MISC", + "name": "https://support.apple.com/HT210118" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes." } ] } diff --git a/2019/8xxx/CVE-2019-8783.json b/2019/8xxx/CVE-2019-8783.json index 3000e2e695e..aac6714241e 100644 --- a/2019/8xxx/CVE-2019-8783.json +++ b/2019/8xxx/CVE-2019-8783.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8783", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8783", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8785.json b/2019/8xxx/CVE-2019-8785.json index 0cb6554f1af..d188d07f96f 100644 --- a/2019/8xxx/CVE-2019-8785.json +++ b/2019/8xxx/CVE-2019-8785.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8785", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8785", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Catalina 10.15.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210724", + "refsource": "MISC", + "name": "https://support.apple.com/HT210724" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210722", + "refsource": "MISC", + "name": "https://support.apple.com/HT210722" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8787.json b/2019/8xxx/CVE-2019-8787.json index 99eee6427db..e2d94661235 100644 --- a/2019/8xxx/CVE-2019-8787.json +++ b/2019/8xxx/CVE-2019-8787.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8787", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8787", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Catalina 10.15.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "A remote attacker may be able to leak memory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210724", + "refsource": "MISC", + "name": "https://support.apple.com/HT210724" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210722", + "refsource": "MISC", + "name": "https://support.apple.com/HT210722" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory." } ] } diff --git a/2019/8xxx/CVE-2019-8798.json b/2019/8xxx/CVE-2019-8798.json index 185c2fab899..827ecddf67f 100644 --- a/2019/8xxx/CVE-2019-8798.json +++ b/2019/8xxx/CVE-2019-8798.json @@ -1,17 +1,110 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8798", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8798", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "macOS Catalina 10.15.1" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 6.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An application may be able to execute arbitrary code with system privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210724", + "refsource": "MISC", + "name": "https://support.apple.com/HT210724" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210722", + "refsource": "MISC", + "name": "https://support.apple.com/HT210722" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges." } ] } diff --git a/2019/8xxx/CVE-2019-8812.json b/2019/8xxx/CVE-2019-8812.json index ee5ba635167..6be41396596 100644 --- a/2019/8xxx/CVE-2019-8812.json +++ b/2019/8xxx/CVE-2019-8812.json @@ -1,17 +1,126 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8812", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8812", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 6.1" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210724", + "refsource": "MISC", + "name": "https://support.apple.com/HT210724" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8814.json b/2019/8xxx/CVE-2019-8814.json index 37b57d13183..1d35a25f28d 100644 --- a/2019/8xxx/CVE-2019-8814.json +++ b/2019/8xxx/CVE-2019-8814.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8814", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8814", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8816.json b/2019/8xxx/CVE-2019-8816.json index 9561aa5c839..c2888299c50 100644 --- a/2019/8xxx/CVE-2019-8816.json +++ b/2019/8xxx/CVE-2019-8816.json @@ -1,17 +1,158 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8816", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8816", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "watchOS 6.1" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210724", + "refsource": "MISC", + "name": "https://support.apple.com/HT210724" + }, + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8819.json b/2019/8xxx/CVE-2019-8819.json index ed3f08b780b..2c9ffaa6aad 100644 --- a/2019/8xxx/CVE-2019-8819.json +++ b/2019/8xxx/CVE-2019-8819.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8819", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8819", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8821.json b/2019/8xxx/CVE-2019-8821.json index e8a3c977961..e2a9d9d3477 100644 --- a/2019/8xxx/CVE-2019-8821.json +++ b/2019/8xxx/CVE-2019-8821.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8821", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8821", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2019/8xxx/CVE-2019-8823.json b/2019/8xxx/CVE-2019-8823.json index 51524f9d6ac..9ca7d42e656 100644 --- a/2019/8xxx/CVE-2019-8823.json +++ b/2019/8xxx/CVE-2019-8823.json @@ -1,17 +1,142 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8823", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-8823", + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "iOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iOS 13.2 and iPadOS 13.2" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "tvOS 13.2" + } + ] + } + }, + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "Safari 13.0.3" + } + ] + } + }, + { + "product_name": "iTunes for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iTunes for Windows 12.10.2" + } + ] + } + }, + { + "product_name": "iCloud for Windows", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 11.0" + } + ] + } + }, + { + "product_name": "iCloud for Windows (Legacy)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "iCloud for Windows 7.15" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.apple.com/HT210727", + "refsource": "MISC", + "name": "https://support.apple.com/HT210727" + }, + { + "url": "https://support.apple.com/HT210721", + "refsource": "MISC", + "name": "https://support.apple.com/HT210721" + }, + { + "url": "https://support.apple.com/HT210726", + "refsource": "MISC", + "name": "https://support.apple.com/HT210726" + }, + { + "url": "https://support.apple.com/HT210723", + "refsource": "MISC", + "name": "https://support.apple.com/HT210723" + }, + { + "url": "https://support.apple.com/HT210728", + "refsource": "MISC", + "name": "https://support.apple.com/HT210728" + }, + { + "url": "https://support.apple.com/HT210725", + "refsource": "MISC", + "name": "https://support.apple.com/HT210725" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution." } ] }