From 1045ce8af360efb0dc096e89067b517fc7c6de52 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 13 Jan 2020 18:01:10 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/17xxx/CVE-2019-17016.json | 10 ++++ 2019/17xxx/CVE-2019-17017.json | 10 ++++ 2019/17xxx/CVE-2019-17022.json | 10 ++++ 2019/17xxx/CVE-2019-17024.json | 10 ++++ 2019/19xxx/CVE-2019-19891.json | 61 ++++++++++++++++++--- 2019/20xxx/CVE-2019-20209.json | 96 +++++++++++++++++++++++++++++++--- 2019/20xxx/CVE-2019-20210.json | 96 +++++++++++++++++++++++++++++++--- 2019/20xxx/CVE-2019-20211.json | 96 +++++++++++++++++++++++++++++++--- 2019/20xxx/CVE-2019-20212.json | 96 +++++++++++++++++++++++++++++++--- 2020/5xxx/CVE-2020-5195.json | 66 ++++++++++++++++++++--- 10 files changed, 515 insertions(+), 36 deletions(-) diff --git a/2019/17xxx/CVE-2019-17016.json b/2019/17xxx/CVE-2019-17016.json index 00b11eb7548..80512691dfd 100644 --- a/2019/17xxx/CVE-2019-17016.json +++ b/2019/17xxx/CVE-2019-17016.json @@ -93,6 +93,16 @@ "refsource": "BUGTRAQ", "name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "url": "https://seclists.org/bugtraq/2020/Jan/18" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0085", + "url": "https://access.redhat.com/errata/RHSA-2020:0085" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0086", + "url": "https://access.redhat.com/errata/RHSA-2020:0086" } ] }, diff --git a/2019/17xxx/CVE-2019-17017.json b/2019/17xxx/CVE-2019-17017.json index 6eb9928d3b3..36bf0004310 100644 --- a/2019/17xxx/CVE-2019-17017.json +++ b/2019/17xxx/CVE-2019-17017.json @@ -93,6 +93,16 @@ "refsource": "BUGTRAQ", "name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "url": "https://seclists.org/bugtraq/2020/Jan/18" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0085", + "url": "https://access.redhat.com/errata/RHSA-2020:0085" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0086", + "url": "https://access.redhat.com/errata/RHSA-2020:0086" } ] }, diff --git a/2019/17xxx/CVE-2019-17022.json b/2019/17xxx/CVE-2019-17022.json index 229e7961c3a..28a0fe90ee6 100644 --- a/2019/17xxx/CVE-2019-17022.json +++ b/2019/17xxx/CVE-2019-17022.json @@ -93,6 +93,16 @@ "refsource": "BUGTRAQ", "name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "url": "https://seclists.org/bugtraq/2020/Jan/18" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0085", + "url": "https://access.redhat.com/errata/RHSA-2020:0085" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0086", + "url": "https://access.redhat.com/errata/RHSA-2020:0086" } ] }, diff --git a/2019/17xxx/CVE-2019-17024.json b/2019/17xxx/CVE-2019-17024.json index 1a25fd943ab..bf67d1aa017 100644 --- a/2019/17xxx/CVE-2019-17024.json +++ b/2019/17xxx/CVE-2019-17024.json @@ -93,6 +93,16 @@ "refsource": "BUGTRAQ", "name": "20200112 [slackware-security] mozilla-thunderbird (SSA:2020-010-01)", "url": "https://seclists.org/bugtraq/2020/Jan/18" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0085", + "url": "https://access.redhat.com/errata/RHSA-2020:0085" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2020:0086", + "url": "https://access.redhat.com/errata/RHSA-2020:0086" } ] }, diff --git a/2019/19xxx/CVE-2019-19891.json b/2019/19xxx/CVE-2019-19891.json index 8991523f6c8..b9ee9f1e3d4 100644 --- a/2019/19xxx/CVE-2019-19891.json +++ b/2019/19xxx/CVE-2019-19891.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19891", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19891", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack. A successful exploit may allow the attacker to intercept sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mitel.com/support/security-advisories", + "refsource": "MISC", + "name": "https://www.mitel.com/support/security-advisories" + }, + { + "refsource": "CONFIRM", + "name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0009", + "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-19-0009" } ] } diff --git a/2019/20xxx/CVE-2019-20209.json b/2019/20xxx/CVE-2019-20209.json index 8df84241948..88d29cf8f7e 100644 --- a/2019/20xxx/CVE-2019-20209.json +++ b/2019/20xxx/CVE-2019-20209.json @@ -1,17 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20209", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20209", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727", + "refsource": "MISC", + "name": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727" + }, + { + "url": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571", + "refsource": "MISC", + "name": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571" + }, + { + "url": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622", + "refsource": "MISC", + "name": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10013", + "url": "https://wpvulndb.com/vulnerabilities/10013" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10014", + "url": "https://wpvulndb.com/vulnerabilities/10014" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10018", + "url": "https://wpvulndb.com/vulnerabilities/10018" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120111", + "url": "https://cxsecurity.com/issue/WLB-2019120111" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120112", + "url": "https://cxsecurity.com/issue/WLB-2019120112" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120110", + "url": "https://cxsecurity.com/issue/WLB-2019120110" } ] } diff --git a/2019/20xxx/CVE-2019-20210.json b/2019/20xxx/CVE-2019-20210.json index ef56be41895..2b92391b99d 100644 --- a/2019/20xxx/CVE-2019-20210.json +++ b/2019/20xxx/CVE-2019-20210.json @@ -1,17 