From 97efeee8f8f97ef21df08e4d1d8aa33297ce5e38 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 7 Apr 2020 16:01:19 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/6xxx/CVE-2016-6604.json | 2 +- 2017/18xxx/CVE-2017-18648.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18649.json | 61 ++++++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18650.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18651.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18652.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18653.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18654.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18655.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18656.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18657.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18658.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18659.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18660.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18661.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18662.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18663.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18664.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18665.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18666.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18667.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18668.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18669.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18670.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18671.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18672.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18673.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18674.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18675.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18676.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18677.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18678.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18679.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18680.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18681.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18682.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18683.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18684.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18685.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18686.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18687.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18688.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18689.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18690.json | 56 +++++++++++++++++++++++++++---- 2017/18xxx/CVE-2017-18691.json | 56 +++++++++++++++++++++++++++---- 2019/4xxx/CVE-2019-4391.json | 58 ++++++++++++++++++++++++++++---- 2019/4xxx/CVE-2019-4393.json | 58 ++++++++++++++++++++++++++++---- 2020/11xxx/CVE-2020-11457.json | 5 +++ 2020/11xxx/CVE-2020-11561.json | 61 ++++++++++++++++++++++++++++++---- 2020/5xxx/CVE-2020-5302.json | 2 +- 50 files changed, 2369 insertions(+), 286 deletions(-) diff --git a/2016/6xxx/CVE-2016-6604.json b/2016/6xxx/CVE-2016-6604.json index d6f5f085ff9..739c884032f 100644 --- a/2016/6xxx/CVE-2016-6604.json +++ b/2016/6xxx/CVE-2016-6604.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors." + "value": "NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382." } ] }, diff --git a/2017/18xxx/CVE-2017-18648.json b/2017/18xxx/CVE-2017-18648.json index 0939e5a11f1..eb5f67babf6 100644 --- a/2017/18xxx/CVE-2017-18648.json +++ b/2017/18xxx/CVE-2017-18648.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18648", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18648", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18649.json b/2017/18xxx/CVE-2017-18649.json index 6479f44a0d7..93c27aaefaf 100644 --- a/2017/18xxx/CVE-2017-18649.json +++ b/2017/18xxx/CVE-2017-18649.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18649", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18649", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity check of the system image, aka the \"SamFAIL\" issue. The Samsung ID is SVE-2017-10465 (November 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" + }, + { + "refsource": "MISC", + "name": "https://androidcommunity.com/samfail-method-gives-root-access-to-samsung-galaxy-note-8-snapdragon-variant-20171009/", + "url": "https://androidcommunity.com/samfail-method-gives-root-access-to-samsung-galaxy-note-8-snapdragon-variant-20171009/" } ] } diff --git a/2017/18xxx/CVE-2017-18650.json b/2017/18xxx/CVE-2017-18650.json index 4e55ba17661..8e95128327a 100644 --- a/2017/18xxx/CVE-2017-18650.json +++ b/2017/18xxx/CVE-2017-18650.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18650", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18650", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18651.json b/2017/18xxx/CVE-2017-18651.json index 0afba029266..717dceb5acb 100644 --- a/2017/18xxx/CVE-2017-18651.json +++ b/2017/18xxx/CVE-2017-18651.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18651", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18651", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18652.json b/2017/18xxx/CVE-2017-18652.json index 042d66ce092..e66b45416d6 100644 --- a/2017/18xxx/CVE-2017-18652.json +++ b/2017/18xxx/CVE-2017-18652.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18652", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18652", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 (September 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18653.json b/2017/18xxx/CVE-2017-18653.json index 0af52a54153..79ebff25b9d 100644 --- a/2017/18xxx/CVE-2017-18653.json +++ b/2017/18xxx/CVE-2017-18653.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18653", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18653", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18654.json b/2017/18xxx/CVE-2017-18654.json index 5658684c94b..5e848906e1e 100644 --- a/2017/18xxx/CVE-2017-18654.json +++ b/2017/18xxx/CVE-2017-18654.