diff --git a/2018/4xxx/CVE-2018-4834.json b/2018/4xxx/CVE-2018-4834.json index b13b932eeca..1fd6fa886e7 100644 --- a/2018/4xxx/CVE-2018-4834.json +++ b/2018/4xxx/CVE-2018-4834.json @@ -47,7 +47,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Desigo Automation Controllers Compact PXC12/22/36-E.D, Desigo Automation Controllers Modular PXC00/50/100/200-E.D, Desigo Automation Controllers PXC00/64/128-U with Web module, Desigo Automation Controllers for Integration PXC001-E.D, Desigo Operator Unit PXM20-E. A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication." + "value": "A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator Unit PXM20-E. A remote attacker with network access to the device could potentially upload a new firmware image to the devices without prior authentication." } ] }, diff --git a/2019/10xxx/CVE-2019-10100.json b/2019/10xxx/CVE-2019-10100.json new file mode 100644 index 00000000000..997eae8c59e --- /dev/null +++ b/2019/10xxx/CVE-2019-10100.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10100", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10101.json b/2019/10xxx/CVE-2019-10101.json new file mode 100644 index 00000000000..3482fa42210 --- /dev/null +++ b/2019/10xxx/CVE-2019-10101.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10101", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10102.json b/2019/10xxx/CVE-2019-10102.json new file mode 100644 index 00000000000..8f64169cb62 --- /dev/null +++ b/2019/10xxx/CVE-2019-10102.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10102", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10103.json b/2019/10xxx/CVE-2019-10103.json new file mode 100644 index 00000000000..2ac370c41a4 --- /dev/null +++ b/2019/10xxx/CVE-2019-10103.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10103", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10104.json b/2019/10xxx/CVE-2019-10104.json new file mode 100644 index 00000000000..5173cf22917 --- /dev/null +++ b/2019/10xxx/CVE-2019-10104.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10104", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10105.json b/2019/10xxx/CVE-2019-10105.json new file mode 100644 index 00000000000..81bcb661bc1 --- /dev/null +++ b/2019/10xxx/CVE-2019-10105.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager \"Name\" field, which is reachable via a \"Create a new Template\" action to the Design Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://dev.cmsmadesimple.org/bug/view/12002", + "refsource": "MISC", + "name": "http://dev.cmsmadesimple.org/bug/view/12002" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10106.json b/2019/10xxx/CVE-2019-10106.json new file mode 100644 index 00000000000..b61e10c3396 --- /dev/null +++ b/2019/10xxx/CVE-2019-10106.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an \"Add Category\" action to the \"Site Admin Settings - News module\" section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://dev.cmsmadesimple.org/bug/view/12004", + "refsource": "MISC", + "name": "http://dev.cmsmadesimple.org/bug/view/12004" + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10107.json b/2019/10xxx/CVE-2019-10107.json new file mode 100644 index 00000000000..fc821c13b96 --- /dev/null +++ b/2019/10xxx/CVE-2019-10107.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-10107", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CMS Made Simple 2.2.10 has XSS via the myaccount.php \"Email Address\" field, which is reachable via the \"My Preferences -> My Account\" section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://dev.cmsmadesimple.org/bug/view/12003", + "refsource": "MISC", + "name": "http://dev.cmsmadesimple.org/bug/view/12003" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1569.json b/2019/1xxx/CVE-2019-1569.json index ea043ca719a..85f58573085 100644 --- a/2019/1xxx/CVE-2019-1569.json +++ b/2019/1xxx/CVE-2019-1569.json @@ -1,17 +1,71 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1569", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1569", + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto", + "product": { + "product_data": [ + { + "product_name": "Palo Alto Networks Expedition Migration Tool", + "version": { + "version_data": [ + { + "version_value": "Expedition 1.1.8 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2019-13", + "url": "https://www.tenable.com/security/research/tra-2019-13" + }, + { + "refsource": "BID", + "name": "107564", + "url": "http://www.securityfocus.com/bid/107564" + }, + { + "refsource": "MISC", + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user." } ] } diff --git a/2019/1xxx/CVE-2019-1570.json b/2019/1xxx/CVE-2019-1570.json index ea95da6d8b5..8f00f3d1229 100644 --- a/2019/1xxx/CVE-2019-1570.json +++ b/2019/1xxx/CVE-2019-1570.json @@ -1,17 +1,71 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1570", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1570", + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto", + "product": { + "product_data": [ + { + "product_name": "Palo Alto Networks Expedition Migration Tool", + "version": { + "version_data": [ + { + "version_value": "Expedition 1.1.8 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2019-13", + "url": "https://www.tenable.com/security/research/tra-2019-13" + }, + { + "refsource": "BID", + "name": "107564", + "url": "http://www.securityfocus.com/bid/107564" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings." } ] } diff --git a/2019/1xxx/CVE-2019-1572.json b/2019/1xxx/CVE-2019-1572.json index 007adbf1920..2438e7e2aaf 100644 --- a/2019/1xxx/CVE-2019-1572.json +++ b/2019/1xxx/CVE-2019-1572.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-1572", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1572", + "ASSIGNER": "psirt@paloaltonetworks.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Palo Alto", + "product": { + "product_data": [ + { + "product_name": "Palo Alto Networks Expedition Migration Tool", + "version": { + "version_data": [ + { + "version_value": "Expedition 1.1.8 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/142" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings." } ] } diff --git a/2019/6xxx/CVE-2019-6569.json b/2019/6xxx/CVE-2019-6569.json index 65722a7ef69..7bdb7c6f23d 100644 --- a/2019/6xxx/CVE-2019-6569.json +++ b/2019/6xxx/CVE-2019-6569.json @@ -1,17 +1,75 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6569", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6569", + "ASSIGNER": "productcert@siemens.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Scalance", + "product": { + "product_data": [ + { + "product_name": "Scalance X-200, Scalance X-300, Scalance XP/XC/XF-200", + "version": { + "version_data": [ + { + "version_value": "Scalance X-200 : All versions" + }, + { + "version_value": "Scalance X-300 : All versions" + }, + { + "version_value": "Scalance XP/XC/XF-200 : All versions