diff --git a/2008/7xxx/CVE-2008-7314.json b/2008/7xxx/CVE-2008-7314.json index 68f5b43a208..328a0f3b6e4 100644 --- a/2008/7xxx/CVE-2008-7314.json +++ b/2008/7xxx/CVE-2008-7314.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-7314", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mIRC", + "product": { + "product_data": [ + { + "product_name": "mIRC", + "version": { + "version_data": [ + { + "version_value": "before 6.35" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "http://www.mirc.com/news.html", + "url": "http://www.mirc.com/news.html" + }, + { + "refsource": "CONFIRM", + "name": "https://www.mirc.com/versions.txt", + "url": "https://www.mirc.com/versions.txt" } ] } diff --git a/2012/2xxx/CVE-2012-2087.json b/2012/2xxx/CVE-2012-2087.json index f7dac0d790c..aa841b61740 100644 --- a/2012/2xxx/CVE-2012-2087.json +++ b/2012/2xxx/CVE-2012-2087.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2087", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ISPConfig", + "version": { + "version_data": [ + { + "version_value": "3.0.4.3" + } + ] + } + } + ] + }, + "vendor_name": "ISPConfig" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ISPConfig 3.0.4.3: the \"Add new Webdav user\" can chmod and chown entire server from client interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "authentication error" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.openwall.com/lists/oss-security/2012/04/08/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/04/08/3" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2012/04/09/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/04/09/4" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/52936", + "url": "https://www.securityfocus.com/bid/52936" } ] } diff --git a/2012/4xxx/CVE-2012-4863.json b/2012/4xxx/CVE-2012-4863.json index cf14ed09d20..df7d814e91d 100644 --- a/2012/4xxx/CVE-2012-4863.json +++ b/2012/4xxx/CVE-2012-4863.json @@ -1,8 +1,34 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-4863", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "WebSphere MQ", + "version": { + "version_data": [ + { + "version_value": "7.1 without Fix Pack 7.1.0.2" + }, + { + "version_value": "7.5 without Fix Pack 7.5.0.1" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +37,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79920", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79920" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/63099", + "url": "https://www.tenable.com/plugins/nessus/63099" } ] } diff --git a/2012/4xxx/CVE-2012-4900.json b/2012/4xxx/CVE-2012-4900.json index ab6b5b8bb9d..859b159ef70 100644 --- a/2012/4xxx/CVE-2012-4900.json +++ b/2012/4xxx/CVE-2012-4900.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4900", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/58384", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/58384" + }, + { + "url": "http://www.securitytracker.com/id/1028257", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1028257" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82674", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82674" } ] } diff --git a/2012/4xxx/CVE-2012-4981.json b/2012/4xxx/CVE-2012-4981.json index 7e3c09dfcf6..5f5382ee65f 100644 --- a/2012/4xxx/CVE-2012-4981.json +++ b/2012/4xxx/CVE-2012-4981.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4981", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Toshiba ConfigFree 8.0.38 has a CF7 File Remote Command Execution Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/55643", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55643" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78800", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78800" } ] } diff --git a/2012/5xxx/CVE-2012-5698.json b/2012/5xxx/CVE-2012-5698.json index bfac42b56b1..423e3327bec 100644 --- a/2012/5xxx/CVE-2012-5698.json +++ b/2012/5xxx/CVE-2012-5698.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-5698", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "BabyGekko before 1.2.4 has SQL injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/56523", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/56523" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80085", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80085" } ] } diff --git a/2012/5xxx/CVE-2012-5699.json b/2012/5xxx/CVE-2012-5699.json index 5dc72010b5e..df7dd4a7601 100644 --- a/2012/5xxx/CVE-2012-5699.json +++ b/2012/5xxx/CVE-2012-5699.