diff --git a/2012/5xxx/CVE-2012-5623.json b/2012/5xxx/CVE-2012-5623.json index 48e99d398fe..8bac144f3ea 100644 --- a/2012/5xxx/CVE-2012-5623.json +++ b/2012/5xxx/CVE-2012-5623.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-5623", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Squirrelmail", + "product": { + "product_data": [ + { + "product_name": "Squirrelmail", + "version": { + "version_data": [ + { + "version_value": "4.0" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "use of deprecated algorithm" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MLIST", + "name": "[oss-security] 20121203 Re: Strange CVE situation (at least one ID should come of this)", + "url": "http://www.openwall.com/lists/oss-security/2012/12/04/6" } ] } diff --git a/2014/3xxx/CVE-2014-3919.json b/2014/3xxx/CVE-2014-3919.json index 78bc07727c4..25a0da613a5 100644 --- a/2014/3xxx/CVE-2014-3919.json +++ b/2014/3xxx/CVE-2014-3919.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-3919", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://softage.be/netgear/", + "refsource": "MISC", + "name": "http://softage.be/netgear/" } ] } diff --git a/2014/4xxx/CVE-2014-4170.json b/2014/4xxx/CVE-2014-4170.json index 4f1a76569b3..98cbcb597fd 100644 --- a/2014/4xxx/CVE-2014-4170.json +++ b/2014/4xxx/CVE-2014-4170.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4170", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127701/Free-Reprintables-ArticleFR-11.06.2014-Improper-Access-Control.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127701/Free-Reprintables-ArticleFR-11.06.2014-Improper-Access-Control.html" + }, + { + "url": "http://www.exploit-db.com/exploits/34245", + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/34245" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95051", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95051" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/68980", + "url": "https://www.securityfocus.com/bid/68980" } ] } diff --git a/2014/4xxx/CVE-2014-4198.json b/2014/4xxx/CVE-2014-4198.json index 1edf469bc69..18dee41257d 100644 --- a/2014/4xxx/CVE-2014-4198.json +++ b/2014/4xxx/CVE-2014-4198.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4198", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www3.trustwave.com/spiderlabs/advisories/TWSL2014-009.txt", + "refsource": "MISC", + "name": "https://www3.trustwave.com/spiderlabs/advisories/TWSL2014-009.txt" } ] } diff --git a/2018/0xxx/CVE-2018-0802.json b/2018/0xxx/CVE-2018-0802.json index 01fae3338b4..8949db40004 100644 --- a/2018/0xxx/CVE-2018-0802.json +++ b/2018/0xxx/CVE-2018-0802.json @@ -82,6 +82,11 @@ "name": "https://github.com/zldww2011/CVE-2018-0802_POC", "refsource": "MISC", "url": "https://github.com/zldww2011/CVE-2018-0802_POC" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/another-office-equation-rce-vulnerability/", + "url": "https://research.checkpoint.com/another-office-equation-rce-vulnerability/" } ] } diff --git a/2018/4xxx/CVE-2018-4985.json b/2018/4xxx/CVE-2018-4985.json index 0032412d9c0..ad3d3e32669 100644 --- a/2018/4xxx/CVE-2018-4985.json +++ b/2018/4xxx/CVE-2018-4985.json @@ -66,6 +66,11 @@ "name": "104175", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104175" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/", + "url": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/" } ] } diff --git a/2018/5xxx/CVE-2018-5063.json b/2018/5xxx/CVE-2018-5063.json index e2752108882..145be92d4fb 100644 --- a/2018/5xxx/CVE-2018-5063.json +++ b/2018/5xxx/CVE-2018-5063.json @@ -66,6 +66,11 @@ "name": "1041250", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041250" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/", + "url": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/" } ] } diff --git a/2018/5xxx/CVE-2018-5064.json b/2018/5xxx/CVE-2018-5064.json index 342fbe34114..e2699097e8f 100644 --- a/2018/5xxx/CVE-2018-5064.json +++ b/2018/5xxx/CVE-2018-5064.json @@ -66,6 +66,11 @@ "name": "104701", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104701" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/", + "url": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/" } ] } diff --git a/2018/5xxx/CVE-2018-5065.json b/2018/5xxx/CVE-2018-5065.json index 4f1d608c2f4..42f27ce5518 100644 --- a/2018/5xxx/CVE-2018-5065.json +++ b/2018/5xxx/CVE-2018-5065.json @@ -66,6 +66,11 @@ "name": "104701", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104701" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/", + "url": "https://research.checkpoint.com/2018/50-adobe-cves-in-50-days/" } ] } diff --git a/2018/8xxx/CVE-2018-8476.json b/2018/8xxx/CVE-2018-8476.json index 5e393ed9b06..dc3f26a401c 100644 --- a/2018/8xxx/CVE-2018-8476.json +++ b/2018/8xxx/CVE-2018-8476.json @@ -144,6 +144,11 @@ "name": "105774", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105774" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/", + "url": "https://research.checkpoint.com/2019/pxe-dust-finding-a-vulnerability-in-windows-servers-deployment-services/" } ] } diff --git a/2019/14xxx/CVE-2019-14598.json b/2019/14xxx/CVE-2019-14598.json new file mode 100644 index 00000000000..7202497262a --- /dev/null +++ b/2019/14xxx/CVE-2019-14598.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-14598", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) CSME", + "version": { + "version_data": [ + { + "version_value": "versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege, Denial of Service, Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00307.