diff --git a/2019/16xxx/CVE-2019-16112.json b/2019/16xxx/CVE-2019-16112.json new file mode 100644 index 00000000000..10b439dec4a --- /dev/null +++ b/2019/16xxx/CVE-2019-16112.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-16112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/48462", + "url": "https://www.exploit-db.com/exploits/48462" + } + ] + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12427.json b/2020/12xxx/CVE-2020-12427.json index b5aa19b3ae0..c3ae6a70c2f 100644 --- a/2020/12xxx/CVE-2020-12427.json +++ b/2020/12xxx/CVE-2020-12427.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12427", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12427", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.wdc.com/downloads.aspx?g=907&lang=en", + "refsource": "MISC", + "name": "https://support.wdc.com/downloads.aspx?g=907&lang=en" + }, + { + "refsource": "CONFIRM", + "name": "https://www.westerndigital.com/support/productsecurity/wdc-20004-wd-discovery-cross-site-request-forgery-csrf", + "url": "https://www.westerndigital.com/support/productsecurity/wdc-20004-wd-discovery-cross-site-request-forgery-csrf" } ] } diff --git a/2020/12xxx/CVE-2020-12763.json b/2020/12xxx/CVE-2020-12763.json index e96bb2346f0..c59ef40449a 100644 --- a/2020/12xxx/CVE-2020-12763.json +++ b/2020/12xxx/CVE-2020-12763.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12763", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12763", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long \"Authorization: Basic\" RTSP header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://payatu.com/blog/munawwar/trendNet-wireless-camera-buffer-overflow-vulnerability", + "url": "https://payatu.com/blog/munawwar/trendNet-wireless-camera-buffer-overflow-vulnerability" } ] } diff --git a/2020/8xxx/CVE-2020-8020.json b/2020/8xxx/CVE-2020-8020.json index a05641db08d..37bb98a3d66 100644 --- a/2020/8xxx/CVE-2020-8020.json +++ b/2020/8xxx/CVE-2020-8020.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security@suse.de", + "ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2020-05-13T00:00:00.000Z", "ID": "CVE-2020-8020", "STATE": "PUBLIC", @@ -44,7 +44,7 @@ "description_data": [ { "lang": "eng", - "value": "A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS.\nThis issue affects:\nopenSUSE open-build-service\nversions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb." + "value": "A Improper Neutralization of Input During Web Page Generation vulnerability in open-build-service allows remote attackers to store arbitrary JS code to cause XSS. This issue affects: openSUSE open-build-service versions prior to 7cc32c8e2ff7290698e101d9a80a9dc29a5500fb." } ] },