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-5699", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "BabyGekko before 1.2.4 allows PHP file inclusion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/56523", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/56523" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80086", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80086" } ] } diff --git a/2012/5xxx/CVE-2012-5867.json b/2012/5xxx/CVE-2012-5867.json index 19885bea2dc..a0bbb9d0bcf 100644 --- a/2012/5xxx/CVE-2012-5867.json +++ b/2012/5xxx/CVE-2012-5867.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-5867", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/47095", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/47095" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2012/11/14/15", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/11/14/15" } ] } diff --git a/2013/4xxx/CVE-2013-4175.json b/2013/4xxx/CVE-2013-4175.json index d83f00a8412..66176759987 100644 --- a/2013/4xxx/CVE-2013-4175.json +++ b/2013/4xxx/CVE-2013-4175.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4175", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MySecureShell", + "product": { + "product_data": [ + { + "product_name": "MySecureShell", + "version": { + "version_data": [ + { + "version_value": "1.31" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MySecureShell 1.31 has a Local Denial of Service Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/61410", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/61410" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2013/07/27/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/07/27/5" } ] } diff --git a/2013/4xxx/CVE-2013-4176.json b/2013/4xxx/CVE-2013-4176.json index edfa8431b35..175dfb6803e 100644 --- a/2013/4xxx/CVE-2013-4176.json +++ b/2013/4xxx/CVE-2013-4176.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4176", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mysecureshell", + "product": { + "product_data": [ + { + "product_name": "mysecureshell", + "version": { + "version_data": [ + { + "version_value": "1.31" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "mysecureshell 1.31: Local Information Disclosure Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/61409", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/61409" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2013/07/27/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/07/27/6" } ] } diff --git a/2013/6xxx/CVE-2013-6358.json b/2013/6xxx/CVE-2013-6358.json index 944350e60ea..0ce3a2c32a3 100644 --- a/2013/6xxx/CVE-2013-6358.json +++ b/2013/6xxx/CVE-2013-6358.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6358", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://web.archive.org/web/20150423041900/http://labs.davidsopas.com/2013/10/how-salesman-could-hack-prestashop.html", + "url": "https://web.archive.org/web/20150423041900/http://labs.davidsopas.com/2013/10/how-salesman-could-hack-prestashop.html" } ] } diff --git a/2013/6xxx/CVE-2013-6772.json b/2013/6xxx/CVE-2013-6772.json index 55ae14b2983..198790a5315 100644 --- a/2013/6xxx/CVE-2013-6772.json +++ b/2013/6xxx/CVE-2013-6772.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6772", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.splunk.com/view/SP-CAAAH32", + "refsource": "MISC", + "name": "http://www.splunk.com/view/SP-CAAAH32" } ] } diff --git a/2013/6xxx/CVE-2013-6773.json b/2013/6xxx/CVE-2013-6773.json index f3d8c254894..541ebbca154 100644 --- a/2013/6xxx/CVE-2013-6773.json +++ b/2013/6xxx/CVE-2013-6773.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6773", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.splunk.com/view/SP-CAAAHXG", + "refsource": "MISC", + "name": "http://www.splunk.com/view/SP-CAAAHXG" } ] } diff --git a/2013/6xxx/CVE-2013-6785.json b/2013/6xxx/CVE-2013-6785.json index d9ee5056f36..93389e18344 100644 --- a/2013/6xxx/CVE-2013-6785.json +++ b/2013/6xxx/CVE-2013-6785.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6785", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://blog.rapid7.com/2013/11/06/supermicro-ipmi-firmware-vulnerabilities/", + "url": "https://blog.rapid7.com/2013/11/06/supermicro-ipmi-firmware-vulnerabilities/" } ] } diff --git a/2013/6xxx/CVE-2013-6792.json b/2013/6xxx/CVE-2013-6792.json index 83f1b509880..525c03fab31 100644 --- a/2013/6xxx/CVE-2013-6792.json +++ b/2013/6xxx/CVE-2013-6792.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6792", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/64529", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/64529" } ] } diff --git a/2014/7xxx/CVE-2014-7238.json b/2014/7xxx/CVE-2014-7238.json index 71b4165ea07..1fc17e26608 100644 --- a/2014/7xxx/CVE-2014-7238.json +++ b/2014/7xxx/CVE-2014-7238.