diff --git a/2018/12xxx/CVE-2018-12641.json b/2018/12xxx/CVE-2018-12641.json index 3dc560571d5..9a8a1f81f43 100644 --- a/2018/12xxx/CVE-2018-12641.json +++ b/2018/12xxx/CVE-2018-12641.json @@ -76,6 +76,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2075", "url": "https://access.redhat.com/errata/RHSA-2019:2075" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/12xxx/CVE-2018-12697.json b/2018/12xxx/CVE-2018-12697.json index 04ec3d64e1d..2633116edbd 100644 --- a/2018/12xxx/CVE-2018-12697.json +++ b/2018/12xxx/CVE-2018-12697.json @@ -81,6 +81,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2075", "url": "https://access.redhat.com/errata/RHSA-2019:2075" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/12xxx/CVE-2018-12698.json b/2018/12xxx/CVE-2018-12698.json index 813b9ba8310..69c27a9c97f 100644 --- a/2018/12xxx/CVE-2018-12698.json +++ b/2018/12xxx/CVE-2018-12698.json @@ -76,6 +76,11 @@ "refsource": "GENTOO", "name": "GLSA-201908-01", "url": "https://security.gentoo.org/glsa/201908-01" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/12xxx/CVE-2018-12934.json b/2018/12xxx/CVE-2018-12934.json index 235c09dc6f9..a77da78c9f0 100644 --- a/2018/12xxx/CVE-2018-12934.json +++ b/2018/12xxx/CVE-2018-12934.json @@ -66,6 +66,11 @@ "name": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", "refsource": "MISC", "url": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/17xxx/CVE-2018-17794.json b/2018/17xxx/CVE-2018-17794.json index 7a19a17122b..7753c5df439 100644 --- a/2018/17xxx/CVE-2018-17794.json +++ b/2018/17xxx/CVE-2018-17794.json @@ -56,6 +56,11 @@ "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", "refsource": "MISC", "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/17xxx/CVE-2018-17985.json b/2018/17xxx/CVE-2018-17985.json index 9426b425e14..7dabca5a406 100644 --- a/2018/17xxx/CVE-2018-17985.json +++ b/2018/17xxx/CVE-2018-17985.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2432", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/18xxx/CVE-2018-18483.json b/2018/18xxx/CVE-2018-18483.json index e52ddfab1c2..b8bd2e936ca 100644 --- a/2018/18xxx/CVE-2018-18483.json +++ b/2018/18xxx/CVE-2018-18483.json @@ -76,6 +76,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2432", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/18xxx/CVE-2018-18484.json b/2018/18xxx/CVE-2018-18484.json index 582717f6378..8c836c1e0e1 100644 --- a/2018/18xxx/CVE-2018-18484.json +++ b/2018/18xxx/CVE-2018-18484.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2432", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/18xxx/CVE-2018-18700.json b/2018/18xxx/CVE-2018-18700.json index d09bcdf1606..be53ffde680 100644 --- a/2018/18xxx/CVE-2018-18700.json +++ b/2018/18xxx/CVE-2018-18700.json @@ -56,6 +56,11 @@ "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", "refsource": "MISC", "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/18xxx/CVE-2018-18701.json b/2018/18xxx/CVE-2018-18701.json index fc22ea3f1c5..44a4dcc87ab 100644 --- a/2018/18xxx/CVE-2018-18701.json +++ b/2018/18xxx/CVE-2018-18701.json @@ -56,6 +56,11 @@ "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", "refsource": "MISC", "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2018/21xxx/CVE-2018-21145.json b/2018/21xxx/CVE-2018-21145.json index 5204b8bb6ee..5df349fcefd 100644 --- a/2018/21xxx/CVE-2018-21145.json +++ b/2018/21xxx/CVE-2018-21145.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-21145", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-21145", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000059488/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3160", + "url": "https://kb.netgear.com/000059488/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3160" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2018/21xxx/CVE-2018-21146.json b/2018/21xxx/CVE-2018-21146.json index 6133792710f..fadd0396258 100644 --- a/2018/21xxx/CVE-2018-21146.json +++ b/2018/21xxx/CVE-2018-21146.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-21146", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-21146", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000059487/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3159", + "url": "https://kb.netgear.com/000059487/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3159" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2018/21xxx/CVE-2018-21147.json b/2018/21xxx/CVE-2018-21147.json index e3a55119b27..69d2c918f96 100644 --- a/2018/21xxx/CVE-2018-21147.json +++ b/2018/21xxx/CVE-2018-21147.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-21147", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-21147", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000059486/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3158", + "url": "https://kb.netgear.com/000059486/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3158" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2018/21xxx/CVE-2018-21148.json b/2018/21xxx/CVE-2018-21148.json index 9954d6bb5c0..7765c4019e4 100644 --- a/2018/21xxx/CVE-2018-21148.json +++ b/2018/21xxx/CVE-2018-21148.