diff --git a/2016/6xxx/CVE-2016-6153.json b/2016/6xxx/CVE-2016-6153.json index c2bc1fff7e8..7e248454d76 100644 --- a/2016/6xxx/CVE-2016-6153.json +++ b/2016/6xxx/CVE-2016-6153.json @@ -101,6 +101,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2017/10xxx/CVE-2017-10989.json b/2017/10xxx/CVE-2017-10989.json index 517f8e75ad6..da334f8065d 100644 --- a/2017/10xxx/CVE-2017-10989.json +++ b/2017/10xxx/CVE-2017-10989.json @@ -126,6 +126,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2017/13xxx/CVE-2017-13685.json b/2017/13xxx/CVE-2017-13685.json index abf7f20ad0f..22552c16eda 100644 --- a/2017/13xxx/CVE-2017-13685.json +++ b/2017/13xxx/CVE-2017-13685.json @@ -66,6 +66,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2017/2xxx/CVE-2017-2518.json b/2017/2xxx/CVE-2017-2518.json index 846b35a23e9..fa401060ce9 100644 --- a/2017/2xxx/CVE-2017-2518.json +++ b/2017/2xxx/CVE-2017-2518.json @@ -91,6 +91,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2018/20xxx/CVE-2018-20346.json b/2018/20xxx/CVE-2018-20346.json index cfe1f4379d6..c4b70f52372 100644 --- a/2018/20xxx/CVE-2018-20346.json +++ b/2018/20xxx/CVE-2018-20346.json @@ -161,6 +161,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2018/20xxx/CVE-2018-20506.json b/2018/20xxx/CVE-2018-20506.json index 1129b53fea5..18708565d22 100644 --- a/2018/20xxx/CVE-2018-20506.json +++ b/2018/20xxx/CVE-2018-20506.json @@ -166,6 +166,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] } diff --git a/2019/11xxx/CVE-2019-11477.json b/2019/11xxx/CVE-2019-11477.json index c2d885065a9..55d530aef6b 100644 --- a/2019/11xxx/CVE-2019-11477.json +++ b/2019/11xxx/CVE-2019-11477.json @@ -131,6 +131,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html", "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html" + }, + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193" } ] }, diff --git a/2019/11xxx/CVE-2019-11478.json b/2019/11xxx/CVE-2019-11478.json index fb1b7891a6c..aa6b32768dd 100644 --- a/2019/11xxx/CVE-2019-11478.json +++ b/2019/11xxx/CVE-2019-11478.json @@ -130,6 +130,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html", "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html" + }, + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193" } ] }, diff --git a/2019/11xxx/CVE-2019-11479.json b/2019/11xxx/CVE-2019-11479.json index 3d0e7ad5d4e..95b23216f33 100644 --- a/2019/11xxx/CVE-2019-11479.json +++ b/2019/11xxx/CVE-2019-11479.json @@ -134,6 +134,11 @@ "refsource": "BID", "name": "108818", "url": "http://www.securityfocus.com/bid/108818" + }, + { + "refsource": "CONFIRM", + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193" } ] }, diff --git a/2019/1xxx/CVE-2019-1821.json b/2019/1xxx/CVE-2019-1821.json index 7d2f19056a6..7f709767c9a 100644 --- a/2019/1xxx/CVE-2019-1821.json +++ b/2019/1xxx/CVE-2019-1821.json @@ -76,6 +76,11 @@ "refsource": "BID", "name": "108339", "url": "http://www.securityfocus.com/bid/108339" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153350/Cisco-Prime-Infrastructure-Health-Monitor-TarArchive-Directory-Traversal.html", + "url": "http://packetstormsecurity.com/files/153350/Cisco-Prime-Infrastructure-Health-Monitor-TarArchive-Directory-Traversal.html" } ] }, diff --git a/2019/1xxx/CVE-2019-1985.json b/2019/1xxx/CVE-2019-1985.json index e75017354cf..3925a3af70a 100644 --- a/2019/1xxx/CVE-2019-1985.json +++ b/2019/1xxx/CVE-2019-1985.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1985", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1985", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In findAvailSpellCheckerLocked of TextServicesManagerService.java, there is a possible way to bypass the warning dialog when selecting an untrusted spell checker due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0Android ID: A-118694079" } ] } diff --git a/2019/1xxx/CVE-2019-1989.json b/2019/1xxx/CVE-2019-1989.json index 68b6e9508c0..83bea5372f2 100644 --- a/2019/1xxx/CVE-2019-1989.json +++ b/2019/1xxx/CVE-2019-1989.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1989", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1989", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-118399205" } ] } diff --git a/2019/1xxx/CVE-2019-1990.json b/2019/1xxx/CVE-2019-1990.json index c61697a9b47..330ef94bf1e 100644 --- a/2019/1xxx/CVE-2019-1990.json +++ b/2019/1xxx/CVE-2019-1990.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1990", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1990", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ihevcd_fmt_conv_420sp_to_420p of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-118453553" } ] } diff --git a/2019/2xxx/CVE-2019-2004.json b/2019/2xxx/CVE-2019-2004.json index 9847d26fa1a..dd307cdd9d6 100644 --- a/2019/2xxx/CVE-2019-2004.json +++ b/2019/2xxx/CVE-2019-2004.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2004", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2004", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-115739809" } ] } diff --git a/2019/2xxx/CVE-2019-2005.json b/2019/2xxx/CVE-2019-2005.json index 48bca61c383..8a294fae584 100644 --- a/2019/2xxx/CVE-2019-2005.json +++ b/2019/2xxx/CVE-2019-2005.