From 619e3076294df41cdd596adceef739c35de9fbeb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 17 Feb 2021 14:00:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/0xxx/CVE-2020-0518.json | 62 +++++++++++++++++++++++++ 2020/0xxx/CVE-2020-0521.json | 62 +++++++++++++++++++++++++ 2020/0xxx/CVE-2020-0544.json | 62 +++++++++++++++++++++++++ 2020/12xxx/CVE-2020-12361.json | 50 +++++++++++++++++++-- 2020/12xxx/CVE-2020-12362.json | 50 +++++++++++++++++++-- 2020/12xxx/CVE-2020-12367.json | 50 +++++++++++++++++++-- 2020/12xxx/CVE-2020-12368.json | 50 +++++++++++++++++++-- 2020/12xxx/CVE-2020-12369.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24450.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24452.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24453.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24458.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24462.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24480.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24481.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24482.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24485.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24491.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24492.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24493.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24494.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24495.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24496.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24497.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24498.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24500.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24501.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24502.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24503.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24504.json | 50 +++++++++++++++++++-- 2020/24xxx/CVE-2020-24505.json | 50 +++++++++++++++++++-- 2020/7xxx/CVE-2020-7848.json | 81 ++++++++++++++++++++++++++++++--- 2020/7xxx/CVE-2020-7849.json | 82 +++++++++++++++++++++++++++++++--- 2020/8xxx/CVE-2020-8678.json | 50 +++++++++++++++++++-- 2020/8xxx/CVE-2020-8701.json | 50 +++++++++++++++++++-- 2021/0xxx/CVE-2021-0109.json | 50 +++++++++++++++++++-- 2021/22xxx/CVE-2021-22853.json | 7 +-- 2021/22xxx/CVE-2021-22854.json | 5 ++- 2021/22xxx/CVE-2021-22855.json | 5 ++- 39 files changed, 1804 insertions(+), 112 deletions(-) create mode 100644 2020/0xxx/CVE-2020-0518.json create mode 100644 2020/0xxx/CVE-2020-0521.json create mode 100644 2020/0xxx/CVE-2020-0544.json diff --git a/2020/0xxx/CVE-2020-0518.json b/2020/0xxx/CVE-2020-0518.json new file mode 100644 index 00000000000..380647d37e9 --- /dev/null +++ b/2020/0xxx/CVE-2020-0518.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0518", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) HD Graphics Control Panel", + "version": { + "version_data": [ + { + "version_value": "before version 15.40.46.5144 and 15.36.39.5143" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper access control in the Intel(R) HD Graphics Control Panel before version 15.40.46.5144 and 15.36.39.5143 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0521.json b/2020/0xxx/CVE-2020-0521.json new file mode 100644 index 00000000000..e2423603d12 --- /dev/null +++ b/2020/0xxx/CVE-2020-0521.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0521", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 15.45.32.5145" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient control flow management in some Intel(R) Graphics Drivers before version 15.45.32.5145 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0544.json b/2020/0xxx/CVE-2020-0544.json new file mode 100644 index 00000000000..d729ec48850 --- /dev/null +++ b/2020/0xxx/CVE-2020-0544.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0544", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 15.36.39.5145" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient control flow management in the kernel mode driver for some Intel(R) Graphics Drivers before version 15.36.39.5145 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12361.json b/2020/12xxx/CVE-2020-12361.json index 52fdebe4160..33ec30eebe6 100644 --- a/2020/12xxx/CVE-2020-12361.json +++ b/2020/12xxx/CVE-2020-12361.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12361", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 15.33.51.5146" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use after free in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access." } ] } diff --git a/2020/12xxx/CVE-2020-12362.json b/2020/12xxx/CVE-2020-12362.json index 20193445166..0148e5223e2 100644 --- a/2020/12xxx/CVE-2020-12362.json +++ b/2020/12xxx/CVE-2020-12362.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12362", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and", + "version": { + "version_data": [ + { + "version_value": "before version 26.20.100.7212 and before Linux kernel version 5.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/12xxx/CVE-2020-12367.json b/2020/12xxx/CVE-2020-12367.json index 15b6cb3d45b..11497a53766 100644 --- a/2020/12xxx/CVE-2020-12367.json +++ b/2020/12xxx/CVE-2020-12367.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12367", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 26.20.100.8476" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/12xxx/CVE-2020-12368.json b/2020/12xxx/CVE-2020-12368.json index c0915bf5e3e..cc26d06c22d 100644 --- a/2020/12xxx/CVE-2020-12368.json +++ b/2020/12xxx/CVE-2020-12368.