diff --git a/2019/13xxx/CVE-2019-13520.json b/2019/13xxx/CVE-2019-13520.json new file mode 100644 index 00000000000..6e52e742065 --- /dev/null +++ b/2019/13xxx/CVE-2019-13520.json @@ -0,0 +1,62 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-13520", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Alpha5 Smart Loader", + "version": { + "version_data": [ + { + "version_value": "All versions prior to 4.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-Based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-227-02", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-02" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4120.json b/2019/4xxx/CVE-2019-4120.json index fa5cfe100dd..e210d912052 100644 --- a/2019/4xxx/CVE-2019-4120.json +++ b/2019/4xxx/CVE-2019-4120.json @@ -1,93 +1,93 @@ { - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Private", - "version" : { - "version_data" : [ - { - "version_value" : "3.1.1" - }, - { - "version_value" : "3.1.2" - } - ] - } - } - ] - } - } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "H", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "UI" : "R", - "PR" : "L", - "I" : "L", - "A" : "N", - "SCORE" : "5.400", - "S" : "C", - "C" : "L", - "AC" : "L", - "AV" : "N" - } - } - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2019-08-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4120" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158146.", - "lang" : "eng" - } - ] - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 885328 (Cloud Private)", - "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10885328", - "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10885328" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158146", - "name" : "ibm-cloud-cve20194120-xss (158146)", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Cloud Private", + "version": { + "version_data": [ + { + "version_value": "3.1.1" + }, + { + "version_value": "3.1.2" + } + ] + } + } + ] + } + } ] - } - ] - } -} + } + }, + "impact": { + "cvssv3": { + "TM": { + "E": "H", + "RC": "C", + "RL": "O" + }, + "BM": { + "UI": "R", + "PR": "L", + "I": "L", + "A": "N", + "SCORE": "5.400", + "S": "C", + "C": "L", + "AC": "L", + "AV": "N" + } + } + }, + "data_type": "CVE", + "CVE_data_meta": { + "DATE_PUBLIC": "2019-08-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4120" + }, + "description": { + "description_data": [ + { + "value": "IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158146.", + "lang": "eng" + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 885328 (Cloud Private)", + "url": "http://www.ibm.com/support/docview.wss?uid=ibm10885328", + "name": "http://www.ibm.com/support/docview.wss?uid=ibm10885328" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158146", + "name": "ibm-cloud-cve20194120-xss (158146)", + "refsource": "XF", + "title": "X-Force Vulnerability Report" + } + ] + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4167.json b/2019/4xxx/CVE-2019-4167.json index 397e4a5295f..d63b23ec615 100644 --- a/2019/4xxx/CVE-2019-4167.json +++ b/2019/4xxx/CVE-2019-4167.json @@ -1,90 +1,90 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Gain Access", - "lang" : "eng" - } - ] - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10967327", - "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10967327", - "title" : "IBM Security Bulletin 967327 (StoredIQ)", - "refsource" : "CONFIRM" - }, - { - "name" : "ibm-storeiq-cve20194167-csrf (158700)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "value" : "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.", - "lang" : "eng" - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2019-4167", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2019-08-14T00:00:00", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "StoredIQ", - "version" : { - "version_data" : [ - { - "version_value" : "7.6.0" - } - ] - } - } - ] - } + "description": [ + { + "value": "Gain Access", + "lang": "eng" + } + ] } - ] - } - }, - "data_format" : "MITRE", - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - }, - "BM" : { - "PR" : "N", - "UI" : "R", - "I" : "L", - "A" : "N", - "SCORE" : "4.300", - "S" : "U", - "AV" : "N", - "C" : "N", - "AC" : "L" - } - } - } -} + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=ibm10967327", + "url": "http://www.ibm.com/support/docview.wss?uid=ibm10967327", + "title": "IBM Security Bulletin 967327 (StoredIQ)", + "refsource": "CONFIRM" + }, + { + "name": "ibm-storeiq-cve20194167-csrf (158700)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158700", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + }, + "data_type": "CVE", + "description": { + "description_data": [ + { + "value": "IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 158700.", + "lang": "eng" + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2019-4167", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2019-08-14T00:00:00", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "StoredIQ", + "version": { + "version_data": [ + { + "version_value": "7.6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + }, + "BM": { + "PR": "N", + "UI": "R", + "I": "L", + "A": "N", + "SCORE": "4.300", + "S": "U", + "AV": "N", + "C": "N", + "AC": "L" + } + } + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4338.json b/2019/4xxx/CVE-2019-4338.json index 000763e6186..b83f65da97e 100644 --- a/2019/4xxx/CVE-2019-4338.json +++ b/2019/4xxx/CVE-2019-4338.