From 4c5bcdd7506127229b9f253a237362b8946c49e9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 17 Jun 2020 20:01:21 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/14xxx/CVE-2020-14040.json | 56 ++++++++++++++++++++++++++---- 2020/14xxx/CVE-2020-14157.json | 61 +++++++++++++++++++++++++++++---- 2020/14xxx/CVE-2020-14407.json | 18 ++++++++++ 2020/14xxx/CVE-2020-14408.json | 62 ++++++++++++++++++++++++++++++++++ 4 files changed, 185 insertions(+), 12 deletions(-) create mode 100644 2020/14xxx/CVE-2020-14407.json create mode 100644 2020/14xxx/CVE-2020-14408.json diff --git a/2020/14xxx/CVE-2020-14040.json b/2020/14xxx/CVE-2020-14040.json index 77b929f9f7d..1ea88de82c9 100644 --- a/2020/14xxx/CVE-2020-14040.json +++ b/2020/14xxx/CVE-2020-14040.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-14040", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-14040", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Go version v0.3.3 of the x/text package fixes a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0", + "url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0" } ] } diff --git a/2020/14xxx/CVE-2020-14157.json b/2020/14xxx/CVE-2020-14157.json index f5242ccbc52..a8226bb462d 100644 --- a/2020/14xxx/CVE-2020-14157.json +++ b/2020/14xxx/CVE-2020-14157.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-14157", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-14157", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). This makes it easier for an attacker to disarm the wireless alarm system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-014.txt", + "refsource": "MISC", + "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-014.txt" + }, + { + "refsource": "MISC", + "name": "https://www.youtube.com/watch?v=kCqAVYyahLc", + "url": "https://www.youtube.com/watch?v=kCqAVYyahLc" } ] } diff --git a/2020/14xxx/CVE-2020-14407.json b/2020/14xxx/CVE-2020-14407.json new file mode 100644 index 00000000000..62a33673e6c --- /dev/null +++ b/2020/14xxx/CVE-2020-14407.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-14407", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/14xxx/CVE-2020-14408.json b/2020/14xxx/CVE-2020-14408.json new file mode 100644 index 00000000000..e7c839576ec --- /dev/null +++ b/2020/14xxx/CVE-2020-14408.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-14408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in the /auth/login route allows for injection of arbitrary JavaScript code into a web page's content, creating a Reflected XSS attack vector." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/agentejo/cockpit/issues/1310", + "refsource": "MISC", + "name": "https://github.com/agentejo/cockpit/issues/1310" + } + ] + } +} \ No newline at end of file