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12368", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 26.20.100.8141" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/12xxx/CVE-2020-12369.json b/2020/12xxx/CVE-2020-12369.json index 6841f6320fd..d20d305683b 100644 --- a/2020/12xxx/CVE-2020-12369.json +++ b/2020/12xxx/CVE-2020-12369.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12369", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 26.20.100.8336" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bound write in some Intel(R) Graphics Drivers before version 26.20.100.8336 may allow a privileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24450.json b/2020/24xxx/CVE-2020-24450.json index c0b7ad0164b..603488a0574 100644 --- a/2020/24xxx/CVE-2020-24450.json +++ b/2020/24xxx/CVE-2020-24450.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24450", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper conditions check in some Intel(R) Graphics Drivers before versions 26.20.100.8141, 15.45.32.5145 and 15.40.46.5144 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24452.json b/2020/24xxx/CVE-2020-24452.json index 07983336de8..6484023885f 100644 --- a/2020/24xxx/CVE-2020-24452.json +++ b/2020/24xxx/CVE-2020-24452.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24452", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SGX Platform Software for Windows*", + "version": { + "version_data": [ + { + "version_value": "See references" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00444.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00444.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24453.json b/2020/24xxx/CVE-2020-24453.json index 6e425424c8b..d3c48d3bac3 100644 --- a/2020/24xxx/CVE-2020-24453.json +++ b/2020/24xxx/CVE-2020-24453.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24453", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) EPID SDK", + "version": { + "version_data": [ + { + "version_value": "before version 8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00445.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00445.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24458.json b/2020/24xxx/CVE-2020-24458.json index b88274f8574..647dce4fc94 100644 --- a/2020/24xxx/CVE-2020-24458.json +++ b/2020/24xxx/CVE-2020-24458.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24458", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) PROSet/Wireless WiFi and Killer (TM) drivers", + "version": { + "version_data": [ + { + "version_value": "before version 22.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure and denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00448.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00448.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incomplete cleanup in some Intel(R) PROSet/Wireless WiFi and Killer (TM) drivers before version 22.0 may allow a privileged user to potentially enable information disclosure and denial of service via adjacent access." } ] } diff --git a/2020/24xxx/CVE-2020-24462.json b/2020/24xxx/CVE-2020-24462.json index 24137c44ddb..d173cdf6344 100644 --- a/2020/24xxx/CVE-2020-24462.json +++ b/2020/24xxx/CVE-2020-24462.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24462", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Driver", + "version": { + "version_data": [ + { + "version_value": "before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24480.json b/2020/24xxx/CVE-2020-24480.json index 300fc7c4ce9..7926593e125 100644 --- a/2020/24xxx/CVE-2020-24480.json +++ b/2020/24xxx/CVE-2020-24480.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) XTU", + "version": { + "version_data": [ + { + "version_value": "before version 6.5.3.25" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00450.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00450.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24481.json b/2020/24xxx/CVE-2020-24481.json index d1e61174bd1..f0c4f2b0194 100644 --- a/2020/24xxx/CVE-2020-24481.json +++ b/2020/24xxx/CVE-2020-24481.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24481", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Quartus Prime Pro and Standard edition software", + "version": { + "version_data": [ + { + "version_value": "See references" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00451.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00451.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insecure inherited permissions for the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24482.json b/2020/24xxx/CVE-2020-24482.json index 4cae0efdfee..dd6a58bd115 100644 --- a/2020/24xxx/CVE-2020-24482.json +++ b/2020/24xxx/CVE-2020-24482.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24482", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 7360 Cell Modem", + "version": { + "version_data": [ + { + "version_value": "See references" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00453.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00453.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before UDE version 9.4.370 may allow unauthenticated user to potentially enable denial of service via network access." } ] } diff --git a/2020/24xxx/CVE-2020-24485.json b/2020/24xxx/CVE-2020-24485.json index ac57308a1b9..0c26ccb3689 100644 --- a/2020/24xxx/CVE-2020-24485.json +++ b/2020/24xxx/CVE-2020-24485.