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 960858 (Security Guardium Big Data Intelligence)", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10960858", - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10960858" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/161417", - "name" : "ibm-guardium-cve20194338-dos (161417)", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Denial of Service", - "lang" : "eng" - } - ] - } - ] - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "4.0" - } - ] - }, - "product_name" : "Security Guardium Big Data Intelligence" - } - ] - }, - "vendor_name" : "IBM" + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 960858 (Security Guardium Big Data Intelligence)", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10960858", + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10960858" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/161417", + "name": "ibm-guardium-cve20194338-dos (161417)", + "refsource": "XF", + "title": "X-Force Vulnerability Report" } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, - "BM" : { - "A" : "H", - "I" : "N", - "PR" : "N", - "UI" : "N", - "AV" : "N", - "C" : "N", - "AC" : "L", - "S" : "U", - "SCORE" : "7.500" - } - } - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2019-08-16T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4338" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or influenced by an actor. This weakness can be used to consume more resources than intended. IBM X-Force ID: 161417.", - "lang" : "eng" - } - ] - } -} + ] + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Denial of Service", + "lang": "eng" + } + ] + } + ] + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "4.0" + } + ] + }, + "product_name": "Security Guardium Big Data Intelligence" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + }, + "BM": { + "A": "H", + "I": "N", + "PR": "N", + "UI": "N", + "AV": "N", + "C": "N", + "AC": "L", + "S": "U", + "SCORE": "7.500" + } + } + }, + "data_type": "CVE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2019-08-16T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4338" + }, + "description": { + "description_data": [ + { + "value": "IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or influenced by an actor. This weakness can be used to consume more resources than intended. IBM X-Force ID: 161417.", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4340.json b/2019/4xxx/CVE-2019-4340.json index 10ecc5e9723..aa2fd82baca 100644 --- a/2019/4xxx/CVE-2019-4340.json +++ b/2019/4xxx/CVE-2019-4340.json @@ -1,90 +1,90 @@ { - "data_type" : "CVE", - "description" : { - "description_data" : [ - { - "value" : "IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 161419.", - "lang" : "eng" - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2019-08-16T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4340" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Security Guardium Big Data Intelligence", - "version" : { - "version_data" : [ - { - "version_value" : "4.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "value": "IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 161419.", + "lang": "eng" } - ] - } - }, - "data_format" : "MITRE", - "impact" : { - "cvssv3" : { - "BM" : { - "SCORE" : "7.100", - "S" : "U", - "C" : "H", - "AC" : "L", - "AV" : "N", - "UI" : "N", - "PR" : "L", - "I" : "N", - "A" : "L" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2019-08-16T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4340" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Guardium Big Data Intelligence", + "version": { + "version_data": [ + { + "version_value": "4.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10960856", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10960856", - "title" : "IBM Security Bulletin 960856 (Security Guardium Big Data Intelligence)", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "name" : "ibm-guardium-cve20194340-xxe (161419)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/161419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "impact": { + "cvssv3": { + "BM": { + "SCORE": "7.100", + "S": "U", + "C": "H", + "AC": "L", + "AV": "N", + "UI": "N", + "PR": "L", + "I": "N", + "A": "L" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10960856", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10960856", + "title": "IBM Security Bulletin 960856 (Security Guardium Big Data Intelligence)", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "name": "ibm-guardium-cve20194340-xxe (161419)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/161419" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4424.json b/2019/4xxx/CVE-2019-4424.json index a905378787d..050156f611a 100644 --- a/2019/4xxx/CVE-2019-4424.json +++ b/2019/4xxx/CVE-2019-4424.json @@ -1,102 +1,102 @@ { - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 959537 (Business Automation Workflow)", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10959537", - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10959537" - }, - { - "name" : "ibm-baw-cve20194424-xxe (162770)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162770", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF" - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ID" : "CVE-2019-4424", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2019-08-06T00:00:00" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162770.", - "lang" : "eng" - } - ] - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "18.0.0.0" - }, - { - "version_value" : "18.0.0.1" - }, - { - "version_value" : "18.0.0.2" - }, - { - "version_value" : "19.0.0.1" - }, - { - "version_value" : "19.0.0.2" - } - ] - }, - "product_name" : "Business Automation Workflow" - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "SCORE" : "7.100", - "S" : "U", - "AV" : "N", - "C" : "H", - "AC" : "L", - "PR" : "L", - "UI" : "N", - "I" : "N", - "A" : "L" - } - } - } -} + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 959537 (Business Automation Workflow)", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10959537", + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10959537" + }, + { + "name": "ibm-baw-cve20194424-xxe (162770)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/162770", + "title": "X-Force Vulnerability Report", + "refsource": "XF" + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "ID": "CVE-2019-4424", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2019-08-06T00:00:00" + }, + "description": { + "description_data": [ + { + "value": "IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, and 19.0.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162770.", + "lang": "eng" + } + ] + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "18.0.0.0" + }, + { + "version_value": "18.0.0.1" + }, + { + "version_value": "18.0.0.2" + }, + { + "version_value": "19.0.0.1" + }, + { + "version_value": "19.0.0.2" + } + ] + }, + "product_name": "Business Automation Workflow" + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "SCORE": "7.100", + "S": "U", + "AV": "N", + "C": "H", + "AC": "L", + "PR": "L", + "UI": "N", + "I": "N", + "A": "L" + } + } + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4437.json b/2019/4xxx/CVE-2019-4437.json index 9ad0c8d0dea..d0e8c67f86b 100644 --- a/2019/4xxx/CVE-2019-4437.json +++ b/2019/4xxx/CVE-2019-4437.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2019-08-13T00:00:00", - "ID" : "CVE-2019-4437", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947." - } - ] - }, - "data_type" : "CVE", - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "UI" : "N", - "I" : "N", - "A" : "L", - "SCORE" : "8.200", - "S" : "U", - "AV" : "N", - "AC" : "L", - "C" : "H" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "STATE": "PUBLIC", + "DATE_PUBLIC": "2019-08-13T00:00:00", + "ID": "CVE-2019-4437", + "ASSIGNER": "psirt@us.ibm.com" + }, + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "API Connect", - "version" : { - "version_data" : [ - { - "version_value" : "2018.1" - }, - { - "version_value" : "2018.4.1.6" - } - ] - } - } - ] - } + "lang": "eng", + "value": "IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947." } - ] - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "data_type": "CVE", + "impact": { + "cvssv3": { + "BM": { + "PR": "N", + "UI": "N", + "I": "N", + "A": "L", + "SCORE": "8.200", + "S": "U", + "AV": "N", + "AC": "L", + "C": "H" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "API Connect", + "version": { + "version_data": [ + { + "version_value": "2018.1" + }, + { + "version_value": "2018.4.1.6" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "http://www.ibm.com/support/docview.wss?uid=ibm10960876", - "name" : "http://www.ibm.com/support/docview.wss?uid=ibm10960876", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 960876 (API Connect)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/162947", - "name" : "ibm-api-cve20194437-info-disc (162947)", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report" - } - ] - } -} + } + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.ibm.com/support/docview.wss?uid=ibm10960876", + "name": "http://www.ibm.com/support/docview.wss?uid=ibm10960876", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 960876 (API Connect)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/162947", + "name": "ibm-api-cve20194437-info-disc (162947)", + "refsource": "XF", + "title": "X-Force Vulnerability Report" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4482.json b/2019/4xxx/CVE-2019-4482.json index 3b4c1bd460a..67db9510d1f 100644 --- a/2019/4xxx/CVE-2019-4482.json +++ b/2019/4xxx/CVE-2019-4482.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "DATE_PUBLIC" : "2019-08-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2019-4482" - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164066." - } - ] - }, - "data_type" : "CVE", - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "H" - }, - "BM" : { - "A" : "N", - "I" : "L", - "UI" : "R", - "PR" : "L", - "AC" : "L", - "C" : "L", - "AV" : "N", - "S" : "C", - "SCORE" : "5.400" - } - } - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "DATE_PUBLIC": "2019-08-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2019-4482" + }, + "description": { + "description_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Emptoris Spend Analysis", - "version" : { - "version_data" : [ - { - "version_value" : "10.1.0" - }, - { - "version_value" : "10.1.3" - } - ] - } - } - ] - } + "lang": "eng", + "value": "IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164066." } - ] - } - }, - "data_version" : "4.0", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Cross-Site