From cbaf3992e1fb679a10abcefd6e533d43328c04c0 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 6 Jan 2020 18:01:06 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/12xxx/CVE-2018-12207.json | 10 +++++ 2019/11xxx/CVE-2019-11135.json | 10 +++++ 2019/14xxx/CVE-2019-14821.json | 5 +++ 2019/15xxx/CVE-2019-15239.json | 5 +++ 2019/17xxx/CVE-2019-17568.json | 18 ++++++++ 2019/18xxx/CVE-2019-18792.json | 77 ++++++++++++++++++++++++++++++++++ 2019/19xxx/CVE-2019-19861.json | 4 +- 2019/19xxx/CVE-2019-19862.json | 4 +- 2019/19xxx/CVE-2019-19863.json | 4 +- 2019/19xxx/CVE-2019-19864.json | 4 +- 2019/20xxx/CVE-2019-20356.json | 18 ++++++++ 2019/3xxx/CVE-2019-3468.json | 14 +++---- 2019/3xxx/CVE-2019-3469.json | 14 +++---- 2019/3xxx/CVE-2019-3470.json | 14 +++---- 2019/3xxx/CVE-2019-3471.json | 14 +++---- 2019/3xxx/CVE-2019-3472.json | 14 +++---- 2019/3xxx/CVE-2019-3473.json | 14 +++---- 2019/9xxx/CVE-2019-9468.json | 58 +++++++++++++++++++++---- 2019/9xxx/CVE-2019-9469.json | 58 +++++++++++++++++++++---- 2019/9xxx/CVE-2019-9470.json | 58 +++++++++++++++++++++---- 2019/9xxx/CVE-2019-9471.json | 58 +++++++++++++++++++++---- 2019/9xxx/CVE-2019-9472.json | 58 +++++++++++++++++++++---- 2020/5xxx/CVE-2020-5840.json | 67 +++++++++++++++++++++++++++++ 2020/5xxx/CVE-2020-5841.json | 18 ++++++++ 2020/5xxx/CVE-2020-5842.json | 18 ++++++++ 2020/5xxx/CVE-2020-5843.json | 18 ++++++++ 2020/5xxx/CVE-2020-5844.json | 18 ++++++++ 27 files changed, 587 insertions(+), 85 deletions(-) create mode 100644 2019/17xxx/CVE-2019-17568.json create mode 100644 2019/18xxx/CVE-2019-18792.json create mode 100644 2019/20xxx/CVE-2019-20356.json create mode 100644 2020/5xxx/CVE-2020-5840.json create mode 100644 2020/5xxx/CVE-2020-5841.json create mode 100644 2020/5xxx/CVE-2020-5842.json create mode 100644 2020/5xxx/CVE-2020-5843.json create mode 100644 2020/5xxx/CVE-2020-5844.json diff --git a/2018/12xxx/CVE-2018-12207.json b/2018/12xxx/CVE-2018-12207.json index ed362082f35..e1d14042832 100644 --- a/2018/12xxx/CVE-2018-12207.json +++ b/2018/12xxx/CVE-2018-12207.json @@ -88,6 +88,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2710", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0026", + "url": "https://access.redhat.com/errata/RHSA-2020:0026" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0028", + "url": "https://access.redhat.com/errata/RHSA-2020:0028" } ] }, diff --git a/2019/11xxx/CVE-2019-11135.json b/2019/11xxx/CVE-2019-11135.json index 90012bbd217..18c8b6290da 100644 --- a/2019/11xxx/CVE-2019-11135.json +++ b/2019/11xxx/CVE-2019-11135.json @@ -128,6 +128,16 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2710", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0026", + "url": "https://access.redhat.com/errata/RHSA-2020:0026" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0028", + "url": "https://access.redhat.com/errata/RHSA-2020:0028" } ] }, diff --git a/2019/14xxx/CVE-2019-14821.json b/2019/14xxx/CVE-2019-14821.json index e288cc3231d..ed0d834c8db 100644 --- a/2019/14xxx/CVE-2019-14821.json +++ b/2019/14xxx/CVE-2019-14821.json @@ -173,6 +173,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:4256", "url": "https://access.redhat.com/errata/RHSA-2019:4256" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0027", + "url": "https://access.redhat.com/errata/RHSA-2020:0027" } ] }, diff --git a/2019/15xxx/CVE-2019-15239.json b/2019/15xxx/CVE-2019-15239.json index 3e70cc622fb..39502daae37 100644 --- a/2019/15xxx/CVE-2019-15239.json +++ b/2019/15xxx/CVE-2019-15239.json @@ -96,6 +96,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3979", "url": "https://access.redhat.com/errata/RHSA-2019:3979" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0027", + "url": "https://access.redhat.com/errata/RHSA-2020:0027" } ] } diff --git a/2019/17xxx/CVE-2019-17568.json b/2019/17xxx/CVE-2019-17568.json new file mode 100644 index 00000000000..bed25286ba2 --- /dev/null +++ b/2019/17xxx/CVE-2019-17568.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-17568", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18792.json b/2019/18xxx/CVE-2019-18792.json new file mode 100644 index 00000000000..2eed0f70976 --- /dev/null +++ b/2019/18xxx/CVE-2019-18792.