- Synchronized data.

2017/6xxx/CVE-2017-6290.json

@@ -35,7 +35,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User interaction not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69559414. Reference: N-CVE-2017-6290."
+            "value" : "In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User interaction not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69559414. Reference: N-CVE-2017-6290."
          }
       ]
    },
@@ -54,6 +54,8 @@
    "references" : {
       "reference_data" : [
          {
+            "name" : "https://source.android.com/security/bulletin/2018-06-01",
+            "refsource" : "CONFIRM",
             "url" : "https://source.android.com/security/bulletin/2018-06-01"
          }
       ]

2017/6xxx/CVE-2017-6292.json

@@ -35,7 +35,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69480285. Reference: N-CVE-2017-6292."
+            "value" : "In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69480285. Reference: N-CVE-2017-6292."
          }
       ]
    },
@@ -54,6 +54,8 @@
    "references" : {
       "reference_data" : [
          {
+            "name" : "https://source.android.com/security/bulletin/2018-06-01",
+            "refsource" : "CONFIRM",
             "url" : "https://source.android.com/security/bulletin/2018-06-01"
          }
       ]

2017/6xxx/CVE-2017-6294.json

@@ -35,7 +35,7 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294."
+            "value" : "In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294."
          }
       ]
    },
@@ -54,6 +54,8 @@
    "references" : {
       "reference_data" : [
          {
+            "name" : "https://source.android.com/security/bulletin/2018-06-01",
+            "refsource" : "CONFIRM",
             "url" : "https://source.android.com/security/bulletin/2018-06-01"
          }
       ]

2018/12xxx/CVE-2018-12039.json

@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-12039",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary SQL command execution issue in manager/index.php involving use of a \"/!select/\" substring in place of a select substring."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/joyplus/joyplus-cms/issues/425",
+            "refsource" : "MISC",
+            "url" : "https://github.com/joyplus/joyplus-cms/issues/425"
+         }
+      ]
+   }
+}

2018/12xxx/CVE-2018-12040.json

@@ -0,0 +1,18 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-12040",
+      "STATE" : "RESERVED"
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+         }
+      ]
+   }
+}