Scripting", - "lang" : "eng" - } + ] + }, + "data_type": "CVE", + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "H" + }, + "BM": { + "A": "N", + "I": "L", + "UI": "R", + "PR": "L", + "AC": "L", + "C": "L", + "AV": "N", + "S": "C", + "SCORE": "5.400" + } + } + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Emptoris Spend Analysis", + "version": { + "version_data": [ + { + "version_value": "10.1.0" + }, + { + "version_value": "10.1.3" + } + ] + } + } + ] + } + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 880217 (Emptoris Spend Analysis)", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10880217", - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10880217" - }, - { - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "name" : "ibm-emptoris-cve20194482-xss (164066)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/164066" - } - ] - } -} + } + }, + "data_version": "4.0", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Cross-Site Scripting", + "lang": "eng" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 880217 (Emptoris Spend Analysis)", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10880217", + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10880217" + }, + { + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "name": "ibm-emptoris-cve20194482-xss (164066)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/164066" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7832.json b/2019/7xxx/CVE-2019-7832.json index de8bbcfdd73..aa8b0330e33 100644 --- a/2019/7xxx/CVE-2019-7832.json +++ b/2019/7xxx/CVE-2019-7832.json @@ -3,7 +3,7 @@ "description_data": [ { "lang": "eng", - "value": "Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] }, @@ -18,7 +18,7 @@ "version": { "version_data": [ { - "version_value": "2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier version, 2015.006.30495 and earlier, and 2015.006.30493 and earlier versions" + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" } ] }, @@ -38,7 +38,7 @@ "description": [ { "lang": "eng", - "value": "Use After Free\u202f\u202f" + "value": "Heap Overflow\u202f" } ] } @@ -48,14 +48,9 @@ "references": { "reference_data": [ { - "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", "refsource": "CONFIRM", - "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-18.html" - }, - { - "refsource": "BID", - "name": "108320", - "url": "http://www.securityfocus.com/bid/108320" + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" } ] }, diff --git a/2019/7xxx/CVE-2019-7965.json b/2019/7xxx/CVE-2019-7965.json index 0c3d4a91a24..7105afb7a85 100644 --- a/2019/7xxx/CVE-2019-7965.json +++ b/2019/7xxx/CVE-2019-7965.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-7965", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Write\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-7965", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8002.json b/2019/8xxx/CVE-2019-8002.json index bf3fb43cfee..2f77e700c03 100644 --- a/2019/8xxx/CVE-2019-8002.json +++ b/2019/8xxx/CVE-2019-8002.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8002", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8002", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8003.json b/2019/8xxx/CVE-2019-8003.json index 3c82363a941..841c3f6cf7f 100644 --- a/2019/8xxx/CVE-2019-8003.json +++ b/2019/8xxx/CVE-2019-8003.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8003", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8003", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8004.json b/2019/8xxx/CVE-2019-8004.json index f0c9c8abcb2..ca9901dc0f0 100644 --- a/2019/8xxx/CVE-2019-8004.json +++ b/2019/8xxx/CVE-2019-8004.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8004", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8004", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8005.json b/2019/8xxx/CVE-2019-8005.json index b89c18a710b..b91c7f1ddfb 100644 --- a/2019/8xxx/CVE-2019-8005.json +++ b/2019/8xxx/CVE-2019-8005.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8005", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8005", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8006.json b/2019/8xxx/CVE-2019-8006.json index 61e2e049be4..c697c49a715 100644 --- a/2019/8xxx/CVE-2019-8006.json +++ b/2019/8xxx/CVE-2019-8006.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8006", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8006", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8007.json b/2019/8xxx/CVE-2019-8007.json index 017fdab6d8e..798fe5bb0c1 100644 --- a/2019/8xxx/CVE-2019-8007.json +++ b/2019/8xxx/CVE-2019-8007.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8007", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8007", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8008.json b/2019/8xxx/CVE-2019-8008.json index b690abb246a..9c08d8fbc86 100644 --- a/2019/8xxx/CVE-2019-8008.json +++ b/2019/8xxx/CVE-2019-8008.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8008", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Write\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8008", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8009.json b/2019/8xxx/CVE-2019-8009.json index da6ea94e5de..804bfbda3ce 100644 --- a/2019/8xxx/CVE-2019-8009.json +++ b/2019/8xxx/CVE-2019-8009.