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2018-21148", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2018-21148", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000059485/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3157", + "url": "https://kb.netgear.com/000059485/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3157" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9138.json b/2018/9xxx/CVE-2018-9138.json index fc1f6ffb73b..824444ddcf9 100644 --- a/2018/9xxx/CVE-2018-9138.json +++ b/2018/9xxx/CVE-2018-9138.json @@ -56,6 +56,11 @@ "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23008" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2019/14xxx/CVE-2019-14250.json b/2019/14xxx/CVE-2019-14250.json index bbf8584b3dd..13a2962ae50 100644 --- a/2019/14xxx/CVE-2019-14250.json +++ b/2019/14xxx/CVE-2019-14250.json @@ -81,6 +81,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:2365", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9070.json b/2019/9xxx/CVE-2019-9070.json index 57b772dc3fb..4e7f6d62a53 100644 --- a/2019/9xxx/CVE-2019-9070.json +++ b/2019/9xxx/CVE-2019-9070.json @@ -76,6 +76,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K13534168", "url": "https://support.f5.com/csp/article/K13534168" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9071.json b/2019/9xxx/CVE-2019-9071.json index b853133d70a..6742b8817d9 100644 --- a/2019/9xxx/CVE-2019-9071.json +++ b/2019/9xxx/CVE-2019-9071.json @@ -76,6 +76,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K02884135", "url": "https://support.f5.com/csp/article/K02884135" + }, + { + "refsource": "UBUNTU", + "name": "USN-4326-1", + "url": "https://usn.ubuntu.com/4326-1/" } ] } diff --git a/2020/12xxx/CVE-2020-12051.json b/2020/12xxx/CVE-2020-12051.json new file mode 100644 index 00000000000..5ec4373bd2a --- /dev/null +++ b/2020/12xxx/CVE-2020-12051.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-12051", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access would be denied when simply visiting wiki/Special:CentralAuth in a web browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://phabricator.wikimedia.org/T250594", + "refsource": "MISC", + "name": "https://phabricator.wikimedia.org/T250594" + }, + { + "url": "https://gerrit.wikimedia.org/r/#/q/I3c80641dc1202df7428714f0ca44717a51ff6021", + "refsource": "MISC", + "name": "https://gerrit.wikimedia.org/r/#/q/I3c80641dc1202df7428714f0ca44717a51ff6021" + } + ] + } +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3153.json b/2020/3xxx/CVE-2020-3153.json index 4b65dcd4b60..cce055d1afb 100644 --- a/2020/3xxx/CVE-2020-3153.json +++ b/2020/3xxx/CVE-2020-3153.json @@ -77,6 +77,11 @@ "refsource": "FULLDISC", "name": "20200421 Cisco AnyConnect elevation of privileges due to insecure handling of path names", "url": "http://seclists.org/fulldisclosure/2020/Apr/43" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157340/Cisco-AnyConnect-Secure-Mobility-Client-4.8.01090-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/157340/Cisco-AnyConnect-Secure-Mobility-Client-4.8.01090-Privilege-Escalation.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4269.json b/2020/4xxx/CVE-2020-4269.json index 727fc9573da..cb5f5ea673c 100644 --- a/2020/4xxx/CVE-2020-4269.json +++ b/2020/4xxx/CVE-2020-4269.json @@ -90,6 +90,11 @@ "refsource": "FULLDISC", "name": "20200421 Unauthorized access to QRadar configuration sets via default password", "url": "http://seclists.org/fulldisclosure/2020/Apr/34" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html", + "url": "http://packetstormsecurity.com/files/157328/QRadar-Community-Edition-7.3.1.6-Default-Credentials.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4270.json b/2020/4xxx/CVE-2020-4270.json index 9797c404f87..ed5452f703c 100644 --- a/2020/4xxx/CVE-2020-4270.json +++ b/2020/4xxx/CVE-2020-4270.json @@ -97,6 +97,11 @@ "refsource": "FULLDISC", "name": "20200421 Local privilege escalation in QRadar due to run-result-reader.sh insecure file permissions", "url": "http://seclists.org/fulldisclosure/2020/Apr/38" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html", + "url": "http://packetstormsecurity.com/files/157335/QRadar-Community-Edition-7.3.1.6-Insecure-File-Permissions.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4271.json b/2020/4xxx/CVE-2020-4271.json index 1fa3f2bd1e2..c6c8b9b552b 100644 --- a/2020/4xxx/CVE-2020-4271.json +++ b/2020/4xxx/CVE-2020-4271.json @@ -32,6 +32,11 @@ "refsource": "FULLDISC", "name": "20200421 PHP object injection vulnerability in QRadar Forensics web application", "url": "http://seclists.org/fulldisclosure/2020/Apr/39" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html", + "url": "http://packetstormsecurity.com/files/157336/QRadar-Community-Edition-7.3.1.6-PHP-Object-Injection.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4272.json b/2020/4xxx/CVE-2020-4272.json index e9f9d482510..039c0a69ec1 100644 --- a/2020/4xxx/CVE-2020-4272.json +++ b/2020/4xxx/CVE-2020-4272.json @@ -89,6 +89,11 @@ "refsource": "FULLDISC", "name": "20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application", "url": "http://seclists.org/fulldisclosure/2020/Apr/40" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html", + "url": "http://packetstormsecurity.com/files/157337/QRadar-Community-Edition-7.3.1.6-Arbitrary-Object-Instantiation.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4274.json b/2020/4xxx/CVE-2020-4274.json index 2cbab617436..8a3d01ac326 100644 --- a/2020/4xxx/CVE-2020-4274.json +++ b/2020/4xxx/CVE-2020-4274.json @@ -77,6 +77,11 @@ "refsource": "FULLDISC", "name": "20200421 Authorization bypass in QRadar Forensics web application", "url": "http://seclists.org/fulldisclosure/2020/Apr/41" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html", + "url": "http://packetstormsecurity.com/files/157338/QRadar-Community-Edition-7.3.1.6-Authorization-Bypass.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4294.json b/2020/4xxx/CVE-2020-4294.json index 3f032088f41..c0803e07512 100644 --- a/2020/4xxx/CVE-2020-4294.json +++ b/2020/4xxx/CVE-2020-4294.json @@ -77,6 +77,11 @@ "refsource": "FULLDISC", "name": "20200421 QRadar RssFeedItem Server-Side Request Forgery vulnerability", "url": "http://seclists.org/fulldisclosure/2020/Apr/35" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/157329/QRadar-Community-Edition-7.3.1.6-Server-Side-Request-Forgery.html" } ] },