From 3691c8d67ba235ce88ff198616d20f7fe62bf3af Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 May 2020 15:01:16 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/10xxx/CVE-2020-10957.json | 7 ++- 2020/10xxx/CVE-2020-10958.json | 5 +++ 2020/10xxx/CVE-2020-10967.json | 80 +++++++++++++++++++++++++++++++--- 2020/12xxx/CVE-2020-12255.json | 56 +++++++++++++++++++++--- 2020/12xxx/CVE-2020-12256.json | 56 +++++++++++++++++++++--- 2020/12xxx/CVE-2020-12801.json | 77 +++++++++++++++++++++++++++++--- 2020/8xxx/CVE-2020-8035.json | 61 +++++++++++++++++++++++--- 7 files changed, 311 insertions(+), 31 deletions(-) diff --git a/2020/10xxx/CVE-2020-10957.json b/2020/10xxx/CVE-2020-10957.json index 57dc4990bab..98f5b572107 100644 --- a/2020/10xxx/CVE-2020-10957.json +++ b/2020/10xxx/CVE-2020-10957.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login or lmtp." + "value": "In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp." } ] }, @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://www.openwall.com/lists/oss-security/2020/05/18/1", "url": "https://www.openwall.com/lists/oss-security/2020/05/18/1" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200518 Multiple vulnerabilities in Dovecot IMAP server", + "url": "http://www.openwall.com/lists/oss-security/2020/05/18/1" } ] }, diff --git a/2020/10xxx/CVE-2020-10958.json b/2020/10xxx/CVE-2020-10958.json index 1eda0a6a831..20e08539056 100644 --- a/2020/10xxx/CVE-2020-10958.json +++ b/2020/10xxx/CVE-2020-10958.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://www.openwall.com/lists/oss-security/2020/05/18/1", "url": "https://www.openwall.com/lists/oss-security/2020/05/18/1" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200518 Multiple vulnerabilities in Dovecot IMAP server", + "url": "http://www.openwall.com/lists/oss-security/2020/05/18/1" } ] }, diff --git a/2020/10xxx/CVE-2020-10967.json b/2020/10xxx/CVE-2020-10967.json index 616c037336a..559f1babe38 100644 --- a/2020/10xxx/CVE-2020-10967.json +++ b/2020/10xxx/CVE-2020-10967.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10967", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10967", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://dovecot.org/security", + "refsource": "MISC", + "name": "https://dovecot.org/security" + }, + { + "refsource": "CONFIRM", + "name": "https://www.openwall.com/lists/oss-security/2020/05/18/1", + "url": "https://www.openwall.com/lists/oss-security/2020/05/18/1" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20200518 Multiple vulnerabilities in Dovecot IMAP server", + "url": "http://www.openwall.com/lists/oss-security/2020/05/18/1" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:L/C:N/I:N/PR:N/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12255.json b/2020/12xxx/CVE-2020-12255.json index 8ea6ce1b89b..b990799517d 100644 --- a/2020/12xxx/CVE-2020-12255.json +++ b/2020/12xxx/CVE-2020-12255.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12255", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12255", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/farid007/9f6ad063645d5b1550298c8b9ae953ff", + "url": "https://gist.github.com/farid007/9f6ad063645d5b1550298c8b9ae953ff" } ] } diff --git a/2020/12xxx/CVE-2020-12256.json b/2020/12xxx/CVE-2020-12256.json index 7c5c71607e2..daa2c8f47b6 100644 --- a/2020/12xxx/CVE-2020-12256.json +++ b/2020/12xxx/CVE-2020-12256.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12256", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12256", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8", + "url": "https://gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8" } ] } diff --git a/2020/12xxx/CVE-2020-12801.json b/2020/12xxx/CVE-2020-12801.json index 3d1aef4e972..557f7528780 100644 --- a/2020/12xxx/CVE-2020-12801.json +++ b/2020/12xxx/CVE-2020-12801.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@documentfoundation.org", + "DATE_PUBLIC": "2020-05-18T00:00:00.000Z", "ID": "CVE-2020-12801", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "LibreOffice", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6-3 series", + "version_value": "6.3.6" + }, + { + "version_affected": "<", + "version_name": "6-4 series", + "version_value": "6.4.3" + } + ] + } + } + ] + }, + "vendor_name": "The Document Foundation" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to Tomas Florian for raising awareness of the issue" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-311 Missing Encryption of Sensitive Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801", + "name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8035.json b/2020/8xxx/CVE-2020-8035.json index ec149b8edb9..3118a2ba580 100644 --- a/2020/8xxx/CVE-2020-8035.json +++ b/2020/8xxx/CVE-2020-8035.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-8035", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-8035", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://lists.horde.org/archives/announce/2020/001290.html", + "url": "https://lists.horde.org/archives/announce/2020/001290.html" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES", + "url": "https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES" } ] }