diff --git a/2016/4xxx/CVE-2016-4303.json b/2016/4xxx/CVE-2016-4303.json index c020207041b..e7e9f3d34b3 100644 --- a/2016/4xxx/CVE-2016-4303.json +++ b/2016/4xxx/CVE-2016-4303.json @@ -86,6 +86,11 @@ "name": "openSUSE-SU-2016:2121", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00090.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20200127 [SECURITY] [DLA 2080-1] iperf3 security update", + "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00023.html" } ] } diff --git a/2019/0xxx/CVE-2019-0205.json b/2019/0xxx/CVE-2019-0205.json index 730a0bea275..a0bcd0fb5d0 100644 --- a/2019/0xxx/CVE-2019-0205.json +++ b/2019/0xxx/CVE-2019-0205.json @@ -123,6 +123,11 @@ "refsource": "MLIST", "name": "[thrift-dev] 20200125 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version", "url": "https://lists.apache.org/thread.html/r4633082b834eebccd0d322697651d931ab10ca9c51ee7ef18e1f60f4@%3Cdev.thrift.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[thrift-dev] 20200127 [jira] [Commented] (THRIFT-5075) Backport fixes for CVE-2019-0205 to (Java) 0.9.3-1 version", + "url": "https://lists.apache.org/thread.html/r137753c9df8dd9065bea27a26af49aadc406b5a57fc584fefa008afd@%3Cdev.thrift.apache.org%3E" } ] }, diff --git a/2019/20xxx/CVE-2019-20434.json b/2019/20xxx/CVE-2019-20434.json new file mode 100644 index 00000000000..ef7ef9315d8 --- /dev/null +++ b/2019/20xxx/CVE-2019-20434.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20434", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20435.json b/2019/20xxx/CVE-2019-20435.json new file mode 100644 index 00000000000..77102b24e6c --- /dev/null +++ b/2019/20xxx/CVE-2019-20435.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20435", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20436.json b/2019/20xxx/CVE-2019-20436.json new file mode 100644 index 00000000000..abaa1f0cfcc --- /dev/null +++ b/2019/20xxx/CVE-2019-20436.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20436", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20437.json b/2019/20xxx/CVE-2019-20437.json new file mode 100644 index 00000000000..96ef7ea9665 --- /dev/null +++ b/2019/20xxx/CVE-2019-20437.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20437", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20438.json b/2019/20xxx/CVE-2019-20438.json new file mode 100644 index 00000000000..c3761d7b5ee --- /dev/null +++ b/2019/20xxx/CVE-2019-20438.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20439.json b/2019/20xxx/CVE-2019-20439.json new file mode 100644 index 00000000000..2d64bf94d1b --- /dev/null +++ b/2019/20xxx/CVE-2019-20439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20440.json b/2019/20xxx/CVE-2019-20440.json new file mode 100644 index 00000000000..61a0ce6d5db --- /dev/null +++ b/2019/20xxx/CVE-2019-20440.json @@ -0,0 +1,81 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the update API documentation feature of the API Publisher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0646", + "refsource": "MISC", + "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0646" + }, + { + "url": "https://github.com/cybersecurityworks/Disclosed/issues/24", + "refsource": "MISC", + "name": "https://github.com/cybersecurityworks/Disclosed/issues/24" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:H/S:U/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20441.json b/2019/20xxx/CVE-2019-20441.json new file mode 100644 index 00000000000..c741b495e74 --- /dev/null +++ b/2019/20xxx/CVE-2019-20441.json @@ -0,0 +1,81 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vulnerability has been identified in the 'implement phase' of the API Publisher." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0647", + "refsource": "MISC", + "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0647" + }, + { + "url": "https://github.com/cybersecurityworks/Disclosed/issues/23", + "refsource": "MISC", + "name": "https://github.com/cybersecurityworks/Disclosed/issues/23" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:H/S:C/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20442.json b/2019/20xxx/CVE-2019-20442.json new file mode 100644 index 00000000000..28f0297aa0b --- /dev/null +++ b/2019/20xxx/CVE-2019-20442.json @@ -0,0 +1,81 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulnerability in roleToAuthorize has been identified in the registry UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0636", + "refsource": "MISC", + "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0636" + }, + { + "url": "https://github.com/cybersecurityworks/Disclosed/issues/25", + "refsource": "MISC", + "name": "https://github.com/cybersecurityworks/Disclosed/issues/25" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:H/S:U/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20443.json b/2019/20xxx/CVE-2019-20443.json new file mode 100644 index 00000000000..1797e791e15 --- /dev/null +++ b/2019/20xxx/CVE-2019-20443.json @@ -0,0 +1,81 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulnerability in mediaType has been identified in the registry UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0636", + "refsource": "MISC", + "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0636" + }, + { + "url": "https://github.com/cybersecurityworks/Disclosed/issues/26", + "refsource": "MISC", + "name": "https://github.com/cybersecurityworks/Disclosed/issues/26" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:H/S:U/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7131.json b/2019/7xxx/CVE-2019-7131.json index 7832356b98c..1f7301a7674 100644 --- a/2019/7xxx/CVE-2019-7131.json +++ b/2019/7xxx/CVE-2019-7131.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7131", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "2019.010.20064\u00a0and earlier, 2019.010.20064\u00a0and earlier, 2017.011.30110\u00a0and earlier version, and 2015.006.30461\u00a0and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-02.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-02.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7131", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8257.json b/2019/8xxx/CVE-2019-8257.json index b79eb5697b7..3565b55b061 100644 --- a/2019/8xxx/CVE-2019-8257.json +++ b/2019/8xxx/CVE-2019-8257.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8257", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8257", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file