diff --git a/2017/14xxx/CVE-2017-14186.json b/2017/14xxx/CVE-2017-14186.json index f9ce0927b01..54d9f17e50c 100644 --- a/2017/14xxx/CVE-2017-14186.json +++ b/2017/14xxx/CVE-2017-14186.json @@ -44,7 +44,7 @@ "description_data": [ { "lang": "eng", - "value": "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.6, 5.2.0 to 5.2.12, 5.0 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter." + "value": "A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a remote user to inject arbitrary web script or HTML in the context of the victim's browser via the login redir parameter. An URL Redirection attack may also be feasible by injecting an external URL via the affected parameter." } ] }, diff --git a/2018/13xxx/CVE-2018-13383.json b/2018/13xxx/CVE-2018-13383.json index 773abe6b3bf..69975065244 100644 --- a/2018/13xxx/CVE-2018-13383.json +++ b/2018/13xxx/CVE-2018-13383.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-13383", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-13383", + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiOS", + "version": { + "version_data": [ + { + "version_value": "FortiOS all versions below 6.0.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-18-388", + "url": "https://fortiguard.com/advisory/FG-IR-18-388" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap buffer overflow in Fortinet FortiOS all versions below 6.0.5 in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages." } ] } diff --git a/2018/16xxx/CVE-2018-16217.json b/2018/16xxx/CVE-2018-16217.json index de717bf45b3..de4fa1a7c6f 100644 --- a/2018/16xxx/CVE-2018-16217.json +++ b/2018/16xxx/CVE-2018-16217.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16217", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sit.fraunhofer.de/de/securitytestlab/", + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/de/securitytestlab/" + }, + { + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271", + "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271" } ] } diff --git a/2018/16xxx/CVE-2018-16218.json b/2018/16xxx/CVE-2018-16218.json index 87942d1f3fe..8503cced454 100644 --- a/2018/16xxx/CVE-2018-16218.json +++ b/2018/16xxx/CVE-2018-16218.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16218", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sit.fraunhofer.de/de/securitytestlab/", + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/de/securitytestlab/" + }, + { + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271", + "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271" } ] } diff --git a/2018/16xxx/CVE-2018-16221.json b/2018/16xxx/CVE-2018-16221.json index 25808182fee..9028539909d 100644 --- a/2018/16xxx/CVE-2018-16221.json +++ b/2018/16xxx/CVE-2018-16221.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16221", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sit.fraunhofer.de/de/securitytestlab/", + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/de/securitytestlab/" + }, + { + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271", + "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271" } ] } diff --git a/2018/19xxx/CVE-2018-19977.json b/2018/19xxx/CVE-2018-19977.json index 779d1e82412..9dda86c058a 100644 --- a/2018/19xxx/CVE-2018-19977.json +++ b/2018/19xxx/CVE-2018-19977.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19977", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) -- in the same network as the device -- to trigger OS commands (like starting telnetd or opening a reverse shell) via a POST request to the web server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-comfortel-1200-ip.html", + "refsource": "MISC", + "name": "https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-comfortel-1200-ip.html" + }, + { + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortel_1200_IP.pdf?_=1549376183", + "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortel_1200_IP.pdf?_=1549376183" } ] } diff --git a/2018/19xxx/CVE-2018-19978.json b/2018/19xxx/CVE-2018-19978.json index 3a18106abbe..5aa4a3cd437 100644 --- a/2018/19xxx/CVE-2018-19978.json +++ b/2018/19xxx/CVE-2018-19978.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19978", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-comfortel-1200-ip.html", + "refsource": "MISC", + "name": "https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-comfortel-1200-ip.html" + }, + { + "refsource": "MISC", + "name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortel_1200_IP.pdf?_=1549376183", + "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortel_1200_IP.pdf?_=1549376183" } ] } diff --git a/2019/5xxx/CVE-2019-5515.json b/2019/5xxx/CVE-2019-5515.json index 9966095eccf..c50fb10a2c1 100644 --- a/2019/5xxx/CVE-2019-5515.json +++ b/2019/5xxx/CVE-2019-5515.json @@ -72,6 +72,11 @@ "refsource": "MISC", "name": "https://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html", "url": "https://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-516/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-516/" } ] }, diff --git a/2019/7xxx/CVE-2019-7129.json b/2019/7xxx/CVE-2019-7129.json index 327a1145d55..1ce4a8a044a 100644 --- a/2019/7xxx/CVE-2019-7129.json +++ b/2019/7xxx/CVE-2019-7129.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7129", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "Adobe Experience Manager Forms versions" + } + ] + }, + "product_name": "Adobe Experience Manager Forms" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/aem-forms/apsb19-24.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/aem-forms/apsb19-24.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7129", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file