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20444.json b/2019/20xxx/CVE-2019-20444.json index 4eb00ebe6ad..3ecab234974 100644 --- a/2019/20xxx/CVE-2019-20444.json +++ b/2019/20xxx/CVE-2019-20444.json @@ -176,6 +176,11 @@ "refsource": "MISC", "name": "https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749@%3Cnotifications.zookeeper.apache.org%3E", "url": "https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0497", + "url": "https://access.redhat.com/errata/RHSA-2020:0497" } ] } diff --git a/2019/20xxx/CVE-2019-20445.json b/2019/20xxx/CVE-2019-20445.json index d35aae16ab1..f44837b766a 100644 --- a/2019/20xxx/CVE-2019-20445.json +++ b/2019/20xxx/CVE-2019-20445.json @@ -151,6 +151,11 @@ "refsource": "MLIST", "name": "[zookeeper-issues] 20200209 [jira] [Commented] (ZOOKEEPER-3716) upgrade netty 4.1.42 to address CVE-2019-20444 CVE-2019-20445", "url": "https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d@%3Cissues.zookeeper.apache.org%3E" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0497", + "url": "https://access.redhat.com/errata/RHSA-2020:0497" } ] } diff --git a/2019/8xxx/CVE-2019-8577.json b/2019/8xxx/CVE-2019-8577.json index 8a24a0cff89..b05b1ea9902 100644 --- a/2019/8xxx/CVE-2019-8577.json +++ b/2019/8xxx/CVE-2019-8577.json @@ -134,6 +134,11 @@ "url": "https://support.apple.com/HT210122", "refsource": "MISC", "name": "https://support.apple.com/HT210122" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/", + "url": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/" } ] }, diff --git a/2019/8xxx/CVE-2019-8598.json b/2019/8xxx/CVE-2019-8598.json index f3d1e0beab4..535d0c342ef 100644 --- a/2019/8xxx/CVE-2019-8598.json +++ b/2019/8xxx/CVE-2019-8598.json @@ -134,6 +134,11 @@ "url": "https://support.apple.com/HT210122", "refsource": "MISC", "name": "https://support.apple.com/HT210122" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/", + "url": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/" } ] }, diff --git a/2019/8xxx/CVE-2019-8600.json b/2019/8xxx/CVE-2019-8600.json index e35cae4ff68..70996082e1c 100644 --- a/2019/8xxx/CVE-2019-8600.json +++ b/2019/8xxx/CVE-2019-8600.json @@ -134,6 +134,11 @@ "url": "https://support.apple.com/HT210122", "refsource": "MISC", "name": "https://support.apple.com/HT210122" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/", + "url": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/" } ] }, diff --git a/2019/8xxx/CVE-2019-8602.json b/2019/8xxx/CVE-2019-8602.json index 7830d79abd1..1cd70db26d4 100644 --- a/2019/8xxx/CVE-2019-8602.json +++ b/2019/8xxx/CVE-2019-8602.json @@ -134,6 +134,11 @@ "url": "https://support.apple.com/HT210122", "refsource": "MISC", "name": "https://support.apple.com/HT210122" + }, + { + "refsource": "MISC", + "name": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/", + "url": "https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/" } ] }, diff --git a/2020/0xxx/CVE-2020-0561.json b/2020/0xxx/CVE-2020-0561.json new file mode 100644 index 00000000000..da02883948e --- /dev/null +++ b/2020/0xxx/CVE-2020-0561.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0561", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) SGX SDK", + "version": { + "version_data": [ + { + "version_value": "before v2.6.100.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0562.json b/2020/0xxx/CVE-2020-0562.json new file mode 100644 index 00000000000..d4ff29fe1f0 --- /dev/null +++ b/2020/0xxx/CVE-2020-0562.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0562", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) RWC2", + "version": { + "version_data": [ + { + "version_value": "all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00339.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00339.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0563.json b/2020/0xxx/CVE-2020-0563.json new file mode 100644 index 00000000000..3e19c0eb11a --- /dev/null +++ b/2020/0xxx/CVE-2020-0563.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0563", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel(R) MPSS", + "version": { + "version_data": [ + { + "version_value": "before version 3.8.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00340.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00340.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/0xxx/CVE-2020-0564.json b/2020/0xxx/CVE-2020-0564.json new file mode 100644 index 00000000000..228693e99f8 --- /dev/null +++ b/2020/0xxx/CVE-2020-0564.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-0564", + "ASSIGNER": "secure@intel.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Intel\u00ae RAID Web Console 3 (RWC3) for Windows", + "version": { + "version_data": [ + { + "version_value": "before version 7.010.009.000" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00341.html", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00341.html" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7238.json b/2020/7xxx/CVE-2020-7238.json index e099fbad858..43eabac07f1 100644 --- a/2020/7xxx/CVE-2020-7238.json +++ b/2020/7xxx/CVE-2020-7238.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/jdordonezn/CVE-2020-72381/issues/1", "url": "https://github.com/jdordonezn/CVE-2020-72381/issues/1" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0497", + "url": "https://access.redhat.com/errata/RHSA-2020:0497" } ] }