diff --git a/2018/8xxx/CVE-2018-8654.json b/2018/8xxx/CVE-2018-8654.json index 6679fd05055..136c05a66b4 100644 --- a/2018/8xxx/CVE-2018-8654.json +++ b/2018/8xxx/CVE-2018-8654.json @@ -1,18 +1,60 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-8654", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-8654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Dynamics 365 (on-premises) version 8", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka \u0027Microsoft Dynamics 365 Elevation of Privilege Vulnerability\u0027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8654" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1349.json b/2019/1xxx/CVE-2019-1349.json index 20fa586d935..2197a0a766d 100644 --- a/2019/1xxx/CVE-2019-1349.json +++ b/2019/1xxx/CVE-2019-1349.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1349", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "15.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_value": "16.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \u0027Git for Visual Studio Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1350.json b/2019/1xxx/CVE-2019-1350.json index c4cf44bf670..87f74682115 100644 --- a/2019/1xxx/CVE-2019-1350.json +++ b/2019/1xxx/CVE-2019-1350.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1350", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "15.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_value": "16.0" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \u0027Git for Visual Studio Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1351.json b/2019/1xxx/CVE-2019-1351.json index 504f5f0b50d..f4a3b4ceb5f 100644 --- a/2019/1xxx/CVE-2019-1351.json +++ b/2019/1xxx/CVE-2019-1351.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1351", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "15.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_value": "16.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka \u0027Git for Visual Studio Tampering Vulnerability\u0027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Tampering" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1352.json b/2019/1xxx/CVE-2019-1352.json index 75cf95174f7..361d8e7830f 100644 --- a/2019/1xxx/CVE-2019-1352.json +++ b/2019/1xxx/CVE-2019-1352.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1352", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "15.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_value": "16.0" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \u0027Git for Visual Studio Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1354.json b/2019/1xxx/CVE-2019-1354.json index b3436d40db0..38954a7f265 100644 --- a/2019/1xxx/CVE-2019-1354.json +++ b/2019/1xxx/CVE-2019-1354.json @@ -1,18 +1,90 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1354", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "15.0" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019", + "version": { + "version_data": [ + { + "version_value": "16.0" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka \u0027Git for Visual Studio Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1414.json b/2019/1xxx/CVE-2019-1414.json index f248f44aed6..9a1c6865c2b 100644 --- a/2019/1xxx/CVE-2019-1414.json +++ b/2019/1xxx/CVE-2019-1414.json @@ -1,18 +1,60 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1414", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Visual Studio Code", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka \u0027Visual Studio Code Elevation of Privilege Vulnerability\u0027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1414" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1454.json b/2019/1xxx/CVE-2019-1454.json index 913bdf0ea36..1068653862d 100644 --- a/2019/1xxx/CVE-2019-1454.json +++ b/2019/1xxx/CVE-2019-1454.json @@ -1,18 +1,215 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1454", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2" + }, + { + "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)" + }, + { + "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" + }, + { + "version_value": "2012" + }, + { + "version_value": "2012 (Core installation)" + }, + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1903 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1903 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 1903 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 1903 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka \u0027Windows User Profile Service Elevation of Privilege Vulnerability\u0027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1454" + } + ] + } +} diff --git a/2019/1xxx/CVE-2019-1460.json b/2019/1xxx/CVE-2019-1460.json index e1f21a1c91f..6de10e5ab3c 100644 --- a/2019/1xxx/CVE-2019-1460.json +++ b/2019/1xxx/CVE-2019-1460.json @@ -1,18 +1,60 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1460", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-1460", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Outlook for Android", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } + ] } -} \ No newline at end of file + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka \u0027Outlook for Android Spoofing Vulnerability\u0027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1460" + } + ] + } +}