diff --git a/2010/3xxx/CVE-2010-3282.json b/2010/3xxx/CVE-2010-3282.json index 1131247a235..576c21c9378 100644 --- a/2010/3xxx/CVE-2010-3282.json +++ b/2010/3xxx/CVE-2010-3282.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2010-3282", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,83 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "389 Directory Server", + "version": { + "version_data": [ + { + "version_value": "before 1.2.7.1" + } + ] + } + } + ] + } + }, + { + "vendor_name": "HP", + "product": { + "product_data": [ + { + "product_name": "HP-UX Directory Server", + "version": { + "version_data": [ + { + "version_value": "before B.08.10.03" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "OVAL", + "name": "oval:org.mitre.oval:def:6914", + "url": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6914" + }, + { + "refsource": "CONFIRM", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=625950", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=625950" + }, + { + "refsource": "CONFIRM", + "name": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?id=d38ae06", + "url": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?id=d38ae06" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02522633&docLocale=en_US", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02522633&docLocale=en_US" } ] } diff --git a/2011/4xxx/CVE-2011-4595.json b/2011/4xxx/CVE-2011-4595.json index a6362d1d3a6..f1fd1c7a9f7 100644 --- a/2011/4xxx/CVE-2011-4595.json +++ b/2011/4xxx/CVE-2011-4595.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-4595", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "pretty-link plugin", + "version": { + "version_data": [ + { + "version_value": "1.5.2" + } + ] + } + } + ] + }, + "vendor_name": "pretty-link" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pretty-Link WordPress plugin 1.5.2 has XSS" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.openwall.com/lists/oss-security/2011/12/08/5", + "refsource": "MISC", + "name": "https://www.openwall.com/lists/oss-security/2011/12/08/5" + }, + { + "refsource": "MISC", + "name": "https://wordpress.org/support/topic/plugin-pretty-link-lite-152-xss-vulnerability/", + "url": "https://wordpress.org/support/topic/plugin-pretty-link-lite-152-xss-vulnerability/" } ] } diff --git a/2012/1xxx/CVE-2012-1258.json b/2012/1xxx/CVE-2012-1258.json index c35e0aaaa20..d05a1fa289b 100644 --- a/2012/1xxx/CVE-2012-1258.json +++ b/2012/1xxx/CVE-2012-1258.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1258", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html", + "url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/18750", + "url": "http://www.exploit-db.com/exploits/18750" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/52989", + "url": "http://www.securityfocus.com/bid/52989" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74824", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74824" + }, + { + "refsource": "MISC", + "name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/", + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/" } ] } diff --git a/2012/1xxx/CVE-2012-1259.json b/2012/1xxx/CVE-2012-1259.json index 9b55822e3e3..56ca9e0f7a1 100644 --- a/2012/1xxx/CVE-2012-1259.json +++ b/2012/1xxx/CVE-2012-1259.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1259", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html", + "url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/18750", + "url": "http://www.exploit-db.com/exploits/18750" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/52989", + "url": "http://www.securityfocus.com/bid/52989" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74826", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74826" + }, + { + "refsource": "MISC", + "name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/", + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/" } ] } diff --git a/2012/1xxx/CVE-2012-1260.json b/2012/1xxx/CVE-2012-1260.json index a1aa71bc3a3..f1101938d08 100644 --- a/2012/1xxx/CVE-2012-1260.json +++ b/2012/1xxx/CVE-2012-1260.