From 40bd5f45b62e93ccf4111c8cf48d34fd0a4984ae Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 26 Mar 2020 17:01:15 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/13xxx/CVE-2019-13272.json | 5 +++ 2020/0xxx/CVE-2020-0646.json | 5 +++ 2020/10xxx/CVE-2020-10457.json | 5 +++ 2020/10xxx/CVE-2020-10458.json | 5 +++ 2020/10xxx/CVE-2020-10459.json | 5 +++ 2020/10xxx/CVE-2020-10460.json | 5 +++ 2020/10xxx/CVE-2020-10461.json | 5 +++ 2020/10xxx/CVE-2020-10462.json | 5 +++ 2020/10xxx/CVE-2020-10463.json | 5 +++ 2020/10xxx/CVE-2020-10464.json | 5 +++ 2020/10xxx/CVE-2020-10465.json | 5 +++ 2020/10xxx/CVE-2020-10466.json | 5 +++ 2020/10xxx/CVE-2020-10467.json | 5 +++ 2020/10xxx/CVE-2020-10468.json | 5 +++ 2020/10xxx/CVE-2020-10469.json | 5 +++ 2020/10xxx/CVE-2020-10470.json | 5 +++ 2020/10xxx/CVE-2020-10471.json | 5 +++ 2020/10xxx/CVE-2020-10823.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10824.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10825.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10826.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10827.json | 56 ++++++++++++++++++++++++++++++---- 2020/10xxx/CVE-2020-10828.json | 56 ++++++++++++++++++++++++++++++---- 2020/9xxx/CVE-2020-9375.json | 5 +++ 24 files changed, 390 insertions(+), 36 deletions(-) diff --git a/2019/13xxx/CVE-2019-13272.json b/2019/13xxx/CVE-2019-13272.json index 0d6ef2adbc6..690746576fe 100644 --- a/2019/13xxx/CVE-2019-13272.json +++ b/2019/13xxx/CVE-2019-13272.json @@ -186,6 +186,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.html", "url": "http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html", + "url": "http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html" } ] } diff --git a/2020/0xxx/CVE-2020-0646.json b/2020/0xxx/CVE-2020-0646.json index 9556db0f96c..09a5ec5fbcf 100644 --- a/2020/0xxx/CVE-2020-0646.json +++ b/2020/0xxx/CVE-2020-0646.json @@ -671,6 +671,11 @@ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646", "refsource": "MISC", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0646" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html", + "url": "http://packetstormsecurity.com/files/156930/SharePoint-Workflows-XOML-Injection.html" } ] } diff --git a/2020/10xxx/CVE-2020-10457.json b/2020/10xxx/CVE-2020-10457.json index ad286dd2a4e..76acf574f79 100644 --- a/2020/10xxx/CVE-2020-10457.json +++ b/2020/10xxx/CVE-2020-10457.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=137#afr", "refsource": "MISC", "name": "http://antoniocannito.it/?p=137#afr" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb1#arbitrary-file-renaming-cve-2020-10457", + "url": "https://antoniocannito.it/phpkb1#arbitrary-file-renaming-cve-2020-10457" } ] } diff --git a/2020/10xxx/CVE-2020-10458.json b/2020/10xxx/CVE-2020-10458.json index b54cc5765a0..7d0cde2be6b 100644 --- a/2020/10xxx/CVE-2020-10458.json +++ b/2020/10xxx/CVE-2020-10458.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=137#afld", "refsource": "MISC", "name": "http://antoniocannito.it/?p=137#afld" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb1#arbitrary-folder-deletion-cve-2020-10458", + "url": "https://antoniocannito.it/phpkb1#arbitrary-folder-deletion-cve-2020-10458" } ] } diff --git a/2020/10xxx/CVE-2020-10459.json b/2020/10xxx/CVE-2020-10459.json index 8ab9738fae2..192ded3b075 100644 --- a/2020/10xxx/CVE-2020-10459.json +++ b/2020/10xxx/CVE-2020-10459.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=137#afl", "refsource": "MISC", "name": "http://antoniocannito.it/?p=137#afl" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb1#arbitrary-file-listing-cve-2020-10459", + "url": "https://antoniocannito.it/phpkb1#arbitrary-file-listing-cve-2020-10459" } ] } diff --git a/2020/10xxx/CVE-2020-10460.json b/2020/10xxx/CVE-2020-10460.json index a61b142791e..eb55d71fb3b 100644 --- a/2020/10xxx/CVE-2020-10460.json +++ b/2020/10xxx/CVE-2020-10460.