diff --git a/2012/6xxx/CVE-2012-6344.json b/2012/6xxx/CVE-2012-6344.json index 25a34530fdb..434a270f20a 100644 --- a/2012/6xxx/CVE-2012-6344.json +++ b/2012/6xxx/CVE-2012-6344.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6344", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Novell ZENworks Configuration Management before 11.2.4 allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.microfocus.com/kb/doc.php?id=7012761", + "refsource": "MISC", + "name": "https://support.microfocus.com/kb/doc.php?id=7012761" } ] } diff --git a/2012/6xxx/CVE-2012-6345.json b/2012/6xxx/CVE-2012-6345.json index 3c8900a82ef..e1650a367ae 100644 --- a/2012/6xxx/CVE-2012-6345.json +++ b/2012/6xxx/CVE-2012-6345.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6345", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.microfocus.com/kb/doc.php?id=7012763", + "refsource": "MISC", + "name": "https://support.microfocus.com/kb/doc.php?id=7012763" } ] } diff --git a/2012/6xxx/CVE-2012-6494.json b/2012/6xxx/CVE-2012-6494.json index e9a0afcb7b6..999bc88d18a 100644 --- a/2012/6xxx/CVE-2012-6494.json +++ b/2012/6xxx/CVE-2012-6494.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6494", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability which allows remote attackers to capture a user's session and gain unauthorized access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "57150", + "url": "http://www.securityfocus.com/bid/57150" + }, + { + "refsource": "XF", + "name": "80982", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80982" } ] } diff --git a/2012/6xxx/CVE-2012-6613.json b/2012/6xxx/CVE-2012-6613.json index b695c49dbb7..b61c14efa81 100644 --- a/2012/6xxx/CVE-2012-6613.json +++ b/2012/6xxx/CVE-2012-6613.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6613", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "EXPLOIT-DB", + "name": "22930", + "url": "http://www.exploit-db.com/exploits/22930/" } ] } diff --git a/2013/1xxx/CVE-2013-1744.json b/2013/1xxx/CVE-2013-1744.json index cda41c98b72..cc351c48a65 100644 --- a/2013/1xxx/CVE-2013-1744.json +++ b/2013/1xxx/CVE-2013-1744.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-1744", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://infosecabsurdity.wordpress.com/research/isa-2013-002/", + "refsource": "MISC", + "name": "http://infosecabsurdity.wordpress.com/research/isa-2013-002/" } ] } diff --git a/2014/0xxx/CVE-2014-0160.json b/2014/0xxx/CVE-2014-0160.json index 87f3abd1438..aeac3a9bbb1 100644 --- a/2014/0xxx/CVE-2014-0160.json +++ b/2014/0xxx/CVE-2014-0160.json @@ -671,6 +671,11 @@ "refsource": "MLIST", "name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html", + "url": "https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html" } ] } diff --git a/2015/9xxx/CVE-2015-9275.json b/2015/9xxx/CVE-2015-9275.json index e354b93b28d..09479833570 100644 --- a/2015/9xxx/CVE-2015-9275.json +++ b/2015/9xxx/CVE-2015-9275.json @@ -61,6 +61,11 @@ "name": "https://bugs.debian.org/774527", "refsource": "MISC", "url": "https://bugs.debian.org/774527" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0103", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00048.html" } ] } diff --git a/2019/0xxx/CVE-2019-0141.json b/2019/0xxx/CVE-2019-0141.json index e361d2aafe8..353f9106aaa 100644 --- a/2019/0xxx/CVE-2019-0141.json +++ b/2019/0xxx/CVE-2019-0141.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-0141", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-0141", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2019/14xxx/CVE-2019-14889.json b/2019/14xxx/CVE-2019-14889.json index 0229b901361..58d4f553756 100644 --- a/2019/14xxx/CVE-2019-14889.json +++ b/2019/14xxx/CVE-2019-14889.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-46b6bd2459", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EV2ONSPDJCTDVORCB4UGRQUZQQ46JHRN/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0102", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00047.html" } ] }, diff --git a/2019/19xxx/CVE-2019-19363.json b/2019/19xxx/CVE-2019-19363.json index 7ed3c6962f9..0307de6786b 100644 --- a/2019/19xxx/CVE-2019-19363.json +++ b/2019/19xxx/CVE-2019-19363.json @@ -61,6 +61,11 @@ "refsource": "FULLDISC", "name": "20200124 CVE-2019-19363 - Local Privilege Escalation in many Ricoh Printer Drivers for Windows", "url": "http://seclists.org/fulldisclosure/2020/Jan/34" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html" } ] } diff --git a/2020/7xxx/CVE-2020-7596.json b/2020/7xxx/CVE-2020-7596.json index 26fed58a431..45951919da0 100644 --- a/2020/7xxx/CVE-2020-7596.json +++ b/2020/7xxx/CVE-2020-7596.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-7596", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "report@snyk.io", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "codecov npm module", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 3.6.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://snyk.io/vuln/SNYK-JS-CODECOV-543183", + "url": "https://snyk.io/vuln/SNYK-JS-CODECOV-543183" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the \"gcov-args\" argument." } ] } diff --git a/2020/7xxx/CVE-2020-7980.json b/2020/7xxx/CVE-2020-7980.json new file mode 100644 index 00000000000..09a2b553665 --- /dev/null +++ b/2020/7xxx/CVE-2020-7980.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-7980", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sku11army.blogspot.com/2020/01/intellian-aptus-web-rce-intellian.html", + "refsource": "MISC", + "name": "https://sku11army.blogspot.com/2020/01/intellian-aptus-web-rce-intellian.html" + } + ] + } +} \ No newline at end of file