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1260", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not be a vulnerability, since an administrator might already have the privileges to create arbitrary script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html", + "url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/18750", + "url": "http://www.exploit-db.com/exploits/18750" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/52989", + "url": "http://www.securityfocus.com/bid/52989" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74825", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74825" + }, + { + "refsource": "MISC", + "name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/", + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/" } ] } diff --git a/2012/1xxx/CVE-2012-1261.json b/2012/1xxx/CVE-2012-1261.json index d54a4bec3d9..227eb1272d6 100644 --- a/2012/1xxx/CVE-2012-1261.json +++ b/2012/1xxx/CVE-2012-1261.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1261", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html", + "url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html" + }, + { + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/18750", + "url": "http://www.exploit-db.com/exploits/18750" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/52989", + "url": "http://www.securityfocus.com/bid/52989" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74827", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74827" + }, + { + "refsource": "MISC", + "name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/", + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/" } ] } diff --git a/2012/1xxx/CVE-2012-1915.json b/2012/1xxx/CVE-2012-1915.json index 507f42eef1b..f7837201b6f 100644 --- a/2012/1xxx/CVE-2012-1915.json +++ b/2012/1xxx/CVE-2012-1915.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1915", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "54620", + "url": "http://www.securityfocus.com/bid/54620" } ] } diff --git a/2012/2xxx/CVE-2012-2142.json b/2012/2xxx/CVE-2012-2142.json index 5e36a86a8cd..83d0ca245fe 100644 --- a/2012/2xxx/CVE-2012-2142.json +++ b/2012/2xxx/CVE-2012-2142.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2142", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,76 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "poppler", + "product": { + "product_data": [ + { + "product_name": "poppler", + "version": { + "version_data": [ + { + "version_value": "before 0.21.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/08/09/6", + "url": "http://www.openwall.com/lists/oss-security/2013/08/09/6" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/08/09/5", + "url": "http://www.openwall.com/lists/oss-security/2013/08/09/5" + }, + { + "refsource": "MISC", + "name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40", + "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40" + }, + { + "refsource": "MISC", + "name": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f", + "url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=789936", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" + }, + { + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html", + "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html" } ] } diff --git a/2012/2xxx/CVE-2012-2226.json b/2012/2xxx/CVE-2012-2226.json index d3175a8cac5..77be5633cf2 100644 --- a/2012/2xxx/CVE-2012-2226.json +++ b/2012/2xxx/CVE-2012-2226.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-2226", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "52998", + "url": "http://www.securityfocus.com/bid/52998" + }, + { + "refsource": "XF", + "name": "74855", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74855" } ] } diff --git a/2012/2xxx/CVE-2012-2714.json b/2012/2xxx/CVE-2012-2714.json index cd860b62482..c5137be7396 100644 --- a/2012/2xxx/CVE-2012-2714.json +++ b/2012/2xxx/CVE-2012-2714.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2714", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,66 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "BrowserID", + "product": { + "product_data": [ + { + "product_name": "BrowserID", + "version": { + "version_data": [ + { + "version_value": "7.x-1.x before 7.x-1.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://drupal.org/node/1597414", + "url": "http://drupal.org/node/1597414" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/06/14/3", + "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3" + }, + { + "refsource": "MISC", + "name": "https://drupal.org/node/1596464", + "url": "https://drupal.org/node/1596464" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/53673", + "url": "http://www.securityfocus.com/bid/53673" } ] } diff --git a/2012/2xxx/CVE-2012-2724.json b/2012/2xxx/CVE-2012-2724.json index db85a215c41..ac5f1ac70ce 100644 --- a/2012/2xxx/CVE-2012-2724.json +++ b/2012/2xxx/CVE-2012-2724.