diff --git a/2017/14xxx/CVE-2017-14394.json b/2017/14xxx/CVE-2017-14394.json index f8b26632623..8a72a347d32 100644 --- a/2017/14xxx/CVE-2017-14394.json +++ b/2017/14xxx/CVE-2017-14394.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14394", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OAuth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to perform phishing via an unvalidated redirect." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://backstage.forgerock.com/knowledge/kb/article/a45958025", + "url": "https://backstage.forgerock.com/knowledge/kb/article/a45958025" } ] } diff --git a/2017/14xxx/CVE-2017-14395.json b/2017/14xxx/CVE-2017-14395.json index 323dbbfc4f5..f37ecc47a95 100644 --- a/2017/14xxx/CVE-2017-14395.json +++ b/2017/14xxx/CVE-2017-14395.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14395", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Auth 2.0 Authorization Server of ForgeRock Access Management (OpenAM) 13.5.0-13.5.1 and Access Management (AM) 5.0.0-5.1.1 does not correctly validate redirect_uri for some invalid requests, which allows attackers to execute a script in the user's browser via reflected XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://backstage.forgerock.com/knowledge/kb/article/a45958025", + "url": "https://backstage.forgerock.com/knowledge/kb/article/a45958025" } ] } diff --git a/2018/1000xxx/CVE-2018-1000164.json b/2018/1000xxx/CVE-2018-1000164.json index e48ae0358d1..9080fc31bc2 100644 --- a/2018/1000xxx/CVE-2018-1000164.json +++ b/2018/1000xxx/CVE-2018-1000164.json @@ -74,6 +74,11 @@ "name": "DSA-4186", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4186" + }, + { + "refsource": "UBUNTU", + "name": "USN-4022-1", + "url": "https://usn.ubuntu.com/4022-1/" } ] } diff --git a/2019/12xxx/CVE-2019-12893.json b/2019/12xxx/CVE-2019-12893.json new file mode 100644 index 00000000000..2b6c577056c --- /dev/null +++ b/2019/12xxx/CVE-2019-12893.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12893", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewer!PerfgrapFinalize+0x00000000000a8868." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12894.json b/2019/12xxx/CVE-2019-12894.json new file mode 100644 index 00000000000..527cac484c7 --- /dev/null +++ b/2019/12xxx/CVE-2019-12894.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12894", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Alternate Pic View 2.600 has a Read Access Violation at the Instruction Pointer after a call from PicViewer!PerfgrapFinalize+0x00000000000a9a1b." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12895.json b/2019/12xxx/CVE-2019-12895.json new file mode 100644 index 00000000000..d8bdd514e2d --- /dev/null +++ b/2019/12xxx/CVE-2019-12895.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12895", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-alternate-pic-view.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12896.json b/2019/12xxx/CVE-2019-12896.json new file mode 100644 index 00000000000..de35ee04093 --- /dev/null +++ b/2019/12xxx/CVE-2019-12896.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTemporaryKey+0x0000000000001a77." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-edraw-max.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-edraw-max.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12897.json b/2019/12xxx/CVE-2019-12897.json new file mode 100644 index 00000000000..e545df2de28 --- /dev/null +++ b/2019/12xxx/CVE-2019-12897.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-edraw-max.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-edraw-max.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12898.json b/2019/12xxx/CVE-2019-12898.json new file mode 100644 index 00000000000..5f1dd6f0836 --- /dev/null +++ b/2019/12xxx/CVE-2019-12898.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12898", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at image00400000+0x000000000017a45e." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-devicenet-builder.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-devicenet-builder.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12899.json b/2019/12xxx/CVE-2019-12899.json new file mode 100644 index 00000000000..37cff7a65a5 --- /dev/null +++ b/2019/12xxx/CVE-2019-12899.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV starting at ntdll!RtlQueueWorkItem+0x00000000000005e3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://code610.blogspot.com/2019/05/crashing-devicenet-builder.html", + "refsource": "MISC", + "name": "https://code610.blogspot.com/2019/05/crashing-devicenet-builder.html" + } + ] + } +} \ No newline at end of file