diff --git a/2019/17xxx/CVE-2019-17109.json b/2019/17xxx/CVE-2019-17109.json new file mode 100644 index 00000000000..9e2ca68bec0 --- /dev/null +++ b/2019/17xxx/CVE-2019-17109.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/09/5", + "url": "http://www.openwall.com/lists/oss-security/2019/10/09/5" + }, + { + "refsource": "CONFIRM", + "name": "https://docs.pagure.org/koji/CVE-2019-17109/", + "url": "https://docs.pagure.org/koji/CVE-2019-17109/" + }, + { + "refsource": "CONFIRM", + "name": "https://pagure.io/koji/commits/master", + "url": "https://pagure.io/koji/commits/master" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17365.json b/2019/17xxx/CVE-2019-17365.json new file mode 100644 index 00000000000..7888136e9b1 --- /dev/null +++ b/2019/17xxx/CVE-2019-17365.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Nix through 2.3 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2019/10/09/4", + "url": "http://www.openwall.com/lists/oss-security/2019/10/09/4" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17366.json b/2019/17xxx/CVE-2019-17366.json new file mode 100644 index 00000000000..031542567de --- /dev/null +++ b/2019/17xxx/CVE-2019-17366.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Citrix Application Delivery Management (ADM) 12.1 before build 54.13 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.citrix.com/article/CTX261735", + "url": "https://support.citrix.com/article/CTX261735" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17414.json b/2019/17xxx/CVE-2019-17414.json new file mode 100644 index 00000000000..79e0a3f304e --- /dev/null +++ b/2019/17xxx/CVE-2019-17414.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tinylcy Vino through 2017-12-15 allows remote attackers to cause a denial of service (\"vn_get_string error: Resource temporarily unavailable\" error and daemon crash) via a long URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/tinylcy/vino/issues/9", + "refsource": "MISC", + "name": "https://github.com/tinylcy/vino/issues/9" + } + ] + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17415.json b/2019/17xxx/CVE-2019-17415.json new file mode 100644 index 00000000000..57daf73505d --- /dev/null +++ b/2019/17xxx/CVE-2019-17415.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/154738/File-Sharing-Wizard-1.5.0-DELETE-SEH-Buffer-Overflow.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/154738/File-Sharing-Wizard-1.5.0-DELETE-SEH-Buffer-Overflow.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5699.json b/2019/5xxx/CVE-2019-5699.json index e97911d4b24..cb74713433a 100644 --- a/2019/5xxx/CVE-2019-5699.json +++ b/2019/5xxx/CVE-2019-5699.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5699", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5699", + "ASSIGNER": "psirt@nvidia.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "NVIDIA SHIELD TV", + "version": { + "version_data": [ + { + "version_value": "SHIELD Experience prior to v8.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "code execution, escalation of privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4875", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4875" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges." } ] } diff --git a/2019/5xxx/CVE-2019-5700.json b/2019/5xxx/CVE-2019-5700.json index c1c6343f912..09311b2d686 100644 --- a/2019/5xxx/CVE-2019-5700.json +++ b/2019/5xxx/CVE-2019-5700.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5700", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5700", + "ASSIGNER": "psirt@nvidia.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "NVIDIA SHIELD TV", + "version": { + "version_data": [ + { + "version_value": "SHIELD Experience prior to v8.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "code execution, denial of service, information disclosure, escalation of privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4875", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4875" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure." } ] }