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet (containing the data) will be ignored by Suricata because it overlaps the FIN packet (the sequence and ack number are identical in the two packets). The client will ignore the fake FIN packet because the ACK flag is not set. Both linux and windows clients are ignoring the injected packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://redmine.openinfosecfoundation.org/issues/3324", + "url": "https://redmine.openinfosecfoundation.org/issues/3324" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/OISF/suricata/commit/fa692df37a796c3330c81988d15ef1a219afc006", + "url": "https://github.com/OISF/suricata/commit/fa692df37a796c3330c81988d15ef1a219afc006" + }, + { + "refsource": "MISC", + "name": "https://redmine.openinfosecfoundation.org/issues/3394", + "url": "https://redmine.openinfosecfoundation.org/issues/3394" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/OISF/suricata/commit/1c63d3905852f746ccde7e2585600b2199cefb4b", + "url": "https://github.com/OISF/suricata/commit/1c63d3905852f746ccde7e2585600b2199cefb4b" + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19861.json b/2019/19xxx/CVE-2019-19861.json index 2ead8161c5f..8d61cf657e3 100644 --- a/2019/19xxx/CVE-2019-19861.json +++ b/2019/19xxx/CVE-2019-19861.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2019-19861", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/19xxx/CVE-2019-19862.json b/2019/19xxx/CVE-2019-19862.json index 3be350fd0d3..13888a03ed0 100644 --- a/2019/19xxx/CVE-2019-19862.json +++ b/2019/19xxx/CVE-2019-19862.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2019-19862", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/19xxx/CVE-2019-19863.json b/2019/19xxx/CVE-2019-19863.json index bffeb43199e..7fbe88b755b 100644 --- a/2019/19xxx/CVE-2019-19863.json +++ b/2019/19xxx/CVE-2019-19863.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2019-19863", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/19xxx/CVE-2019-19864.json b/2019/19xxx/CVE-2019-19864.json index c526cb17a38..af55e775aad 100644 --- a/2019/19xxx/CVE-2019-19864.json +++ b/2019/19xxx/CVE-2019-19864.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2019-19864", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/20xxx/CVE-2019-20356.json b/2019/20xxx/CVE-2019-20356.json new file mode 100644 index 00000000000..3910582f55a --- /dev/null +++ b/2019/20xxx/CVE-2019-20356.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20356", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3468.json b/2019/3xxx/CVE-2019-3468.json index be4b43df29d..a6ce16e411a 100644 --- a/2019/3xxx/CVE-2019-3468.json +++ b/2019/3xxx/CVE-2019-3468.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3468", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3468", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/3xxx/CVE-2019-3469.json b/2019/3xxx/CVE-2019-3469.json index 336f0f8a1ee..a37964fadbe 100644 --- a/2019/3xxx/CVE-2019-3469.json +++ b/2019/3xxx/CVE-2019-3469.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3469", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3469", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/3xxx/CVE-2019-3470.json b/2019/3xxx/CVE-2019-3470.json index 701a4c68422..79d305f9641 100644 --- a/2019/3xxx/CVE-2019-3470.json +++ b/2019/3xxx/CVE-2019-3470.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3470", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3470", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/3xxx/CVE-2019-3471.json b/2019/3xxx/CVE-2019-3471.json index 536202f0d01..7741d0be17b 100644 --- a/2019/3xxx/CVE-2019-3471.json +++ b/2019/3xxx/CVE-2019-3471.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3471", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3471", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/3xxx/CVE-2019-3472.json b/2019/3xxx/CVE-2019-3472.json index aac38c32ffb..73c2c295910 100644 --- a/2019/3xxx/CVE-2019-3472.json +++ b/2019/3xxx/CVE-2019-3472.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3472", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3472", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/3xxx/CVE-2019-3473.json b/2019/3xxx/CVE-2019-3473.json index b72a88f3501..75113c8c0cc 100644 --- a/2019/3xxx/CVE-2019-3473.json +++ b/2019/3xxx/CVE-2019-3473.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-3473", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-3473", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none." } ] } diff --git a/2019/9xxx/CVE-2019-9468.json b/2019/9xxx/CVE-2019-9468.json index 2a59914f0ed..d219863d66b 100644 --- a/2019/9xxx/CVE-2019-9468.json +++ b/2019/9xxx/CVE-2019-9468.