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18654", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18654", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0, 7.1) software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 (September 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18655.json b/2017/18xxx/CVE-2017-18655.json index 17377b97dba..2a1ef671767 100644 --- a/2017/18xxx/CVE-2017-18655.json +++ b/2017/18xxx/CVE-2017-18655.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18655", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18655", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 (August 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18656.json b/2017/18xxx/CVE-2017-18656.json index 425498e5de3..6caf613f3e4 100644 --- a/2017/18xxx/CVE-2017-18656.json +++ b/2017/18xxx/CVE-2017-18656.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18656", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18656", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 (August 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18657.json b/2017/18xxx/CVE-2017-18657.json index 2df9f8e4395..7161232b76a 100644 --- a/2017/18xxx/CVE-2017-18657.json +++ b/2017/18xxx/CVE-2017-18657.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18657", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18657", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 (August 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18658.json b/2017/18xxx/CVE-2017-18658.json index 1e20c9c0c00..cd5f7ad980c 100644 --- a/2017/18xxx/CVE-2017-18658.json +++ b/2017/18xxx/CVE-2017-18658.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18658", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18658", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18659.json b/2017/18xxx/CVE-2017-18659.json index eb22a1f280f..9c2c8043c8f 100644 --- a/2017/18xxx/CVE-2017-18659.json +++ b/2017/18xxx/CVE-2017-18659.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18659", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18659", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18660.json b/2017/18xxx/CVE-2017-18660.json index c3358aebe07..f5611379708 100644 --- a/2017/18xxx/CVE-2017-18660.json +++ b/2017/18xxx/CVE-2017-18660.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18660", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18660", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18661.json b/2017/18xxx/CVE-2017-18661.json index fe65b30546e..f30833c863d 100644 --- a/2017/18xxx/CVE-2017-18661.json +++ b/2017/18xxx/CVE-2017-18661.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18661", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18661", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18662.json b/2017/18xxx/CVE-2017-18662.json index 86d129ef4fa..b429a9e5bed 100644 --- a/2017/18xxx/CVE-2017-18662.json +++ b/2017/18xxx/CVE-2017-18662.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18662", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18662", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18663.json b/2017/18xxx/CVE-2017-18663.json index e056c6429a4..4bb504dfbfe 100644 --- a/2017/18xxx/CVE-2017-18663.json +++ b/2017/18xxx/CVE-2017-18663.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18663", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18663", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.x) software. Because of missing Intent exception handling, system_server can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 (July 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18664.json b/2017/18xxx/CVE-2017-18664.json index b643eddbcb1..154e5bf4e2e 100644 --- a/2017/18xxx/CVE-2017-18664.json +++ b/2017/18xxx/CVE-2017-18664.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18664", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18664", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18665.json b/2017/18xxx/CVE-2017-18665.json index 0ab1b208de4..66168b21815 100644 --- a/2017/18xxx/CVE-2017-18665.json +++ b/2017/18xxx/CVE-2017-18665.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18665", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18665", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) software. There is a NULL pointer exception in WifiService via adb-cmd, causing memory corruption. The Samsung ID is SVE-2017-8287 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18666.json b/2017/18xxx/CVE-2017-18666.json index 5af86051547..ebbcc3b1a2e 100644 --- a/2017/18xxx/CVE-2017-18666.json +++ b/2017/18xxx/CVE-2017-18666.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18666", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18666", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18667.json b/2017/18xxx/CVE-2017-18667.json index d7b96ae304c..b3c07ff6897 100644 --- a/2017/18xxx/CVE-2017-18667.json +++ b/2017/18xxx/CVE-2017-18667.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18667", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18667", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can prevent users from learning that SMS storage space has been exhausted. The Samsung ID is SVE-2017-8702 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18668.json b/2017/18xxx/CVE-2017-18668.json index 20b1a693974..cc044dd41a6 100644 --- a/2017/18xxx/CVE-2017-18668.json +++ b/2017/18xxx/CVE-2017-18668.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18668", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18668", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18669.json b/2017/18xxx/CVE-2017-18669.json index d0cd3b26ee5..2607b8e3b67 100644 --- a/2017/18xxx/CVE-2017-18669.json +++ b/2017/18xxx/CVE-2017-18669.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18669", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18669", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18670.json b/2017/18xxx/CVE-2017-18670.json index 53ac05f88b2..0d1ed696f58 100644 --- a/2017/18xxx/CVE-2017-18670.json +++ b/2017/18xxx/CVE-2017-18670.