From 21f4d91dd666898419d7af9866a8d3529331db87 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 10 Jun 2020 19:01:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/12xxx/CVE-2020-12757.json | 61 ++++++++++++++++++++++++++++++---- 2020/13xxx/CVE-2020-13223.json | 61 ++++++++++++++++++++++++++++++---- 2020/13xxx/CVE-2020-13428.json | 2 +- 2020/13xxx/CVE-2020-13444.json | 56 +++++++++++++++++++++++++++---- 2020/13xxx/CVE-2020-13445.json | 56 +++++++++++++++++++++++++++---- 2020/13xxx/CVE-2020-13905.json | 61 ++++++++++++++++++++++++++++++---- 2020/13xxx/CVE-2020-13906.json | 61 ++++++++++++++++++++++++++++++---- 7 files changed, 321 insertions(+), 37 deletions(-) diff --git a/2020/12xxx/CVE-2020-12757.json b/2020/12xxx/CVE-2020-12757.json index ab60f87e5cd..4bf7a4704fa 100644 --- a/2020/12xxx/CVE-2020-12757.json +++ b/2020/12xxx/CVE-2020-12757.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12757", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12757", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HashiCorp Vault and Vault Enterprise 1.4.x before 1.4.2 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.hashicorp.com/blog/category/vault/", + "url": "https://www.hashicorp.com/blog/category/vault/" + }, + { + "refsource": "MISC", + "name": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#142-may-21st-2020", + "url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#142-may-21st-2020" } ] } diff --git a/2020/13xxx/CVE-2020-13223.json b/2020/13xxx/CVE-2020-13223.json index bd0e37c2c9f..ec1727e4a1d 100644 --- a/2020/13xxx/CVE-2020-13223.json +++ b/2020/13xxx/CVE-2020-13223.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13223", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13223", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HashiCorp Vault and Vault Enterprise before 1.3.6, and 1.4.2 before 1.4.2, insert Sensitive Information into a Log File." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.hashicorp.com/blog/category/vault/", + "refsource": "MISC", + "name": "https://www.hashicorp.com/blog/category/vault/" + }, + { + "refsource": "MISC", + "name": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#142-may-21st-2020", + "url": "https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#142-may-21st-2020" } ] } diff --git a/2020/13xxx/CVE-2020-13428.json b/2020/13xxx/CVE-2020-13428.json index 91ff1d404bf..4a391395a51 100644 --- a/2020/13xxx/CVE-2020-13428.json +++ b/2020/13xxx/CVE-2020-13428.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player through 3.2.8 for iOS, and through 3.0.10 for macOS, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file." + "value": "A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file." } ] }, diff --git a/2020/13xxx/CVE-2020-13444.json b/2020/13xxx/CVE-2020-13444.json index 81865a2ad5c..551facea78b 100644 --- a/2020/13xxx/CVE-2020-13444.json +++ b/2020/13xxx/CVE-2020-13444.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13444", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13444", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 19, and 7.2 before fix pack 7, does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317396", + "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317396" } ] } diff --git a/2020/13xxx/CVE-2020-13445.json b/2020/13xxx/CVE-2020-13445.json index 86c14bd6e6f..9126a6e1711 100644 --- a/2020/13xxx/CVE-2020-13445.json +++ b/2020/13xxx/CVE-2020-13445.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13445", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13445", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317411", + "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119317411" } ] } diff --git a/2020/13xxx/CVE-2020-13905.json b/2020/13xxx/CVE-2020-13905.json index b3912fb1250..f9f7d493536 100644 --- a/2020/13xxx/CVE-2020-13905.json +++ b/2020/13xxx/CVE-2020-13905.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13905", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13905", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.irfanview.com/plugins.htm", + "refsource": "MISC", + "name": "https://www.irfanview.com/plugins.htm" + }, + { + "url": "https://github.com/nhiephon/Research/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/nhiephon/Research/blob/master/README.md" } ] } diff --git a/2020/13xxx/CVE-2020-13906.json b/2020/13xxx/CVE-2020-13906.json index 157a621d29a..1600be3bcb0 100644 --- a/2020/13xxx/CVE-2020-13906.json +++ b/2020/13xxx/CVE-2020-13906.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-13906", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-13906", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.irfanview.com/plugins.htm", + "refsource": "MISC", + "name": "https://www.irfanview.com/plugins.htm" + }, + { + "url": "https://github.com/nhiephon/Research/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/nhiephon/Research/blob/master/README.md" } ] }