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2724", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,102 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Disclosure" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Simplenews", + "product": { + "product_data": [ + { + "product_name": "Simplenews", + "version": { + "version_data": [ + { + "version_value": "6.x-1.x before 6.x-1.4" + }, + { + "version_value": "6.x-2.x before 6.x-2.0-alpha4" + }, + { + "version_value": "and 7.x-1.x before 7.x-1.0-rc1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://drupal.org/node/1619848", + "url": "http://drupal.org/node/1619848" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/06/14/3", + "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3" + }, + { + "refsource": "MISC", + "name": "http://drupal.org/node/1619812", + "url": "http://drupal.org/node/1619812" + }, + { + "refsource": "MISC", + "name": "http://drupal.org/node/1619818", + "url": "http://drupal.org/node/1619818" + }, + { + "refsource": "MISC", + "name": "http://drupal.org/node/1619820", + "url": "http://drupal.org/node/1619820" + }, + { + "refsource": "MISC", + "name": "http://drupalcode.org/project/simplenews.git/commitdiff/36352c1", + "url": "http://drupalcode.org/project/simplenews.git/commitdiff/36352c1" + }, + { + "refsource": "MISC", + "name": "http://drupalcode.org/project/simplenews.git/commitdiff/6d5704c", + "url": "http://drupalcode.org/project/simplenews.git/commitdiff/6d5704c" + }, + { + "refsource": "MISC", + "name": "http://drupalcode.org/project/simplenews.git/commitdiff/faec6a6", + "url": "http://drupalcode.org/project/simplenews.git/commitdiff/faec6a6" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/53839", + "url": "http://www.securityfocus.com/bid/53839" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76143", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76143" } ] } diff --git a/2012/2xxx/CVE-2012-2931.json b/2012/2xxx/CVE-2012-2931.json index b784ac7b586..be1341dd4e5 100644 --- a/2012/2xxx/CVE-2012-2931.json +++ b/2012/2xxx/CVE-2012-2931.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-2931", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.htbridge.com/advisory/HTB23093", + "refsource": "MISC", + "name": "https://www.htbridge.com/advisory/HTB23093" } ] } diff --git a/2012/2xxx/CVE-2012-2950.json b/2012/2xxx/CVE-2012-2950.json index 220059329fc..8f08a198df0 100644 --- a/2012/2xxx/CVE-2012-2950.json +++ b/2012/2xxx/CVE-2012-2950.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-2950", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "53737", + "url": "http://www.securityfocus.com/bid/53737" + }, + { + "refsource": "XF", + "name": "75983", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75983" } ] } diff --git a/2012/3xxx/CVE-2012-3490.json b/2012/3xxx/CVE-2012-3490.json index 149dc81085d..fb4bf853ba6 100644 --- a/2012/3xxx/CVE-2012-3490.json +++ b/2012/3xxx/CVE-2012-3490.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-3490", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Condor", + "product": { + "product_data": [ + { + "product_name": "Condor", + "version": { + "version_data": [ + { + "version_value": "7.6.x before 7.6.10 and 7.8.x before 7.8.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4", + "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4" + }, + { + "refsource": "MISC", + "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html", + "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html" + }, + { + "refsource": "MISC", + "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html", + "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/09/20/9", + "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490" } ] } diff --git a/2012/3xxx/CVE-2012-3806.json b/2012/3xxx/CVE-2012-3806.json index 902e2da9c43..efbc9318ff2 100644 --- a/2012/3xxx/CVE-2012-3806.json +++ b/2012/3xxx/CVE-2012-3806.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3806", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "55936", + "url": "https://www.securityfocus.com/bid/55936" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2012-3806", + "url": "https://packetstormsecurity.com/files/cve/CVE-2012-3806" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/65612", + "url": "https://www.tenable.com/plugins/nessus/65612" } ] } diff --git a/2012/3xxx/CVE-2012-3807.json b/2012/3xxx/CVE-2012-3807.json index 5103120ecc3..4d120c8a586 100644 --- a/2012/3xxx/CVE-2012-3807.json +++ b/2012/3xxx/CVE-2012-3807.