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8009", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Write\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8009", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8010.json b/2019/8xxx/CVE-2019-8010.json index df8306abb78..0fa527c0900 100644 --- a/2019/8xxx/CVE-2019-8010.json +++ b/2019/8xxx/CVE-2019-8010.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8010", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8010", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8011.json b/2019/8xxx/CVE-2019-8011.json index 5e6aa3d25b8..f10f75bb97e 100644 --- a/2019/8xxx/CVE-2019-8011.json +++ b/2019/8xxx/CVE-2019-8011.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8011", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8011", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8012.json b/2019/8xxx/CVE-2019-8012.json index bcb1c62c9e9..2fbfe7166d5 100644 --- a/2019/8xxx/CVE-2019-8012.json +++ b/2019/8xxx/CVE-2019-8012.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8012", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8012", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8013.json b/2019/8xxx/CVE-2019-8013.json index f1ec2ce72c0..f25669d14f5 100644 --- a/2019/8xxx/CVE-2019-8013.json +++ b/2019/8xxx/CVE-2019-8013.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8013", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8013", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8014.json b/2019/8xxx/CVE-2019-8014.json index 0a22e4729ea..fc2da19c935 100644 --- a/2019/8xxx/CVE-2019-8014.json +++ b/2019/8xxx/CVE-2019-8014.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8014", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap Overflow\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8014", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8015.json b/2019/8xxx/CVE-2019-8015.json index 731389cbed1..db2527979cf 100644 --- a/2019/8xxx/CVE-2019-8015.json +++ b/2019/8xxx/CVE-2019-8015.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8015", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap Overflow\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8015", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8016.json b/2019/8xxx/CVE-2019-8016.json index 4c8259bf62e..0dd5fb48034 100644 --- a/2019/8xxx/CVE-2019-8016.json +++ b/2019/8xxx/CVE-2019-8016.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8016", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Write\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8016", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8017.json b/2019/8xxx/CVE-2019-8017.json index b3fb4bf7598..62cb7a1c483 100644 --- a/2019/8xxx/CVE-2019-8017.json +++ b/2019/8xxx/CVE-2019-8017.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8017", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8017", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8018.json b/2019/8xxx/CVE-2019-8018.json index 7b7a479974c..61ef4cda7dc 100644 --- a/2019/8xxx/CVE-2019-8018.json +++ b/2019/8xxx/CVE-2019-8018.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8018", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Read\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8018", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8019.json b/2019/8xxx/CVE-2019-8019.json index 3f7123cf5ec..7d0b90ec5fe 100644 --- a/2019/8xxx/CVE-2019-8019.json +++ b/2019/8xxx/CVE-2019-8019.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8019", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution ." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Type Confusion" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8019", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8023.json b/2019/8xxx/CVE-2019-8023.json index b8d45bb3992..b2a9adf6238 100644 --- a/2019/8xxx/CVE-2019-8023.json +++ b/2019/8xxx/CVE-2019-8023.json @@ -1,18 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-8023", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": ", 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142\u202fand earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier versions" + } + ] + }, + "product_name": "Adobe Acrobat and Reader" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-Bounds Write\u202f\u202f\u202f" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/acrobat/apsb19-41.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2019-8023", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9518.json b/2019/9xxx/CVE-2019-9518.json index 6b5065a7ba7..8ced67ab424 100644 --- a/2019/9xxx/CVE-2019-9518.json +++ b/2019/9xxx/CVE-2019-9518.json @@ -108,6 +108,21 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K46011592", "url": "https://support.f5.com/csp/article/K46011592" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-announce] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames", + "url": "https://lists.apache.org/thread.html/2653c56545573b528f3f6352a29eccaf498bd6fb2a6a59568d81a61d@%3Cannounce.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-users] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames", + "url": "https://lists.apache.org/thread.html/091b518265bce56a16af87b77c8cfacda902a02079e866f9fdf13b61@%3Cusers.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-dev] 20190820 ATS is vulnerable to a HTTP/2 attack with empty frames", + "url": "https://lists.apache.org/thread.html/ff5b0821a6985159a832ff6d1a4bd311ac07ecc7db1e2d8bab619107@%3Cdev.trafficserver.apache.org%3E" } ] },