diff --git a/2013/2xxx/CVE-2013-2600.json b/2013/2xxx/CVE-2013-2600.json index 6c8c0a0f4b3..8296480290b 100644 --- a/2013/2xxx/CVE-2013-2600.json +++ b/2013/2xxx/CVE-2013-2600.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2600", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MiniUPnPd has information disclosure use of snprintf()" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-2600", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-2600" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85774", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85774" + }, + { + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0085.html", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0085.html" + }, + { + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0086.html", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0086.html" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/bugtraq/2013/Jul/84", + "url": "https://seclists.org/bugtraq/2013/Jul/84" } ] } diff --git a/2013/2xxx/CVE-2013-2738.json b/2013/2xxx/CVE-2013-2738.json index 4ab8bdf24b8..f4be04a4301 100644 --- a/2013/2xxx/CVE-2013-2738.json +++ b/2013/2xxx/CVE-2013-2738.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2738", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "minidlna has SQL Injection that may allow retrieval of arbitrary files" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-2738", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-2738" + }, + { + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0100.html", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0100.html" + }, + { + "refsource": "MISC", + "name": "http://media.blackhat.com/bh-us-12/Briefings/Cutlip/BH_US_12_Cutlip_SQL_Exploitation_WP.pdf", + "url": "http://media.blackhat.com/bh-us-12/Briefings/Cutlip/BH_US_12_Cutlip_SQL_Exploitation_WP.pdf" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/archive/1/527299/30/0", + "url": "https://www.securityfocus.com/archive/1/527299/30/0" } ] } diff --git a/2019/16xxx/CVE-2019-16908.json b/2019/16xxx/CVE-2019-16908.json new file mode 100644 index 00000000000..578b1297e00 --- /dev/null +++ b/2019/16xxx/CVE-2019-16908.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Infosysta \"In-App & Desktop Notifications\" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://marketplace.atlassian.com/apps/1217434/in-app-desktop-notifications-for-jira", + "refsource": "MISC", + "name": "https://marketplace.atlassian.com/apps/1217434/in-app-desktop-notifications-for-jira" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154992/Infosysta-Jira-1.6.13_J8-Project-List-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/154992/Infosysta-Jira-1.6.13_J8-Project-List-Authentication-Bypass.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/16xxx/CVE-2019-16909.json b/2019/16xxx/CVE-2019-16909.json new file mode 100644 index 00000000000..2d94f5f1809 --- /dev/null +++ b/2019/16xxx/CVE-2019-16909.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16909", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Infosysta \"In-App & Desktop Notifications\" app before 1.6.14_J8 for Jira. It is possible to obtain a list of all Jira projects (with authentication as a Jira user, but without authorization for specific projects) via the plugins/servlet/nfj/NotificationSettings URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://marketplace.atlassian.com/apps/1217434/in-app-desktop-notifications-for-jira", + "refsource": "MISC", + "name": "https://marketplace.atlassian.com/apps/1217434/in-app-desktop-notifications-for-jira" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/154992/Infosysta-Jira-1.6.13_J8-Project-List-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/154992/Infosysta-Jira-1.6.13_J8-Project-List-Authentication-Bypass.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18636.json b/2019/18xxx/CVE-2019-18636.json new file mode 100644 index 00000000000..4f7bfbe69b8 --- /dev/null +++ b/2019/18xxx/CVE-2019-18636.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka ASP.NET forum) 8.3.8 allows remote attackers to inject arbitrary web script or HTML via the gravatar URL parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.jitbit.com/asp-net-forum/versionhistory/", + "refsource": "MISC", + "name": "https://www.jitbit.com/asp-net-forum/versionhistory/" + }, + { + "refsource": "MISC", + "name": "https://reallinkers.github.io/CVE-2019-18636/", + "url": "https://reallinkers.github.io/CVE-2019-18636/" + } + ] + } +} \ No newline at end of file