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9468", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9468", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2019-12-01", + "url": "https://source.android.com/security/bulletin/pixel/2019-12-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-139683471" } ] } diff --git a/2019/9xxx/CVE-2019-9469.json b/2019/9xxx/CVE-2019-9469.json index c4616aed0da..f027bc12526 100644 --- a/2019/9xxx/CVE-2019-9469.json +++ b/2019/9xxx/CVE-2019-9469.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9469", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9469", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2019-12-01", + "url": "https://source.android.com/security/bulletin/pixel/2019-12-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-130246677" } ] } diff --git a/2019/9xxx/CVE-2019-9470.json b/2019/9xxx/CVE-2019-9470.json index 90790ca6736..c97d0ce1fc4 100644 --- a/2019/9xxx/CVE-2019-9470.json +++ b/2019/9xxx/CVE-2019-9470.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9470", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9470", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2019-12-01", + "url": "https://source.android.com/security/bulletin/pixel/2019-12-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-144167528" } ] } diff --git a/2019/9xxx/CVE-2019-9471.json b/2019/9xxx/CVE-2019-9471.json index d3be0ec7fbd..7f84c4adb18 100644 --- a/2019/9xxx/CVE-2019-9471.json +++ b/2019/9xxx/CVE-2019-9471.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9471", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9471", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2019-12-01", + "url": "https://source.android.com/security/bulletin/pixel/2019-12-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-144168326" } ] } diff --git a/2019/9xxx/CVE-2019-9472.json b/2019/9xxx/CVE-2019-9472.json index e32b50345e0..4c52b6d66d4 100644 --- a/2019/9xxx/CVE-2019-9472.json +++ b/2019/9xxx/CVE-2019-9472.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-9472", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-9472", + "ASSIGNER": "security@android.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://source.android.com/security/bulletin/pixel/2019-12-01", + "url": "https://source.android.com/security/bulletin/pixel/2019-12-01" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-130237611" } ] } diff --git a/2020/5xxx/CVE-2020-5840.json b/2020/5xxx/CVE-2020-5840.json new file mode 100644 index 00000000000..48c747ea316 --- /dev/null +++ b/2020/5xxx/CVE-2020-5840.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-5840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows an attacker to reach a parent directory via a crafted name or ID field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/HashBrownCMS/hashbrown-cms/compare/v1.3.1...v1.3.2", + "refsource": "MISC", + "name": "https://github.com/HashBrownCMS/hashbrown-cms/compare/v1.3.1...v1.3.2" + }, + { + "url": "https://github.com/HashBrownCMS/hashbrown-cms/releases/tag/v1.3.2", + "refsource": "MISC", + "name": "https://github.com/HashBrownCMS/hashbrown-cms/releases/tag/v1.3.2" + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5841.json b/2020/5xxx/CVE-2020-5841.json new file mode 100644 index 00000000000..4692d2eac5f --- /dev/null +++ b/2020/5xxx/CVE-2020-5841.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-5841", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5842.json b/2020/5xxx/CVE-2020-5842.json new file mode 100644 index 00000000000..16b648314a6 --- /dev/null +++ b/2020/5xxx/CVE-2020-5842.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-5842", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5843.json b/2020/5xxx/CVE-2020-5843.json new file mode 100644 index 00000000000..d0a6629e6e9 --- /dev/null +++ b/2020/5xxx/CVE-2020-5843.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-5843", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5844.json b/2020/5xxx/CVE-2020-5844.json new file mode 100644 index 00000000000..954df18f5a8 --- /dev/null +++ b/2020/5xxx/CVE-2020-5844.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-5844", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file