diff --git a/2017/8xxx/CVE-2017-8328.json b/2017/8xxx/CVE-2017-8328.json index f4921f39009..5e5c07579e1 100644 --- a/2017/8xxx/CVE-2017-8328.json +++ b/2017/8xxx/CVE-2017-8328.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8328", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface to change a user's password. Also this is a systemic issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20190609 Newly releases IoT security issues", + "url": "https://seclists.org/bugtraq/2019/Jun/8" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html", + "url": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf", + "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf" } ] } diff --git a/2017/8xxx/CVE-2017-8330.json b/2017/8xxx/CVE-2017-8330.json index 587bbcd5690..7e4f50a6bd1 100644 --- a/2017/8xxx/CVE-2017-8330.json +++ b/2017/8xxx/CVE-2017-8330.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8330", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a UPnP functionality for devices to interface with the router and interact with the device. It seems that the \"NewInMessage\" SOAP parameter passed with a huge payload results in crashing the process. If the firmware version AL-R096 is dissected using binwalk tool, we obtain a cpio-root archive which contains the filesystem set up on the device that contains all the binaries. The binary \"miniupnpd\" is the one that has the vulnerable function that receives the values sent by the SOAP request. If we open this binary in IDA-pro we will notice that this follows a MIPS little endian format. The function WscDevPutMessage at address 0x0041DBB8 in IDA pro is identified to be receiving the values sent in the SOAP request. The SOAP parameter \"NewInMesage\" received at address 0x0041DC30 causes the miniupnpd process to finally crash when a second request is sent to the same process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20190609 Newly releases IoT security issues", + "url": "https://seclists.org/bugtraq/2019/Jun/8" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html", + "url": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf", + "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf" } ] } diff --git a/2017/8xxx/CVE-2017-8332.json b/2017/8xxx/CVE-2017-8332.json index c97232f5a8f..5557ff3711b 100644 --- a/2017/8xxx/CVE-2017-8332.json +++ b/2017/8xxx/CVE-2017-8332.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8332", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking key words passing in the web traffic to prevent kids from watching content that might be deemed unsafe using the web management interface. It seems that the device does not implement any cross-site scripting protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a stored cross-site scripting payload on the user's browser and execute any action on the device provided by the web management interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20190609 Newly releases IoT security issues", + "url": "https://seclists.org/bugtraq/2019/Jun/8" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html", + "url": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf", + "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf" } ] } diff --git a/2017/8xxx/CVE-2017-8334.json b/2017/8xxx/CVE-2017-8334.json index e17ae066965..fb342c43d21 100644 --- a/2017/8xxx/CVE-2017-8334.json +++ b/2017/8xxx/CVE-2017-8334.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8334", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of blocking IP addresses using the web management interface. It seems that the device does not implement any cross-site scripting forgery protection mechanism which allows an attacker to trick a user who is logged in to the web management interface into executing a cross-site scripting payload on the user's browser and execute any action on the device provided by the web management interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20190609 Newly releases IoT security issues", + "url": "https://seclists.org/bugtraq/2019/Jun/8" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html", + "url": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf", + "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf" } ] } diff --git a/2017/8xxx/CVE-2017-8337.json b/2017/8xxx/CVE-2017-8337.json index 555aabc7941..e256b21215c 100644 --- a/2017/8xxx/CVE-2017-8337.json +++ b/2017/8xxx/CVE-2017-8337.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-8337", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allows an attacker who can trick a user to navigate to an attacker's webpage to exploit this issue and brute force the password for the web management interface. It also allows an attacker to then execute any other actions which include management if rules, sensors attached to the devices using the websocket requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20190609 Newly releases IoT security issues", + "url": "https://seclists.org/bugtraq/2019/Jun/8" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html", + "url": "http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow-Command-Injection-XSS-CSRF.