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3807", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "55936", + "url": "https://www.securityfocus.com/bid/55936" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2012-3806", + "url": "https://packetstormsecurity.com/files/cve/CVE-2012-3806" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/65612", + "url": "https://www.tenable.com/plugins/nessus/65612" } ] } diff --git a/2012/3xxx/CVE-2012-3808.json b/2012/3xxx/CVE-2012-3808.json index a7a7856dafc..ca4398c5f87 100644 --- a/2012/3xxx/CVE-2012-3808.json +++ b/2012/3xxx/CVE-2012-3808.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3808", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "55936", + "url": "https://www.securityfocus.com/bid/55936" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/65612", + "url": "https://www.tenable.com/plugins/nessus/65612" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2012-3808", + "url": "https://packetstormsecurity.com/files/cve/CVE-2012-3808" } ] } diff --git a/2012/3xxx/CVE-2012-3809.json b/2012/3xxx/CVE-2012-3809.json index a28a04a6cf0..38c523958f3 100644 --- a/2012/3xxx/CVE-2012-3809.json +++ b/2012/3xxx/CVE-2012-3809.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3809", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "55936", + "url": "https://www.securityfocus.com/bid/55936" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/65612", + "url": "https://www.tenable.com/plugins/nessus/65612" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2012-3809", + "url": "https://packetstormsecurity.com/files/cve/CVE-2012-3809" } ] } diff --git a/2012/3xxx/CVE-2012-3810.json b/2012/3xxx/CVE-2012-3810.json index 8a08a530461..ced15ee9913 100644 --- a/2012/3xxx/CVE-2012-3810.json +++ b/2012/3xxx/CVE-2012-3810.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-3810", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Samsung Kies before 2.5.0.12094_27_11 has registry modification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BID", + "name": "55936", + "url": "https://www.securityfocus.com/bid/55936" + }, + { + "refsource": "MISC", + "name": "https://www.tenable.com/plugins/nessus/65612", + "url": "https://www.tenable.com/plugins/nessus/65612" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/cve/CVE-2012-3809", + "url": "https://packetstormsecurity.com/files/cve/CVE-2012-3809" } ] } diff --git a/2012/4xxx/CVE-2012-4434.json b/2012/4xxx/CVE-2012-4434.json index f467d605820..78721f553f4 100644 --- a/2012/4xxx/CVE-2012-4434.json +++ b/2012/4xxx/CVE-2012-4434.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4434", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,61 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Overflow" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "fwknop", + "product": { + "product_data": [ + { + "product_name": "fwknop", + "version": { + "version_data": [ + { + "version_value": "before 2.0.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/09/19/2", + "url": "http://www.openwall.com/lists/oss-security/2012/09/19/2" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/09/20/4", + "url": "http://www.openwall.com/lists/oss-security/2012/09/20/4" + }, + { + "refsource": "MISC", + "name": "http://www.cipherdyne.org/blog/2012/09/software-release-fwknop-2.0.3.html", + "url": "http://www.cipherdyne.org/blog/2012/09/software-release-fwknop-2.0.3.html" } ] } diff --git a/2012/5xxx/CVE-2012-5558.json b/2012/5xxx/CVE-2012-5558.json index d3dff051783..889d79e88c7 100644 --- a/2012/5xxx/CVE-2012-5558.json +++ b/2012/5xxx/CVE-2012-5558.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-5558", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,76 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the \"administer smiley\" permission to inject arbitrary web script or HTML via a smiley acronym." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Smiley;Smileys", + "product": { + "product_data": [ + { + "product_name": "Smiley", + "version": { + "version_data": [ + { + "version_value": "6.x-1.x versions prior to 6.x-1.1" + } + ] + } + }, + { + "product_name": "Smileys", + "version": { + "version_data": [ + { + "version_value": "6.x-1.x versions prior to 6.x-1.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://drupal.org/node/1840892", + "url": "http://drupal.org/node/1840892" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/11/20/4", + "url": "http://www.openwall.com/lists/oss-security/2012/11/20/4" + }, + { + "refsource": "MISC", + "name": "http://drupal.org/node/1840954", + "url": "http://drupal.org/node/1840954" + }, + { + "refsource": "MISC", + "name": "http://drupal.org/node/1840956", + "url": "http://drupal.org/node/1840956" } ] } diff --git a/2013/6xxx/CVE-2013-6231.json b/2013/6xxx/CVE-2013-6231.json index a5c748dab08..df59a837437 100644 --- a/2013/6xxx/CVE-2013-6231.json +++ b/2013/6xxx/CVE-2013-6231.