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18670", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18670", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. android.intent.action.SIOP_LEVEL_CHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 (May 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18671.json b/2017/18xxx/CVE-2017-18671.json index 799581b2452..37ce4f045df 100644 --- a/2017/18xxx/CVE-2017-18671.json +++ b/2017/18xxx/CVE-2017-18671.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18671", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18671", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18672.json b/2017/18xxx/CVE-2017-18672.json index 51548678b3b..21eab0635de 100644 --- a/2017/18xxx/CVE-2017-18672.json +++ b/2017/18xxx/CVE-2017-18672.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18672", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18672", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18673.json b/2017/18xxx/CVE-2017-18673.json index 2bafc1c3379..af93d7887a7 100644 --- a/2017/18xxx/CVE-2017-18673.json +++ b/2017/18xxx/CVE-2017-18673.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18673", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18673", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen device. The Samsung ID is SVE-2017-8524 (May 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18674.json b/2017/18xxx/CVE-2017-18674.json index 7745622d959..f22ff8a8f1a 100644 --- a/2017/18xxx/CVE-2017-18674.json +++ b/2017/18xxx/CVE-2017-18674.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18674", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18674", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.0) software. The time service (aka Timaservice) allows a kernel panic. The Samsung ID is SVE-2017-8593 (May 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18675.json b/2017/18xxx/CVE-2017-18675.json index e24bee7c586..b8ebe3701a6 100644 --- a/2017/18xxx/CVE-2017-18675.json +++ b/2017/18xxx/CVE-2017-18675.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18675", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18675", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18676.json b/2017/18xxx/CVE-2017-18676.json index a6ee1b73777..fcc9aa9c5c1 100644 --- a/2017/18xxx/CVE-2017-18676.json +++ b/2017/18xxx/CVE-2017-18676.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18676", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18676", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm chipsets) software. There is an RKP kernel protection bypass (in which unwanted memory mappings may occur) because of a lack of MSR trapping. The Samsung ID is SVE-2016-7901 (April 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18677.json b/2017/18xxx/CVE-2017-18677.json index acdd0330c4d..bd7f14dd6c0 100644 --- a/2017/18xxx/CVE-2017-18677.json +++ b/2017/18xxx/CVE-2017-18677.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18677", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18677", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Because of an unprotected Intent, an attacker can reset the configuration of certain applications. The Samsung ID is SVE-2016-7142 (April 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18678.json b/2017/18xxx/CVE-2017-18678.json index 05b30e8b176..0f79f65afc4 100644 --- a/2017/18xxx/CVE-2017-18678.json +++ b/2017/18xxx/CVE-2017-18678.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18678", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18678", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119 (April 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18679.json b/2017/18xxx/CVE-2017-18679.json index e103cd16179..ad7509782cd 100644 --- a/2017/18xxx/CVE-2017-18679.json +++ b/2017/18xxx/CVE-2017-18679.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18679", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18679", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18680.json b/2017/18xxx/CVE-2017-18680.json index a55f87cde94..29c48f6bc11 100644 --- a/2017/18xxx/CVE-2017-18680.json +++ b/2017/18xxx/CVE-2017-18680.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18680", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18680", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (tablets) software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 (March 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18681.json b/2017/18xxx/CVE-2017-18681.json index 40e499f1f8d..9fbd2648501 100644 --- a/2017/18xxx/CVE-2017-18681.json +++ b/2017/18xxx/CVE-2017-18681.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18681", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18681", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18682.json b/2017/18xxx/CVE-2017-18682.json index 0fa2c29214a..57468fe067e 100644 --- a/2017/18xxx/CVE-2017-18682.json +++ b/2017/18xxx/CVE-2017-18682.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18682", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18682", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 (March 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18683.json b/2017/18xxx/CVE-2017-18683.json index b6ffad179d7..b7297054b3d 100644 --- a/2017/18xxx/CVE-2017-18683.json +++ b/2017/18xxx/CVE-2017-18683.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18683", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18683", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 (February 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18684.json b/2017/18xxx/CVE-2017-18684.json index ebab925671c..becb3db693c 100644 --- a/2017/18xxx/CVE-2017-18684.json +++ b/2017/18xxx/CVE-2017-18684.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18684", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18684", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows provider seizure via an application that uses a custom provider. The Samsung ID is SVE-2016-6942 (February 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18685.json b/2017/18xxx/CVE-2017-18685.json index 629ed207199..d549e54ff83 100644 --- a/2017/18xxx/CVE-2017-18685.json +++ b/2017/18xxx/CVE-2017-18685.