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24485", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Trace Analyzer and Collector", + "version": { + "version_data": [ + { + "version_value": "before version 2020 update 3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00475.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24491.json b/2020/24xxx/CVE-2020-24491.json index 347974c4cdb..9ffef2d1acc 100644 --- a/2020/24xxx/CVE-2020-24491.json +++ b/2020/24xxx/CVE-2020-24491.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24491", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 10th Generation Core Processors supporting SGX", + "version": { + "version_data": [ + { + "version_value": "See references" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00455.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00455.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24492.json b/2020/24xxx/CVE-2020-24492.json index 14e5173feff..106bfb89322 100644 --- a/2020/24xxx/CVE-2020-24492.json +++ b/2020/24xxx/CVE-2020-24492.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24492", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 722 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24493.json b/2020/24xxx/CVE-2020-24493.json index 5b284aae2d2..d10188e41bc 100644 --- a/2020/24xxx/CVE-2020-24493.json +++ b/2020/24xxx/CVE-2020-24493.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24493", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 700-series of Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24494.json b/2020/24xxx/CVE-2020-24494.json index baafca5f8af..626f100e2c5 100644 --- a/2020/24xxx/CVE-2020-24494.json +++ b/2020/24xxx/CVE-2020-24494.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24494", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 722 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24495.json b/2020/24xxx/CVE-2020-24495.json index bf600e46583..0d0ea71caa4 100644 --- a/2020/24xxx/CVE-2020-24495.json +++ b/2020/24xxx/CVE-2020-24495.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24495", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 700-series of Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24496.json b/2020/24xxx/CVE-2020-24496.json index a4d99ef87f7..1562f5bcd0c 100644 --- a/2020/24xxx/CVE-2020-24496.json +++ b/2020/24xxx/CVE-2020-24496.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24496", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 722 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24497.json b/2020/24xxx/CVE-2020-24497.json index 9b9a3a25b3b..8534a1da978 100644 --- a/2020/24xxx/CVE-2020-24497.json +++ b/2020/24xxx/CVE-2020-24497.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24497", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) E810 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.1.13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24498.json b/2020/24xxx/CVE-2020-24498.json index 80b13a9603e..2925b6c33a7 100644 --- a/2020/24xxx/CVE-2020-24498.json +++ b/2020/24xxx/CVE-2020-24498.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24498", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) E810 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.1.13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24500.json b/2020/24xxx/CVE-2020-24500.json index bd1060626d7..5b2f732296d 100644 --- a/2020/24xxx/CVE-2020-24500.json +++ b/2020/24xxx/CVE-2020-24500.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24500", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) E810 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.1.13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24501.json b/2020/24xxx/CVE-2020-24501.json index a3272cc7a6c..3e294476bc4 100644 --- a/2020/24xxx/CVE-2020-24501.json +++ b/2020/24xxx/CVE-2020-24501.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24501", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) E810 Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 1.4.1.13" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access." } ] } diff --git a/2020/24xxx/CVE-2020-24502.json b/2020/24xxx/CVE-2020-24502.json index cbc180326c4..08002b0012e 100644 --- a/2020/24xxx/CVE-2020-24502.json +++ b/2020/24xxx/CVE-2020-24502.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24502", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and", + "version": { + "version_data": [ + { + "version_value": "before version 1.0.4 and before version 1.4.29.0 for Windows" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24503.json b/2020/24xxx/CVE-2020-24503.json index 1c73d0bca80..8426badf3e2 100644 --- a/2020/24xxx/CVE-2020-24503.json +++ b/2020/24xxx/CVE-2020-24503.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24503", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Ethernet E810 Adapter drivers for Linux", + "version": { + "version_data": [ + { + "version_value": "before version 1.0.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24504.json b/2020/24xxx/CVE-2020-24504.json index b159ffa58da..49e5f064808 100644 --- a/2020/24xxx/CVE-2020-24504.json +++ b/2020/24xxx/CVE-2020-24504.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24504", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Ethernet E810 Adapter drivers for Linux", + "version": { + "version_data": [ + { + "version_value": "before version 1.0.4" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access." } ] } diff --git a/2020/24xxx/CVE-2020-24505.json b/2020/24xxx/CVE-2020-24505.json index ac54f962524..8a40bd0ea19 100644 --- a/2020/24xxx/CVE-2020-24505.json +++ b/2020/24xxx/CVE-2020-24505.