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7238", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WordPress plugin Contact Form Integrated With Google Maps 1.0-2.4 has Stored XSS" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wpvulndb.com/vulnerabilities/8235", + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/8235" } ] } diff --git a/2016/1000xxx/CVE-2016-1000237.json b/2016/1000xxx/CVE-2016-1000237.json index 3f4f14ca6f8..e2317fb6f65 100644 --- a/2016/1000xxx/CVE-2016-1000237.json +++ b/2016/1000xxx/CVE-2016-1000237.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-1000237", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "sanitize-html before 1.4.3 has XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", + "refsource": "MISC", + "name": "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json" + }, + { + "url": "https://nodesecurity.io/advisories/135", + "refsource": "MISC", + "name": "https://nodesecurity.io/advisories/135" } ] } diff --git a/2019/17xxx/CVE-2019-17201.json b/2019/17xxx/CVE-2019-17201.json new file mode 100644 index 00000000000..b32418de377 --- /dev/null +++ b/2019/17xxx/CVE-2019-17201.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17201", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. When a user requests elevation using the AdminByRequest.exe interface, the interface communicates with the underlying service (Audckq32.exe) using a .NET named pipe. If the underlying service responds that a user is permitted access to the elevation feature, the client then reinitiates communication with the underlying service and requests elevation. This elevation request has no local checks in the service, and depends on client-side validation in the AdminByRequest.exe interface, i.e., it is a vulnerable exposed functionality in the service. By communicating directly with the underlying service, any user can request elevation and obtain Administrator privilege regardless of group policies or permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://improsec.com/en/responsible-disclosure", + "url": "https://improsec.com/en/responsible-disclosure" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:N/C:H/I:H/PR:N/S:C/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/17xxx/CVE-2019-17202.json b/2019/17xxx/CVE-2019-17202.json new file mode 100644 index 00000000000..5ef36983b34 --- /dev/null +++ b/2019/17xxx/CVE-2019-17202.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-17202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a challenge-response manner upon attempting to elevate privileges. The challenge's response uses a simple algorithm that can be easily emulated via data (customer ID and device name) available to all users, and thus any user can elevate to Administrator privilege." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://improsec.com/en/responsible-disclosure", + "url": "https://improsec.com/en/responsible-disclosure" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:N/C:H/I:H/PR:N/S:C/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18898.json b/2019/18xxx/CVE-2019-18898.json index a25caa5e219..9fff1ac4200 100644 --- a/2019/18xxx/CVE-2019-18898.json +++ b/2019/18xxx/CVE-2019-18898.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security@suse.de", + "ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2019-11-26T00:00:00.000Z", "ID": "CVE-2019-18898", "STATE": "PUBLIC", @@ -63,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root.\nThis issue affects:\nSUSE SUSE Linux Enterprise Server 15 SP1\ntrousers versions prior to 0.3.14-6.3.1.\nopenSUSE Factory\ntrousers versions prior to 0.3.14-7.1." + "value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1." } ] }, diff --git a/2019/19xxx/CVE-2019-19838.json b/2019/19xxx/CVE-2019-19838.json index 29a28a9188e..27aa1c664b1 100644 --- a/2019/19xxx/CVE-2019-19838.json +++ b/2019/19xxx/CVE-2019-19838.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19838", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19838", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html", + "refsource": "MISC", + "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruckuswireless.com/security/299/view/txt", + "url": "https://www.ruckuswireless.com/security/299/view/txt" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless", + "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless" } ] } diff --git a/2019/19xxx/CVE-2019-19839.json b/2019/19xxx/CVE-2019-19839.json index 76aa0e4082d..cf3757e233a 100644 --- a/2019/19xxx/CVE-2019-19839.json +++ b/2019/19xxx/CVE-2019-19839.