diff --git a/2015/9xxx/CVE-2015-9101.json b/2015/9xxx/CVE-2015-9101.json index f06e13cb220..932b8d7ef52 100644 --- a/2015/9xxx/CVE-2015-9101.json +++ b/2015/9xxx/CVE-2015-9101.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file." + "value": "The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98 and 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file." } ] }, @@ -66,6 +66,11 @@ "name": "https://blogs.gentoo.org/ago/2017/06/17/lame-heap-based-buffer-overflow-in-fill_buffer_resample-util-c/", "refsource": "MISC", "url": "https://blogs.gentoo.org/ago/2017/06/17/lame-heap-based-buffer-overflow-in-fill_buffer_resample-util-c/" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2015-9101", + "url": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2015-9101" } ] } diff --git a/2018/12xxx/CVE-2018-12900.json b/2018/12xxx/CVE-2018-12900.json index 6af9f21b1be..8950c4dac85 100644 --- a/2018/12xxx/CVE-2018-12900.json +++ b/2018/12xxx/CVE-2018-12900.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file." + "value": "Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file." } ] }, @@ -86,6 +86,11 @@ "refsource": "DEBIAN", "name": "DSA-4670", "url": "https://www.debian.org/security/2020/dsa-4670" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-12900", + "url": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-12900" } ] } diff --git a/2018/17xxx/CVE-2018-17795.json b/2018/17xxx/CVE-2018-17795.json index ebcaaee7eb7..6fed3f18eb4 100644 --- a/2018/17xxx/CVE-2018-17795.json +++ b/2018/17xxx/CVE-2018-17795.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935." + "value": "The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935." } ] }, @@ -61,6 +61,11 @@ "name": "105445", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105445" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-17795", + "url": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-17795" } ] } diff --git a/2018/18xxx/CVE-2018-18557.json b/2018/18xxx/CVE-2018-18557.json index a60e7cb763d..23cbabddf00 100644 --- a/2018/18xxx/CVE-2018-18557.json +++ b/2018/18xxx/CVE-2018-18557.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write." + "value": "LibTIFF 3.9.3, 3.9.4, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write." } ] }, @@ -96,6 +96,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2053", "url": "https://access.redhat.com/errata/RHSA-2019:2053" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-18557", + "url": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-18557" } ] } diff --git a/2018/6xxx/CVE-2018-6381.json b/2018/6xxx/CVE-2018-6381.json index b82e7c3b90b..7e341a9e0d4 100644 --- a/2018/6xxx/CVE-2018-6381.json +++ b/2018/6xxx/CVE-2018-6381.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data." + "value": "In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64 and 0.13.63 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data." } ] }, @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20200628 [SECURITY] [DLA 2258-1] zziplib security update", "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00029.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-6381", + "url": "https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-6381" } ] } diff --git a/2019/12xxx/CVE-2019-12305.json b/2019/12xxx/CVE-2019-12305.json index aa6568a8555..a6120f90a20 100644 --- a/2019/12xxx/CVE-2019-12305.json +++ b/2019/12xxx/CVE-2019-12305.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-12305", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-12305", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash can be cracked to access the administration panel of the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://digital.security/advisories/cert-ds_advisory-ezcast_pro_ii_admin_password-cve-2019-12305.txt", + "url": "https://digital.security/advisories/cert-ds_advisory-ezcast_pro_ii_admin_password-cve-2019-12305.txt" } ] } diff --git a/2020/25xxx/CVE-2020-25214.json b/2020/25xxx/CVE-2020-25214.json index 36f0f37b707..84849cab678 100644 --- a/2020/25xxx/CVE-2020-25214.json +++ b/2020/25xxx/CVE-2020-25214.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25214", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25214", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the client in Overwolf 0.149.2.30, a channel can be accessed or influenced by an actor that is not an endpoint." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/immunityinc/Advisories/blob/master/2020/CVE-2020-25214.pdf", + "url": "https://github.com/immunityinc/Advisories/blob/master/2020/CVE-2020-25214.pdf" } ] } diff --git a/2020/27xxx/CVE-2020-27188.json b/2020/27xxx/CVE-2020-27188.json new file mode 100644 index 00000000000..4d117eeda31 --- /dev/null +++ b/2020/27xxx/CVE-2020-27188.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27188", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27189.json b/2020/27xxx/CVE-2020-27189.json new file mode 100644 index 00000000000..35c7ffb13e4 --- /dev/null +++ b/2020/27xxx/CVE-2020-27189.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27189", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27190.json b/2020/27xxx/CVE-2020-27190.json new file mode 100644 index 00000000000..18bad168fdd --- /dev/null +++ b/2020/27xxx/CVE-2020-27190.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27190", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27191.json b/2020/27xxx/CVE-2020-27191.json new file mode 100644 index 00000000000..ce3f18821bd --- /dev/null +++ b/2020/27xxx/CVE-2020-27191.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27191", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27192.json b/2020/27xxx/CVE-2020-27192.json new file mode 100644 index 00000000000..f37efd53996 --- /dev/null +++ b/2020/27xxx/CVE-2020-27192.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27192", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27193.json b/2020/27xxx/CVE-2020-27193.json new file mode 100644 index 00000000000..dc51e6ab8e5 --- /dev/null +++ b/2020/27xxx/CVE-2020-27193.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27193", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27194.json b/2020/27xxx/CVE-2020-27194.json new file mode 100644 index 00000000000..0e00d10a4ba --- /dev/null +++ b/2020/27xxx/CVE-2020-27194.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27194", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9365.json b/2020/9xxx/CVE-2020-9365.json index 2277dfb40a6..5a974001994 100644 --- a/2020/9xxx/CVE-2020-9365.json +++ b/2020/9xxx/CVE-2020-9365.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-fa83ea0492", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5/" + }, + { + "refsource": "MISC", + "name": "https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da", + "url": "https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da" } ] }