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-24505", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) 700-series of Ethernet Controllers", + "version": { + "version_data": [ + { + "version_value": "before version 7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00456.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access." } ] } diff --git a/2020/7xxx/CVE-2020-7848.json b/2020/7xxx/CVE-2020-7848.json index 25a4780cc95..127514bcf63 100644 --- a/2020/7xxx/CVE-2020-7848.json +++ b/2020/7xxx/CVE-2020-7848.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "vuln@krcert.or.kr", "ID": "CVE-2020-7848", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ipTIME C200 IP Camera", + "version": { + "version_data": [ + { + "platform": "Windows", + "version_affected": "<=", + "version_name": "1.0.12", + "version_value": "1.0.12" + } + ] + } + } + ] + }, + "vendor_name": "EFM networks & multimedia" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35905", + "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35905" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7849.json b/2020/7xxx/CVE-2020-7849.json index 155c5fed740..715b3678601 100644 --- a/2020/7xxx/CVE-2020-7849.json +++ b/2020/7xxx/CVE-2020-7849.json @@ -1,18 +1,88 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "vuln@krcert.or.kr", "ID": "CVE-2020-7849", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "UPRISM CURIX arbitrary code execution vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CURIX 7.0 Agent", + "version": { + "version_data": [ + { + "platform": "Windows", + "version_affected": "<=", + "version_name": "1.3.6", + "version_value": "1.3.6" + } + ] + } + } + ] + }, + "vendor_name": "uPrism.io" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability of uPrism.io CURIX(Video conferecing solution) could allow an unauthenticated attacker to execute arbitrary code. This vulnerability is due to insufficient input(server domain) validation. An attacker could exploit this vulnerability through crafted URL." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35903", + "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35903" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8678.json b/2020/8xxx/CVE-2020-8678.json index 9617f71ea8a..850fe6fab9b 100644 --- a/2020/8xxx/CVE-2020-8678.json +++ b/2020/8xxx/CVE-2020-8678.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8678", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) Graphics Drivers", + "version": { + "version_data": [ + { + "version_value": "before version 15.45.33.5164 and 27.20.100.8280" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access." } ] } diff --git a/2020/8xxx/CVE-2020-8701.json b/2020/8xxx/CVE-2020-8701.json index c85b24daa03..c7c3b13416b 100644 --- a/2020/8xxx/CVE-2020-8701.json +++ b/2020/8xxx/CVE-2020-8701.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8701", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SSD Toolbox versions", + "version": { + "version_data": [ + { + "version_value": "versions before 2/9/2021" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00457.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00457.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access." } ] } diff --git a/2021/0xxx/CVE-2021-0109.json b/2021/0xxx/CVE-2021-0109.json index 90555742aaa..ee11b51e2bf 100644 --- a/2021/0xxx/CVE-2021-0109.json +++ b/2021/0xxx/CVE-2021-0109.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-0109", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SOC driver package for STK1A32SC", + "version": { + "version_data": [ + { + "version_value": "before version 604" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "escalation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00471.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00471.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access." } ] } diff --git a/2021/22xxx/CVE-2021-22853.json b/2021/22xxx/CVE-2021-22853.json index 744c2ec3a69..b8d7324de73 100644 --- a/2021/22xxx/CVE-2021-22853.json +++ b/2021/22xxx/CVE-2021-22853.json @@ -39,7 +39,7 @@ "description_data": [ { "lang": "eng", - "value": "The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work." + "value": "The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user\u2019s login information, further causing the login function not to work." } ] }, @@ -77,8 +77,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-4403-8eb68-1.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22854.json b/2021/22xxx/CVE-2021-22854.json index 004cc4350fb..e856a453165 100644 --- a/2021/22xxx/CVE-2021-22854.json +++ b/2021/22xxx/CVE-2021-22854.json @@ -77,8 +77,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-4404-3f498-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-4404-3f498-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-4404-3f498-1.html" } ] }, diff --git a/2021/22xxx/CVE-2021-22855.json b/2021/22xxx/CVE-2021-22855.json index f055b9aee0f..a308781d1bc 100644 --- a/2021/22xxx/CVE-2021-22855.json +++ b/2021/22xxx/CVE-2021-22855.json @@ -77,8 +77,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-4405-2ddde-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-4405-2ddde-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-4405-2ddde-1.html" } ] },