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6231", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/65925", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/65925" + }, + { + "url": "http://www.exploit-db.com/exploits/31990", + "refsource": "MISC", + "name": "http://www.exploit-db.com/exploits/31990" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91495", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91495" } ] } diff --git a/2013/6xxx/CVE-2013-6430.json b/2013/6xxx/CVE-2013-6430.json index 4b4ec58f0a2..232466a1b33 100644 --- a/2013/6xxx/CVE-2013-6430.json +++ b/2013/6xxx/CVE-2013-6430.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-6430", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,61 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Pivotal", + "product": { + "product_data": [ + { + "product_name": "Spring MVC", + "version": { + "version_data": [ + { + "version_value": "before 3.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.gopivotal.com/security/cve-2013-6430", + "url": "http://www.gopivotal.com/security/cve-2013-6430" + }, + { + "refsource": "MISC", + "name": "https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248", + "url": "https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248" + }, + { + "refsource": "MISC", + "name": "https://jira.springsource.org/browse/SPR-9983", + "url": "https://jira.springsource.org/browse/SPR-9983" } ] } diff --git a/2013/7xxx/CVE-2013-7380.json b/2013/7xxx/CVE-2013-7380.json index 4f624b23222..1b59dbac1ec 100644 --- a/2013/7xxx/CVE-2013-7380.json +++ b/2013/7xxx/CVE-2013-7380.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-7380", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.openwall.com/lists/oss-security/2014/05/15/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2014/05/15/2" + }, + { + "url": "http://www.securityfocus.com/bid/67351", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/67351" } ] } diff --git a/2014/0xxx/CVE-2014-0114.json b/2014/0xxx/CVE-2014-0114.json index ae1c6cd1bfd..e6e479ab6b5 100644 --- a/2014/0xxx/CVE-2014-0114.json +++ b/2014/0xxx/CVE-2014-0114.json @@ -626,6 +626,11 @@ "refsource": "MLIST", "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20200109 [jira] [Resolved] (ARTEMIS-2470) Update Apache BeanUtils to Address CVE-2014-0114", + "url": "https://lists.apache.org/thread.html/r75d67108e557bb5d4c4318435067714a0180de525314b7e8dab9d04e@%3Cissues.activemq.apache.org%3E" } ] } diff --git a/2014/4xxx/CVE-2014-4530.json b/2014/4xxx/CVE-2014-4530.json index b6e1269645c..bf05a23be3a 100644 --- a/2014/4xxx/CVE-2014-4530.json +++ b/2014/4xxx/CVE-2014-4530.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4530", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "flog plugin 0.1 for WordPress has XSS" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://codevigilant.com/disclosure/wp-plugin-flog-a3-cross-site-scripting-xss/", + "refsource": "MISC", + "name": "http://codevigilant.com/disclosure/wp-plugin-flog-a3-cross-site-scripting-xss/" } ] } diff --git a/2014/4xxx/CVE-2014-4561.json b/2014/4xxx/CVE-2014-4561.json index 39edb0651e3..6164587b1a8 100644 --- a/2014/4xxx/CVE-2014-4561.json +++ b/2014/4xxx/CVE-2014-4561.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4561", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The ultimate-weather plugin 1.0 for WordPress has XSS" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/", + "refsource": "MISC", + "name": "http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/" } ] } diff --git a/2014/4xxx/CVE-2014-4982.json b/2014/4xxx/CVE-2014-4982.json index 06c7136e236..745c7349f4f 100644 --- a/2014/4xxx/CVE-2014-4982.json +++ b/2014/4xxx/CVE-2014-4982.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4982", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LPAR2RRD \u2264 4.53 and \u2264 3.5 has arbitrary command injection on the application server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127593/LPAR2RRD-3.5-4.53-Command-Injection.