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=137#csvinj", "refsource": "MISC", "name": "http://antoniocannito.it/?p=137#csvinj" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb1#csv-injection-cve-2020-10460", + "url": "https://antoniocannito.it/phpkb1#csv-injection-cve-2020-10460" } ] } diff --git a/2020/10xxx/CVE-2020-10461.json b/2020/10xxx/CVE-2020-10461.json index cdb57060043..d068c8df04e 100644 --- a/2020/10xxx/CVE-2020-10461.json +++ b/2020/10xxx/CVE-2020-10461.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=137#bxss2", "refsource": "MISC", "name": "http://antoniocannito.it/?p=137#bxss2" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb1#blind-cross-site-scripting-2-cve-2020-10461", + "url": "https://antoniocannito.it/phpkb1#blind-cross-site-scripting-2-cve-2020-10461" } ] } diff --git a/2020/10xxx/CVE-2020-10462.json b/2020/10xxx/CVE-2020-10462.json index a90e1c9b346..5b006a30cca 100644 --- a/2020/10xxx/CVE-2020-10462.json +++ b/2020/10xxx/CVE-2020-10462.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss1", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss1" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-custom-field-cve-2020-10462", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-custom-field-cve-2020-10462" } ] } diff --git a/2020/10xxx/CVE-2020-10463.json b/2020/10xxx/CVE-2020-10463.json index 5920f8f9958..6209f4e7c16 100644 --- a/2020/10xxx/CVE-2020-10463.json +++ b/2020/10xxx/CVE-2020-10463.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss2", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss2" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-template-cve-2020-10463", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-template-cve-2020-10463" } ] } diff --git a/2020/10xxx/CVE-2020-10464.json b/2020/10xxx/CVE-2020-10464.json index 99b3457228c..c7df77a65d8 100644 --- a/2020/10xxx/CVE-2020-10464.json +++ b/2020/10xxx/CVE-2020-10464.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss3", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss3" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-an-article-cve-2020-10464", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-an-article-cve-2020-10464" } ] } diff --git a/2020/10xxx/CVE-2020-10465.json b/2020/10xxx/CVE-2020-10465.json index 3befb464f85..265a3333bea 100644 --- a/2020/10xxx/CVE-2020-10465.json +++ b/2020/10xxx/CVE-2020-10465.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss4", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss4" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-category-cve-2020-10465", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-category-cve-2020-10465" } ] } diff --git a/2020/10xxx/CVE-2020-10466.json b/2020/10xxx/CVE-2020-10466.json index 9f02b9787d2..119a50080f1 100644 --- a/2020/10xxx/CVE-2020-10466.json +++ b/2020/10xxx/CVE-2020-10466.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss5", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss5" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-cve-2020-10466", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-glossary-term-cve-2020-10466" } ] } diff --git a/2020/10xxx/CVE-2020-10467.json b/2020/10xxx/CVE-2020-10467.json index 45b73f47ddd..ab9c6486880 100644 --- a/2020/10xxx/CVE-2020-10467.json +++ b/2020/10xxx/CVE-2020-10467.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss6", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss6" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-comment-cve-2020-10467", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-comment-cve-2020-10467" } ] } diff --git a/2020/10xxx/CVE-2020-10468.json b/2020/10xxx/CVE-2020-10468.json index bcda66f1ebc..9d745ecc419 100644 --- a/2020/10xxx/CVE-2020-10468.json +++ b/2020/10xxx/CVE-2020-10468.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss7", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss7" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10468", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-news-article-cve-2020-10468" } ] } diff --git a/2020/10xxx/CVE-2020-10469.json b/2020/10xxx/CVE-2020-10469.json index e7428fbf842..05023c3f9b6 100644 --- a/2020/10xxx/CVE-2020-10469.json +++ b/2020/10xxx/CVE-2020-10469.