diff --git a/2019/18xxx/CVE-2019-18666.json b/2019/18xxx/CVE-2019-18666.json new file mode 100644 index 00000000000..ec8355f688a --- /dev/null +++ b/2019/18xxx/CVE-2019-18666.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18666", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://c1a.eu/dlink-dap-1360.html", + "refsource": "MISC", + "name": "http://c1a.eu/dlink-dap-1360.html" + }, + { + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171", + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10171" + }, + { + "refsource": "MISC", + "name": "https://daschloer.github.io/sec/dlink-dap-1360.html", + "url": "https://daschloer.github.io/sec/dlink-dap-1360.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19721.json b/2019/19xxx/CVE-2019-19721.json index 7b95f9fdf33..8e334089593 100644 --- a/2019/19xxx/CVE-2019-19721.json +++ b/2019/19xxx/CVE-2019-19721.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19721", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19721", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.videolan.org/security/", + "refsource": "MISC", + "name": "https://www.videolan.org/security/" + }, + { + "refsource": "MISC", + "name": "http://hg.libsdl.org/SDL_image/", + "url": "http://hg.libsdl.org/SDL_image/" + }, + { + "refsource": "MISC", + "name": "https://bugs.gentoo.org/721940", + "url": "https://bugs.gentoo.org/721940" + }, + { + "refsource": "MISC", + "name": "https://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=72afe7ebd8305bf4f5360293b8621cde52ec506b", + "url": "https://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=72afe7ebd8305bf4f5360293b8621cde52ec506b" } ] } diff --git a/2020/12xxx/CVE-2020-12651.json b/2020/12xxx/CVE-2020-12651.json index 93edc0254ff..9d65b3d3900 100644 --- a/2020/12xxx/CVE-2020-12651.json +++ b/2020/12xxx/CVE-2020-12651.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12651", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12651", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.vandyke.com/support/advisory/index.html", + "refsource": "MISC", + "name": "https://www.vandyke.com/support/advisory/index.html" + }, + { + "refsource": "MISC", + "name": "https://twitter.com/taviso/status/1261079774190919680", + "url": "https://twitter.com/taviso/status/1261079774190919680" + }, + { + "refsource": "MISC", + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2033", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=2033" + }, + { + "refsource": "CONFIRM", + "name": "https://www.vandyke.com/products/securecrt/history.txt", + "url": "https://www.vandyke.com/products/securecrt/history.txt" } ] } diff --git a/2020/12xxx/CVE-2020-12798.json b/2020/12xxx/CVE-2020-12798.json index 06b1bbd0e98..dd14dfe49a8 100644 --- a/2020/12xxx/CVE-2020-12798.json +++ b/2020/12xxx/CVE-2020-12798.json @@ -1,17 +1,81 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12798", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12798", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://twitter.com/thatguylevel", + "refsource": "MISC", + "name": "https://twitter.com/thatguylevel" + }, + { + "url": "https://korelogic.com/advisories.html", + "refsource": "MISC", + "name": "https://korelogic.com/advisories.html" + }, + { + "url": "https://github.com/thatguylevel", + "refsource": "MISC", + "name": "https://github.com/thatguylevel" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157715/Cellebrite-UFED-7.5.0.845-Desktop-Escape-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/157715/Cellebrite-UFED-7.5.0.845-Desktop-Escape-Privilege-Escalation.html" + }, + { + "refsource": "MISC", + "name": "https://korelogic.com/Resources/Advisories/KL-001-2020-002.txt", + "url": "https://korelogic.com/Resources/Advisories/KL-001-2020-002.txt" } ] } diff --git a/2020/12xxx/CVE-2020-12889.json b/2020/12xxx/CVE-2020-12889.json index ead01860658..fe6c2791f24 100644 --- a/2020/12xxx/CVE-2020-12889.json +++ b/2020/12xxx/CVE-2020-12889.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12889", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12889", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/MISP/MISP-maltego/commit/3ccde66dab4096ab5663e69f352992cc73e1160b", + "refsource": "MISC", + "name": "https://github.com/MISP/MISP-maltego/commit/3ccde66dab4096ab5663e69f352992cc73e1160b" } ] } diff --git a/2020/13xxx/CVE-2020-13085.json b/2020/13xxx/CVE-2020-13085.json new file mode 100644 index 00000000000..5c9c2e39921 --- /dev/null +++ b/2020/13xxx/CVE-2020-13085.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13085", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13086.json b/2020/13xxx/CVE-2020-13086.json new file mode 100644 index 00000000000..2f5afad8e5f --- /dev/null +++ b/2020/13xxx/CVE-2020-13086.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13086", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13087.json b/2020/13xxx/CVE-2020-13087.json new file mode 100644 index 00000000000..f7cae592634 --- /dev/null +++ b/2020/13xxx/CVE-2020-13087.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13087", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13088.json b/2020/13xxx/CVE-2020-13088.json new file mode 100644 index 00000000000..4fbc24b7652 --- /dev/null +++ b/2020/13xxx/CVE-2020-13088.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13088", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13089.json b/2020/13xxx/CVE-2020-13089.json new file mode 100644 index 00000000000..46f6d341d88 --- /dev/null +++ b/2020/13xxx/CVE-2020-13089.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13089", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13090.json b/2020/13xxx/CVE-2020-13090.json new file mode 100644 index 00000000000..1a9e85b1494 --- /dev/null +++ b/2020/13xxx/CVE-2020-13090.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-13090", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file