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127593/LPAR2RRD-3.5-4.53-Command-Injection.html" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2014/07/23/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2014/07/23/6" + }, + { + "url": "http://www.securityfocus.com/bid/68850", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/68850" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94785", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94785" } ] } diff --git a/2014/4xxx/CVE-2014-4984.json b/2014/4xxx/CVE-2014-4984.json index 846b8f6ef18..e90108a65c1 100644 --- a/2014/4xxx/CVE-2014-4984.json +++ b/2014/4xxx/CVE-2014-4984.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4984", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,38 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "D\u00e9j\u00e0 Vu Crescendo Sales CRM has remote SQL Injection" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127769/Crescendo-Sales-CRM-SQL-Injection.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127769/Crescendo-Sales-CRM-SQL-Injection.html" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95176", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95176" + }, + { + "refsource": "MISC", + "name": "https://www.securityfocus.com/bid/69085/info", + "url": "https://www.securityfocus.com/bid/69085/info" } ] } diff --git a/2014/5xxx/CVE-2014-5011.json b/2014/5xxx/CVE-2014-5011.json index d25956eea2b..f54901ce886 100644 --- a/2014/5xxx/CVE-2014-5011.json +++ b/2014/5xxx/CVE-2014-5011.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5011", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DOMPDF before 0.6.2 allows Information Disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2" + }, + { + "url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2" } ] } diff --git a/2014/5xxx/CVE-2014-5012.json b/2014/5xxx/CVE-2014-5012.json index 1fad642671f..f44a00105b7 100644 --- a/2014/5xxx/CVE-2014-5012.json +++ b/2014/5xxx/CVE-2014-5012.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5012", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DOMPDF before 0.6.2 allows denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2" + }, + { + "url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2" } ] } diff --git a/2014/5xxx/CVE-2014-5013.json b/2014/5xxx/CVE-2014-5013.json index a57f7336806..018ef5262b2 100644 --- a/2014/5xxx/CVE-2014-5013.json +++ b/2014/5xxx/CVE-2014-5013.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5013", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2" + }, + { + "url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2", + "refsource": "MISC", + "name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2" } ] } diff --git a/2014/5xxx/CVE-2014-5081.json b/2014/5xxx/CVE-2014-5081.json index bd7b149d624..ec5b1dc1a76 100644 --- a/2014/5xxx/CVE-2014-5081.json +++ b/2014/5xxx/CVE-2014-5081.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5081", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127720/Sphider-Search-Engine-Command-Execution-SQL-Injection.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127720/Sphider-Search-Engine-Command-Execution-SQL-Injection.html" + }, + { + "refsource": "EXPLOIT-DB", + "name": "Exploit Database", + "url": "https://www.exploit-db.com/exploits/34238" } ] } diff --git a/2014/5xxx/CVE-2014-5092.json b/2014/5xxx/CVE-2014-5092.json index 66cba63b91f..f3107cbafab 100644 --- a/2014/5xxx/CVE-2014-5092.json +++ b/2014/5xxx/CVE-2014-5092.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5092", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Status2k allows Remote Command Execution in admin/options/editpl.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95112", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95112" } ] } diff --git a/2014/5xxx/CVE-2014-5093.json b/2014/5xxx/CVE-2014-5093.json index f4b497a2692..49f94e43081 100644 --- a/2014/5xxx/CVE-2014-5093.json +++ b/2014/5xxx/CVE-2014-5093.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-5093", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Status2k does not remove the install directory allowing credential reset." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html", + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95113", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95113" } ] } diff --git a/2014/5xxx/CVE-2014-5118.json b/2014/5xxx/CVE-2014-5118.json index 36a66ccac46..bc1f7134470 100644 --- a/2014/5xxx/CVE-2014-5118.json +++ b/2014/5xxx/CVE-2014-5118.