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20210", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20210", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727", + "refsource": "MISC", + "name": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727" + }, + { + "url": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571", + "refsource": "MISC", + "name": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571" + }, + { + "url": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622", + "refsource": "MISC", + "name": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10013", + "url": "https://wpvulndb.com/vulnerabilities/10013" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10014", + "url": "https://wpvulndb.com/vulnerabilities/10014" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10018", + "url": "https://wpvulndb.com/vulnerabilities/10018" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120111", + "url": "https://cxsecurity.com/issue/WLB-2019120111" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120112", + "url": "https://cxsecurity.com/issue/WLB-2019120112" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120110", + "url": "https://cxsecurity.com/issue/WLB-2019120110" } ] } diff --git a/2019/20xxx/CVE-2019-20211.json b/2019/20xxx/CVE-2019-20211.json index bc3d224ffbd..b67588cc9e5 100644 --- a/2019/20xxx/CVE-2019-20211.json +++ b/2019/20xxx/CVE-2019-20211.json @@ -1,17 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20211", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20211", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727", + "refsource": "MISC", + "name": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727" + }, + { + "url": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571", + "refsource": "MISC", + "name": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571" + }, + { + "url": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622", + "refsource": "MISC", + "name": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10013", + "url": "https://wpvulndb.com/vulnerabilities/10013" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10014", + "url": "https://wpvulndb.com/vulnerabilities/10014" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10018", + "url": "https://wpvulndb.com/vulnerabilities/10018" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120111", + "url": "https://cxsecurity.com/issue/WLB-2019120111" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120112", + "url": "https://cxsecurity.com/issue/WLB-2019120112" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120110", + "url": "https://cxsecurity.com/issue/WLB-2019120110" } ] } diff --git a/2019/20xxx/CVE-2019-20212.json b/2019/20xxx/CVE-2019-20212.json index 2cb83295e13..e2becbc1fef 100644 --- a/2019/20xxx/CVE-2019-20212.json +++ b/2019/20xxx/CVE-2019-20212.json @@ -1,17 +1,101 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20212", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20212", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727", + "refsource": "MISC", + "name": "https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727" + }, + { + "url": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571", + "refsource": "MISC", + "name": "https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571" + }, + { + "url": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622", + "refsource": "MISC", + "name": "https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10013", + "url": "https://wpvulndb.com/vulnerabilities/10013" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10014", + "url": "https://wpvulndb.com/vulnerabilities/10014" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10018", + "url": "https://wpvulndb.com/vulnerabilities/10018" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120111", + "url": "https://cxsecurity.com/issue/WLB-2019120111" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120112", + "url": "https://cxsecurity.com/issue/WLB-2019120112" + }, + { + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2019120110", + "url": "https://cxsecurity.com/issue/WLB-2019120110" } ] } diff --git a/2020/5xxx/CVE-2020-5195.json b/2020/5xxx/CVE-2020-5195.json index 98b86ad9f35..f12dfb2fc25 100644 --- a/2020/5xxx/CVE-2020-5195.json +++ b/2020/5xxx/CVE-2020-5195.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5195", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5195", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. This occurs because of the folder_up.png IMG element not properly sanitizing user-inserted directory paths. The path modification must be done on a publicly shared folder for a remote attacker to insert arbitrary JavaScript or HTML. The vulnerability impacts anyone who clicks the malicious link crafted by the attacker." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.cerberusftp.com/hc/en-us/community/topics/360000164199-Announcements", + "refsource": "MISC", + "name": "https://support.cerberusftp.com/hc/en-us/community/topics/360000164199-Announcements" + }, + { + "refsource": "MISC", + "name": "https://www.doyler.net/security-not-included/cerberus-ftp-vulnerabilities", + "url": "https://www.doyler.net/security-not-included/cerberus-ftp-vulnerabilities" + }, + { + "refsource": "MISC", + "name": "https://www.cerberusftp.com/xss-vulnerability-in-public-shares-fixed-in-cerberus-ftp-server-version-11-0-1-and-10-0-17/", + "url": "https://www.cerberusftp.com/xss-vulnerability-in-public-shares-fixed-in-cerberus-ftp-server-version-11-0-1-and-10-0-17/" } ] }