diff --git a/2018/8xxx/CVE-2018-8062.json b/2018/8xxx/CVE-2018-8062.json index 3ca232a4e0d..48f0255ba1f 100644 --- a/2018/8xxx/CVE-2018-8062.json +++ b/2018/8xxx/CVE-2018-8062.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-8062", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159618/Comtrend-AR-5387un-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/159618/Comtrend-AR-5387un-Cross-Site-Scripting.html" } ] } diff --git a/2019/14xxx/CVE-2019-14711.json b/2019/14xxx/CVE-2019-14711.json new file mode 100644 index 00000000000..1003c5bfb1e --- /dev/null +++ b/2019/14xxx/CVE-2019-14711.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14711", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-20/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-20/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14712.json b/2019/14xxx/CVE-2019-14712.json new file mode 100644 index 00000000000..6da6514905f --- /dev/null +++ b/2019/14xxx/CVE-2019-14712.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-24/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-24/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14713.json b/2019/14xxx/CVE-2019-14713.json new file mode 100644 index 00000000000..e9d406592db --- /dev/null +++ b/2019/14xxx/CVE-2019-14713.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-21/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-21/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14715.json b/2019/14xxx/CVE-2019-14715.json new file mode 100644 index 00000000000..666c2036e11 --- /dev/null +++ b/2019/14xxx/CVE-2019-14715.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14715", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-28/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-28/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14716.json b/2019/14xxx/CVE-2019-14716.json new file mode 100644 index 00000000000..147594f5ef4 --- /dev/null +++ b/2019/14xxx/CVE-2019-14716.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-27/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-27/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14717.json b/2019/14xxx/CVE-2019-14717.json new file mode 100644 index 00000000000..8334a0794d6 --- /dev/null +++ b/2019/14xxx/CVE-2019-14717.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-26/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-26/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14718.json b/2019/14xxx/CVE-2019-14718.json new file mode 100644 index 00000000000..1159668db9d --- /dev/null +++ b/2019/14xxx/CVE-2019-14718.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-22/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-22/" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14719.json b/2019/14xxx/CVE-2019-14719.json new file mode 100644 index 00000000000..42271ecc77c --- /dev/null +++ b/2019/14xxx/CVE-2019-14719.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14719", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-23/", + "url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-23/" + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15002.json b/2020/15xxx/CVE-2020-15002.json index 39f87d76f93..f82c2c8187e 100644 --- a/2020/15xxx/CVE-2020-15002.json +++ b/2020/15xxx/CVE-2020-15002.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15002", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15002", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-xchange.com/", + "refsource": "MISC", + "name": "https://www.open-xchange.com/" + }, + { + "refsource": "CONFIRM", + "name": "https://seclists.org/fulldisclosure/2020/Oct/20", + "url": "https://seclists.org/fulldisclosure/2020/Oct/20" } ] } diff --git a/2020/15xxx/CVE-2020-15003.json b/2020/15xxx/CVE-2020-15003.json index bbe68eeb8e9..5ae42e3f417 100644 --- a/2020/15xxx/CVE-2020-15003.json +++ b/2020/15xxx/CVE-2020-15003.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15003", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15003", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-xchange.com/", + "refsource": "MISC", + "name": "https://www.open-xchange.com/" + }, + { + "refsource": "CONFIRM", + "name": "https://seclists.org/fulldisclosure/2020/Oct/20", + "url": "https://seclists.org/fulldisclosure/2020/Oct/20" } ] } diff --git a/2020/15xxx/CVE-2020-15004.json b/2020/15xxx/CVE-2020-15004.json index c2a73e9afa0..9afacfe9b21 100644 --- a/2020/15xxx/CVE-2020-15004.json +++ b/2020/15xxx/CVE-2020-15004.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15004", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15004", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.open-xchange.com/", + "refsource": "MISC", + "name": "https://www.open-xchange.com/" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2020/Oct/20", + "url": "https://seclists.org/fulldisclosure/2020/Oct/20" } ] } diff --git a/2020/26xxx/CVE-2020-26887.json b/2020/26xxx/CVE-2020-26887.json index dd9089cdbac..4fce915419c 100644 --- a/2020/26xxx/CVE-2020-26887.json +++ b/2020/26xxx/CVE-2020-26887.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26887", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26887", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://en.avm.de/news/", + "refsource": "MISC", + "name": "https://en.avm.de/news/" + }, + { + "url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses", + "refsource": "MISC", + "name": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159606/FRITZ-Box-7.20-DNS-Rebinding-Protection-Bypass.html", + "url": "http://packetstormsecurity.com/files/159606/FRITZ-Box-7.20-DNS-Rebinding-Protection-Bypass.html" } ] } diff --git a/2020/27xxx/CVE-2020-27689.json b/2020/27xxx/CVE-2020-27689.json new file mode 100644 index 00000000000..57f3e89bfff --- /dev/null +++ b/2020/27xxx/CVE-2020-27689.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27689", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27690.json b/2020/27xxx/CVE-2020-27690.json new file mode 100644 index 00000000000..83fa3a8b08a --- /dev/null +++ b/2020/27xxx/CVE-2020-27690.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27690", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27691.json b/2020/27xxx/CVE-2020-27691.json new file mode 100644 index 00000000000..dacb382e42f --- /dev/null +++ b/2020/27xxx/CVE-2020-27691.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27691", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27692.json b/2020/27xxx/CVE-2020-27692.json new file mode 100644 index 00000000000..db9389aa128 --- /dev/null +++ b/2020/27xxx/CVE-2020-27692.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27692", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9331.json b/2020/9xxx/CVE-2020-9331.json index 2d0779685ef..4e628a219e2 100644 --- a/2020/9xxx/CVE-2020-9331.json +++ b/2020/9xxx/CVE-2020-9331.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9331", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9331", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.youtube.com/watch?v=b5vPDmMtzwQ", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=b5vPDmMtzwQ" } ] } diff --git a/2020/9xxx/CVE-2020-9361.json b/2020/9xxx/CVE-2020-9361.json index 9018c14c16b..4157007e6e9 100644 --- a/2020/9xxx/CVE-2020-9361.json +++ b/2020/9xxx/CVE-2020-9361.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9361", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9361", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local users with the SeChangeNotifyPrivilege right to cause denial of service because user-mode input is mishandled during process creation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.youtube.com/watch?v=b5vPDmMtzwQ", + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=b5vPDmMtzwQ" } ] }