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf", + "url": "https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Securifi_Almond_plus_sec_issues.pdf" } ] } diff --git a/2018/11xxx/CVE-2018-11784.json b/2018/11xxx/CVE-2018-11784.json index 4f12b3d73c6..9dec629105d 100644 --- a/2018/11xxx/CVE-2018-11784.json +++ b/2018/11xxx/CVE-2018-11784.json @@ -178,6 +178,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1547", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1529", + "url": "https://access.redhat.com/errata/RHSA-2019:1529" } ] } diff --git a/2018/8xxx/CVE-2018-8014.json b/2018/8xxx/CVE-2018-8014.json index cf0f69290ca..40d02343ed7 100644 --- a/2018/8xxx/CVE-2018-8014.json +++ b/2018/8xxx/CVE-2018-8014.json @@ -195,6 +195,11 @@ "refsource": "MLIST", "name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1529", + "url": "https://access.redhat.com/errata/RHSA-2019:1529" } ] } diff --git a/2018/8xxx/CVE-2018-8034.json b/2018/8xxx/CVE-2018-8034.json index 2946cfd3129..cd86c34930f 100644 --- a/2018/8xxx/CVE-2018-8034.json +++ b/2018/8xxx/CVE-2018-8034.json @@ -206,6 +206,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1161", "url": "https://access.redhat.com/errata/RHSA-2019:1161" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1529", + "url": "https://access.redhat.com/errata/RHSA-2019:1529" } ] } diff --git a/2018/8xxx/CVE-2018-8037.json b/2018/8xxx/CVE-2018-8037.json index 67b71f80fc2..3c0c78933cc 100644 --- a/2018/8xxx/CVE-2018-8037.json +++ b/2018/8xxx/CVE-2018-8037.json @@ -140,6 +140,11 @@ "refsource": "MLIST", "name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1529", + "url": "https://access.redhat.com/errata/RHSA-2019:1529" } ] } diff --git a/2019/0xxx/CVE-2019-0804.json b/2019/0xxx/CVE-2019-0804.json index 5df7ae6d700..6f3f1202aef 100644 --- a/2019/0xxx/CVE-2019-0804.json +++ b/2019/0xxx/CVE-2019-0804.json @@ -56,6 +56,11 @@ "refsource": "CONFIRM", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0804" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1527", + "url": "https://access.redhat.com/errata/RHSA-2019:1527" } ] } diff --git a/2019/12xxx/CVE-2019-12395.json b/2019/12xxx/CVE-2019-12395.json index c7a2acb9b53..9be43e342e4 100644 --- a/2019/12xxx/CVE-2019-12395.json +++ b/2019/12xxx/CVE-2019-12395.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In Webbukkit Dynmap 3.0-beta-3, with Spigot 1.13.2, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login despite an enabled login-required setting." + "value": "In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check in servlet/MapStorageHandler.java, an attacker can see a map image without login even if victim enables login-required in setting." } ] }, diff --git a/2019/12xxx/CVE-2019-12592.json b/2019/12xxx/CVE-2019-12592.json index 72b6d082730..90d1bc2faa5 100644 --- a/2019/12xxx/CVE-2019-12592.json +++ b/2019/12xxx/CVE-2019-12592.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12592", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12592", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.cyberscoop.com/evernote-patches-flaw-google-chrome-extension/", + "url": "https://www.cyberscoop.com/evernote-patches-flaw-google-chrome-extension/" + }, + { + "refsource": "MISC", + "name": "https://www.techrepublic.com/article/evernote-chrome-extension-vulnerability-allowed-attackers-to-steal-4-7m-users-data/", + "url": "https://www.techrepublic.com/article/evernote-chrome-extension-vulnerability-allowed-attackers-to-steal-4-7m-users-data/" } ] } diff --git a/2019/12xxx/CVE-2019-12877.json b/2019/12xxx/CVE-2019-12877.json new file mode 100644 index 00000000000..7d9776ef54c --- /dev/null +++ b/2019/12xxx/CVE-2019-12877.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12877", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2602.json b/2019/2xxx/CVE-2019-2602.json index 60f41e4a222..23cb4e92ba7 100644 --- a/2019/2xxx/CVE-2019-2602.json +++ b/2019/2xxx/CVE-2019-2602.json @@ -141,6 +141,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1325", "url": "https://access.redhat.com/errata/RHSA-2019:1325" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1518", + "url": "https://access.redhat.com/errata/RHSA-2019:1518" } ] } diff --git a/2019/2xxx/CVE-2019-2684.json b/2019/2xxx/CVE-2019-2684.json index af840034ffb..c44ae48d68f 100644 --- a/2019/2xxx/CVE-2019-2684.json +++ b/2019/2xxx/CVE-2019-2684.json @@ -141,6 +141,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1325", "url": "https://access.redhat.com/errata/RHSA-2019:1325" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1518", + "url": "https://access.redhat.com/errata/RHSA-2019:1518" } ] } diff --git a/2019/3xxx/CVE-2019-3827.json b/2019/3xxx/CVE-2019-3827.json index 95ec83c1b8c..eae794b5212 100644 --- a/2019/3xxx/CVE-2019-3827.json +++ b/2019/3xxx/CVE-2019-3827.json @@ -53,6 +53,11 @@ "url": "https://gitlab.gnome.org/GNOME/gvfs/merge_requests/31", "name": "https://gitlab.gnome.org/GNOME/gvfs/merge_requests/31", "refsource": "CONFIRM" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1517", + "url": "https://access.redhat.com/errata/RHSA-2019:1517" } ] }, diff --git a/2019/9xxx/CVE-2019-9741.json b/2019/9xxx/CVE-2019-9741.json index 32749b95228..891d053bce1 100644 --- a/2019/9xxx/CVE-2019-9741.json +++ b/2019/9xxx/CVE-2019-9741.json @@ -76,6 +76,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1300", "url": "https://access.redhat.com/errata/RHSA-2019:1300" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:1519", + "url": "https://access.redhat.com/errata/RHSA-2019:1519" } ] }