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2005", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2005", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In onPermissionGrantResult of GrantPermissionsActivity.java, there is a possible incorrectly granted permission due to a missing permission check. This could lead to local escalation of privilege on a locked device with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-68777217" } ] } diff --git a/2019/2xxx/CVE-2019-2006.json b/2019/2xxx/CVE-2019-2006.json index 623968c63a4..6002ccb3ebd 100644 --- a/2019/2xxx/CVE-2019-2006.json +++ b/2019/2xxx/CVE-2019-2006.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2006", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2006", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-116665972" } ] } diff --git a/2019/2xxx/CVE-2019-2007.json b/2019/2xxx/CVE-2019-2007.json index 7704b1a22e7..86e3417f4a5 100644 --- a/2019/2xxx/CVE-2019-2007.json +++ b/2019/2xxx/CVE-2019-2007.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2007", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2007", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-120789744" } ] } diff --git a/2019/2xxx/CVE-2019-2008.json b/2019/2xxx/CVE-2019-2008.json index 14b517679cc..b66546a9ab8 100644 --- a/2019/2xxx/CVE-2019-2008.json +++ b/2019/2xxx/CVE-2019-2008.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2008", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2008", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In createEffect of AudioFlinger.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-122309228" } ] } diff --git a/2019/2xxx/CVE-2019-2009.json b/2019/2xxx/CVE-2019-2009.json index 168cbe07899..5da084ba971 100644 --- a/2019/2xxx/CVE-2019-2009.json +++ b/2019/2xxx/CVE-2019-2009.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2009", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2009", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120665616" } ] } diff --git a/2019/2xxx/CVE-2019-2010.json b/2019/2xxx/CVE-2019-2010.json index 1a6e0523b32..61036823e07 100644 --- a/2019/2xxx/CVE-2019-2010.json +++ b/2019/2xxx/CVE-2019-2010.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2010", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2010", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-118152591" } ] } diff --git a/2019/2xxx/CVE-2019-2011.json b/2019/2xxx/CVE-2019-2011.json index 1b5efe06ab1..6b201e00d46 100644 --- a/2019/2xxx/CVE-2019-2011.json +++ b/2019/2xxx/CVE-2019-2011.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2011", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2011", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In readNullableNativeHandleNoDup of Parcel.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-120084106" } ] } diff --git a/2019/2xxx/CVE-2019-2012.json b/2019/2xxx/CVE-2019-2012.json index ee97caa06f3..aa0f8bf16e5 100644 --- a/2019/2xxx/CVE-2019-2012.json +++ b/2019/2xxx/CVE-2019-2012.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2012", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2012", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In rw_t3t_act_handle_fmt_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120497437" } ] } diff --git a/2019/2xxx/CVE-2019-2013.json b/2019/2xxx/CVE-2019-2013.json index 86a6470de80..3b421b865aa 100644 --- a/2019/2xxx/CVE-2019-2013.json +++ b/2019/2xxx/CVE-2019-2013.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2013", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2013", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120497583" } ] } diff --git a/2019/2xxx/CVE-2019-2014.json b/2019/2xxx/CVE-2019-2014.json index fa205badd1f..f1ee9a8be5e 100644 --- a/2019/2xxx/CVE-2019-2014.json +++ b/2019/2xxx/CVE-2019-2014.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2014", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2014", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In rw_t3t_handle_get_sc_poll_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120499324" } ] } diff --git a/2019/2xxx/CVE-2019-2015.json b/2019/2xxx/CVE-2019-2015.json index d7c1b62066a..1fd9835d2e0 100644 --- a/2019/2xxx/CVE-2019-2015.json +++ b/2019/2xxx/CVE-2019-2015.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2015", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2015", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In rw_t3t_act_handle_check_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120503926" } ] } diff --git a/2019/2xxx/CVE-2019-2016.json b/2019/2xxx/CVE-2019-2016.json index 06cd775b67f..f173f2f90f1 100644 --- a/2019/2xxx/CVE-2019-2016.json +++ b/2019/2xxx/CVE-2019-2016.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-2016", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-2016", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://source.android.com/security/bulletin/2019-03-01", + "url": "https://source.android.com/security/bulletin/2019-03-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In NFA_SendRawFrame of nfa_dm_api.cc, there is a possible out-of-bound write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120664978" } ] } diff --git a/2019/8xxx/CVE-2019-8457.json b/2019/8xxx/CVE-2019-8457.json index d858a23b358..b5bc2dc3665 100644 --- a/2019/8xxx/CVE-2019-8457.json +++ b/2019/8xxx/CVE-2019-8457.json @@ -73,6 +73,11 @@ "refsource": "UBUNTU", "name": "USN-4019-1", "url": "https://usn.ubuntu.com/4019-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4019-2", + "url": "https://usn.ubuntu.com/4019-2/" } ] },