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss8", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss8" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-department-cve-2020-10469", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-editing-a-department-cve-2020-10469" } ] } diff --git a/2020/10xxx/CVE-2020-10470.json b/2020/10xxx/CVE-2020-10470.json index 8644ecceda4..2dc1e0e4fa3 100644 --- a/2020/10xxx/CVE-2020-10470.json +++ b/2020/10xxx/CVE-2020-10470.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss9", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss9" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-sorting-custom-fields-cve-2020-10470", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-sorting-custom-fields-cve-2020-10470" } ] } diff --git a/2020/10xxx/CVE-2020-10471.json b/2020/10xxx/CVE-2020-10471.json index fc6cdfac189..e3b9730ded0 100644 --- a/2020/10xxx/CVE-2020-10471.json +++ b/2020/10xxx/CVE-2020-10471.json @@ -56,6 +56,11 @@ "url": "http://antoniocannito.it/?p=342#xss10", "refsource": "MISC", "name": "http://antoniocannito.it/?p=342#xss10" + }, + { + "refsource": "MISC", + "name": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-sorting-articles-cve-2020-10471", + "url": "https://antoniocannito.it/phpkb2#reflected-cross-site-scripting-when-sorting-articles-cve-2020-10471" } ] } diff --git a/2020/10xxx/CVE-2020-10823.json b/2020/10xxx/CVE-2020-10823.json index 05db29eb591..eedef854375 100644 --- a/2020/10xxx/CVE-2020-10823.json +++ b/2020/10xxx/CVE-2020-10823.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10823", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10823", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/10xxx/CVE-2020-10824.json b/2020/10xxx/CVE-2020-10824.json index ad739a411ba..5f4b8c1ff14 100644 --- a/2020/10xxx/CVE-2020-10824.json +++ b/2020/10xxx/CVE-2020-10824.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10824", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10824", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/10xxx/CVE-2020-10825.json b/2020/10xxx/CVE-2020-10825.json index ecdc5d711e9..37121df5846 100644 --- a/2020/10xxx/CVE-2020-10825.json +++ b/2020/10xxx/CVE-2020-10825.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10825", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10825", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/10xxx/CVE-2020-10826.json b/2020/10xxx/CVE-2020-10826.json index ec027ce5a09..1ee30dc66e9 100644 --- a/2020/10xxx/CVE-2020-10826.json +++ b/2020/10xxx/CVE-2020-10826.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10826", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10826", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/10xxx/CVE-2020-10827.json b/2020/10xxx/CVE-2020-10827.json index 5f1ca09fcce..cb8478848fe 100644 --- a/2020/10xxx/CVE-2020-10827.json +++ b/2020/10xxx/CVE-2020-10827.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10827", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10827", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/10xxx/CVE-2020-10828.json b/2020/10xxx/CVE-2020-10828.json index 0db3b9bc6e8..830a29cdbd2 100644 --- a/2020/10xxx/CVE-2020-10828.json +++ b/2020/10xxx/CVE-2020-10828.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-10828", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-10828", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://slashd.ga/2020/03/draytek-vulnerabilities/", + "url": "https://slashd.ga/2020/03/draytek-vulnerabilities/" } ] } diff --git a/2020/9xxx/CVE-2020-9375.json b/2020/9xxx/CVE-2020-9375.json index a1eabc7a0ba..98605f348f3 100644 --- a/2020/9xxx/CVE-2020-9375.json +++ b/2020/9xxx/CVE-2020-9375.json @@ -61,6 +61,11 @@ "refsource": "CONFIRM", "name": "https://www.tp-link.com/in/support/download/archer-c50/v3/#Firmware", "url": "https://www.tp-link.com/in/support/download/archer-c50/v3/#Firmware" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-Service.html", + "url": "http://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-Service.html" } ] }