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18685", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18685", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 (February 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18686.json b/2017/18xxx/CVE-2017-18686.json index 863543f8483..8a7f1d78258 100644 --- a/2017/18xxx/CVE-2017-18686.json +++ b/2017/18xxx/CVE-2017-18686.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18686", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18686", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) software. Contact information can leak to a log file because of the broadcasting of an unprotected intent. The Samsung ID is SVE-2016-7180 (February 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18687.json b/2017/18xxx/CVE-2017-18687.json index ef69d10ca39..ad9934de90a 100644 --- a/2017/18xxx/CVE-2017-18687.json +++ b/2017/18xxx/CVE-2017-18687.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18687", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18687", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log upon reception of a certain intent. The Samsung ID is SVE-2016-7183 (January 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18688.json b/2017/18xxx/CVE-2017-18688.json index 2d6d630065d..2a32eac2f16 100644 --- a/2017/18xxx/CVE-2017-18688.json +++ b/2017/18xxx/CVE-2017-18688.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18688", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18688", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18689.json b/2017/18xxx/CVE-2017-18689.json index db42cd830c3..52dfe1f2934 100644 --- a/2017/18xxx/CVE-2017-18689.json +++ b/2017/18xxx/CVE-2017-18689.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18689", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18689", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18690.json b/2017/18xxx/CVE-2017-18690.json index a46fdc6bbf8..793b9ce43bd 100644 --- a/2017/18xxx/CVE-2017-18690.json +++ b/2017/18xxx/CVE-2017-18690.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18690", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18690", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2017/18xxx/CVE-2017-18691.json b/2017/18xxx/CVE-2017-18691.json index 6ddf755ef3e..ffd61c25af9 100644 --- a/2017/18xxx/CVE-2017-18691.json +++ b/2017/18xxx/CVE-2017-18691.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2017-18691", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2017-18691", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.samsungmobile.com/securityUpdate.smsb", + "refsource": "CONFIRM", + "url": "https://security.samsungmobile.com/securityUpdate.smsb" } ] } diff --git a/2019/4xxx/CVE-2019-4391.json b/2019/4xxx/CVE-2019-4391.json index a992031ae2f..197c0eb60cd 100644 --- a/2019/4xxx/CVE-2019-4391.json +++ b/2019/4xxx/CVE-2019-4391.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4391", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-4391", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HCL AppScan Standard Edition", + "version": { + "version_data": [ + { + "version_value": "HCL AppScan Standard versions 9.x and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "\"XML External Entity Injection\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077917", + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077917" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data" } ] } diff --git a/2019/4xxx/CVE-2019-4393.json b/2019/4xxx/CVE-2019-4393.json index 466533a0ef8..40633d1b4a2 100644 --- a/2019/4xxx/CVE-2019-4393.json +++ b/2019/4xxx/CVE-2019-4393.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4393", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-4393", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HCL AppScan Standard Edition", + "version": { + "version_data": [ + { + "version_value": "HCL AppScan Standard Edition 9.0.3.14 and below" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "\"Broken Authentication\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077916", + "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077916" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HCL AppScan Standard is vulnerable to excessive authorization attempts" } ] } diff --git a/2020/11xxx/CVE-2020-11457.json b/2020/11xxx/CVE-2020-11457.json index d5fa4743564..d0f3a290f63 100644 --- a/2020/11xxx/CVE-2020-11457.json +++ b/2020/11xxx/CVE-2020-11457.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html", "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" + }, + { + "refsource": "EXPLOIT-DB", + "name": "Exploit Database", + "url": "https://www.exploit-db.com/exploits/48300" } ] } diff --git a/2020/11xxx/CVE-2020-11561.json b/2020/11xxx/CVE-2020-11561.json index d41ef2d39a7..bd063dee7fd 100644 --- a/2020/11xxx/CVE-2020-11561.json +++ b/2020/11xxx/CVE-2020-11561.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11561", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11561", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the \"Add New Item\" screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://tejaspingulkar.blogspot.com", + "refsource": "MISC", + "name": "https://tejaspingulkar.blogspot.com" + }, + { + "refsource": "MISC", + "name": "https://tejaspingulkar.blogspot.com/2020/03/cve-cve-2020-11561-title-escalation-via.html", + "url": "https://tejaspingulkar.blogspot.com/2020/03/cve-cve-2020-11561-title-escalation-via.html" } ] } diff --git a/2020/5xxx/CVE-2020-5302.json b/2020/5xxx/CVE-2020-5302.json index 1b330bc74e6..161252f9419 100644 --- a/2020/5xxx/CVE-2020-5302.json +++ b/2020/5xxx/CVE-2020-5302.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "MH-WikiBot (an IRC Bot for interacting with the Miraheze API),\nhad a bug that allowed any unprivileged user to access the steward commands on the IRC interface by\nimpersonating the Nickname used by a privileged user as no check was made to see if they were logged in.\n\nThe issue has been fixed in commit 23d9d5b0a59667a5d6816fdabb960b537a5f9ed1." + "value": "MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in commit 23d9d5b0a59667a5d6816fdabb960b537a5f9ed1." } ] },