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19839", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19839", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html", + "refsource": "MISC", + "name": "https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html" + }, + { + "refsource": "MISC", + "name": "https://www.ruckuswireless.com/security/299/view/txt", + "url": "https://www.ruckuswireless.com/security/299/view/txt" + }, + { + "refsource": "MISC", + "name": "https://alephsecurity.com/2020/01/14/ruckus-wireless", + "url": "https://alephsecurity.com/2020/01/14/ruckus-wireless" } ] } diff --git a/2019/20xxx/CVE-2019-20400.json b/2019/20xxx/CVE-2019-20400.json new file mode 100644 index 00000000000..cb87d1c9002 --- /dev/null +++ b/2019/20xxx/CVE-2019-20400.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20400", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20401.json b/2019/20xxx/CVE-2019-20401.json new file mode 100644 index 00000000000..ce7d370c688 --- /dev/null +++ b/2019/20xxx/CVE-2019-20401.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20401", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20402.json b/2019/20xxx/CVE-2019-20402.json new file mode 100644 index 00000000000..9c189e3b8be --- /dev/null +++ b/2019/20xxx/CVE-2019-20402.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20402", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20403.json b/2019/20xxx/CVE-2019-20403.json new file mode 100644 index 00000000000..a99e34a7df8 --- /dev/null +++ b/2019/20xxx/CVE-2019-20403.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20403", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20404.json b/2019/20xxx/CVE-2019-20404.json new file mode 100644 index 00000000000..cedb2158f2b --- /dev/null +++ b/2019/20xxx/CVE-2019-20404.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20404", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20405.json b/2019/20xxx/CVE-2019-20405.json new file mode 100644 index 00000000000..e8c3cd3e1ea --- /dev/null +++ b/2019/20xxx/CVE-2019-20405.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20405", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20406.json b/2019/20xxx/CVE-2019-20406.json new file mode 100644 index 00000000000..289fd8aacce --- /dev/null +++ b/2019/20xxx/CVE-2019-20406.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20406", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20407.json b/2019/20xxx/CVE-2019-20407.json new file mode 100644 index 00000000000..327639176de --- /dev/null +++ b/2019/20xxx/CVE-2019-20407.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20407", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20408.json b/2019/20xxx/CVE-2019-20408.json new file mode 100644 index 00000000000..3c35b9a6f6a --- /dev/null +++ b/2019/20xxx/CVE-2019-20408.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20408", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20409.json b/2019/20xxx/CVE-2019-20409.json new file mode 100644 index 00000000000..8bbfa182fc3 --- /dev/null +++ b/2019/20xxx/CVE-2019-20409.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20409", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20410.json b/2019/20xxx/CVE-2019-20410.json new file mode 100644 index 00000000000..4e56ce8fd72 --- /dev/null +++ b/2019/20xxx/CVE-2019-20410.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20410", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20411.json b/2019/20xxx/CVE-2019-20411.json new file mode 100644 index 00000000000..f08521eab90 --- /dev/null +++ b/2019/20xxx/CVE-2019-20411.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20411", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20412.json b/2019/20xxx/CVE-2019-20412.json new file mode 100644 index 00000000000..665028a2055 --- /dev/null +++ b/2019/20xxx/CVE-2019-20412.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20412", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20413.json b/2019/20xxx/CVE-2019-20413.json new file mode 100644 index 00000000000..3f757bf5ae0 --- /dev/null +++ b/2019/20xxx/CVE-2019-20413.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20413", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20414.json b/2019/20xxx/CVE-2019-20414.json new file mode 100644 index 00000000000..c48e3f3ca6e --- /dev/null +++ b/2019/20xxx/CVE-2019-20414.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20414", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20415.json b/2019/20xxx/CVE-2019-20415.json new file mode 100644 index 00000000000..b88c3ac553e --- /dev/null +++ b/2019/20xxx/CVE-2019-20415.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20415", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20416.json b/2019/20xxx/CVE-2019-20416.json new file mode 100644 index 00000000000..96b82189fd2 --- /dev/null +++ b/2019/20xxx/CVE-2019-20416.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20416", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20417.json b/2019/20xxx/CVE-2019-20417.json new file mode 100644 index 00000000000..31d3624a738 --- /dev/null +++ b/2019/20xxx/CVE-2019-20417.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20417", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20418.json b/2019/20xxx/CVE-2019-20418.json new file mode 100644 index 00000000000..f894169544f --- /dev/null +++ b/2019/20xxx/CVE-2019-20418.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20418", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20419.json b/2019/20xxx/CVE-2019-20419.json new file mode 100644 index 00000000000..d196c78506b --- /dev/null +++ b/2019/20xxx/CVE-2019-20419.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20419", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6843.json b/2020/6xxx/CVE-2020-6843.json index 2b447e1d468..3c632e35829 100644 --- a/2020/6xxx/CVE-2020-6843.json +++ b/2020/6xxx/CVE-2020-6843.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6843", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6843", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.manageengine.com", + "refsource": "MISC", + "name": "https://www.manageengine.com" + }, + { + "url": "https://sec-consult.com/en/vulnerability-lab/advisories/index.html", + "refsource": "MISC", + "name": "https://sec-consult.com/en/vulnerability-lab/advisories/index.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156050/ZOHO-ManageEngine-ServiceDeskPlus-11.0-Build-11007-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/156050/ZOHO-ManageEngine-ServiceDeskPlus-11.0-Build-11007-Cross-Site-Scripting.html" } ] } diff --git a/2020/7xxx/CVE-2020-7921.json b/2020/7xxx/CVE-2020-7921.json new file mode 100644 index 00000000000..b67f8d4149b --- /dev/null +++ b/2020/7xxx/CVE-2020-7921.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7921", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7922.json b/2020/7xxx/CVE-2020-7922.json new file mode 100644 index 00000000000..8d18edd78fe --- /dev/null +++ b/2020/7xxx/CVE-2020-7922.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7922", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7923.json b/2020/7xxx/CVE-2020-7923.json new file mode 100644 index 00000000000..caf4144cbe3 --- /dev/null +++ b/2020/7xxx/CVE-2020-7923.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7923", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7924.json b/2020/7xxx/CVE-2020-7924.json new file mode 100644 index 00000000000..4299fb19c57 --- /dev/null +++ b/2020/7xxx/CVE-2020-7924.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7924", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7925.json b/2020/7xxx/CVE-2020-7925.json new file mode 100644 index 00000000000..18cd68277e0 --- /dev/null +++ b/2020/7xxx/CVE-2020-7925.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7925", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7926.json b/2020/7xxx/CVE-2020-7926.json new file mode 100644 index 00000000000..caf2f04621f --- /dev/null +++ b/2020/7xxx/CVE-2020-7926.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7926", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7927.json b/2020/7xxx/CVE-2020-7927.json new file mode 100644 index 00000000000..e3ac42332ac --- /dev/null +++ b/2020/7xxx/CVE-2020-7927.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7927", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7928.json b/2020/7xxx/CVE-2020-7928.json new file mode 100644 index 00000000000..7bb73d76da4 --- /dev/null +++ b/2020/7xxx/CVE-2020-7928.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7928", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7929.json b/2020/7xxx/CVE-2020-7929.json new file mode 100644 index 00000000000..3cd9f4e73f7 --- /dev/null +++ b/2020/7xxx/CVE-2020-7929.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7929", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7930.json b/2020/7xxx/CVE-2020-7930.json new file mode 100644 index 00000000000..af8ee8e6b35 --- /dev/null +++ b/2020/7xxx/CVE-2020-7930.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7930", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7931.json b/2020/7xxx/CVE-2020-7931.json new file mode 100644 index 00000000000..7f9b3346759 --- /dev/null +++ b/2020/7xxx/CVE-2020-7931.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-7931", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0006.md", + "refsource": "MISC", + "name": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0006.md" + }, + { + "refsource": "MISC", + "name": "https://www.jfrog.com/confluence/display/RTF/Release+Notes", + "url": "https://www.jfrog.com/confluence/display/RTF/Release+Notes" + } + ] + } +} \ No newline at end of file