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters." + "value": "Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability" } ] }, @@ -52,25 +52,30 @@ }, "references": { "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5118", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5118" - }, - { - "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-5118", - "refsource": "MISC", - "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-5118" - }, { "url": "http://www.securityfocus.com/bid/68960", "refsource": "MISC", "name": "http://www.securityfocus.com/bid/68960" }, { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95063", "refsource": "MISC", - "name": "https://www.openwall.com/lists/oss-security/2014/07/29/1", - "url": "https://www.openwall.com/lists/oss-security/2014/07/29/1" + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95063" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2014/07/30/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2014/07/30/4" } ] } diff --git a/2014/7xxx/CVE-2014-7297.json b/2014/7xxx/CVE-2014-7297.json index 27efefdc7ea..84308a514ad 100644 --- a/2014/7xxx/CVE-2014-7297.json +++ b/2014/7xxx/CVE-2014-7297.json @@ -56,6 +56,11 @@ "name": "http://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990", "refsource": "CONFIRM", "url": "http://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/9809", + "url": "https://wpvulndb.com/vulnerabilities/9809" } ] } diff --git a/2016/4xxx/CVE-2016-4980.json b/2016/4xxx/CVE-2016-4980.json index 5e65975ef94..078f3879289 100644 --- a/2016/4xxx/CVE-2016-4980.json +++ b/2016/4xxx/CVE-2016-4980.json @@ -52,6 +52,11 @@ }, "references": { "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346016", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346016" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980", "refsource": "MISC", diff --git a/2016/5xxx/CVE-2016-5285.json b/2016/5xxx/CVE-2016-5285.json index 95fcb652bd4..d5527ddbb20 100644 --- a/2016/5xxx/CVE-2016-5285.json +++ b/2016/5xxx/CVE-2016-5285.json @@ -8,15 +8,15 @@ "vendor": { "vendor_data": [ { - "vendor_name": "NSS", + "vendor_name": "Mozilla", "product": { "product_data": [ { - "product_name": "NSS", + "product_name": "Network Security Services", "version": { "version_data": [ { - "version_value": "before 3.26" + "version_value": "3.24" } ] } @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash." + "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service." } ] }, @@ -44,7 +44,7 @@ "description": [ { "lang": "eng", - "value": "Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash" + "value": "denial of service" } ] } @@ -52,40 +52,50 @@ }, "references": { "reference_data": [ - { - "url": "https://security-tracker.debian.org/tracker/CVE-2016-5285", - "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2016-5285" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5285", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5285" - }, - { - "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5285", - "refsource": "MISC", - "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5285" - }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html", "refsource": "MISC", "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html" }, { + "url": "http://www.securityfocus.com/bid/94349", "refsource": "MISC", - "name": "https://downloads.avaya.com/css/P8/documents/101033728", - "url": "https://downloads.avaya.com/css/P8/documents/101033728" + "name": "http://www.securityfocus.com/bid/94349" }, { + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html", "refsource": "MISC", - "name": "https://packetstormsecurity.com/files/cve/CVE-2016-5285", - "url": "https://packetstormsecurity.com/files/cve/CVE-2016-5285" + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html" }, { + "url": "https://security.gentoo.org/glsa/201701-46", "refsource": "MISC", - "name": "https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2016-5285", - "url": "https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2016-5285" + "name": "https://security.gentoo.org/glsa/201701-46" + }, + { + "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html" + }, + { + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html" + }, + { + "url": "http://www.ubuntu.com/usn/USN-3163-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-3163-1" + }, + { + "url": "https://bto.bluecoat.com/security-advisory/sa137", + "refsource": "MISC", + "name": "https://bto.bluecoat.com/security-advisory/sa137" + }, + { + "refsource": "CONFIRM", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103" } ] } diff --git a/2016/5xxx/CVE-2016-5311.json b/2016/5xxx/CVE-2016-5311.json index 099a482ed72..450d1673c4f 100644 --- a/2016/5xxx/CVE-2016-5311.json +++ b/2016/5xxx/CVE-2016-5311.json @@ -1,8 +1,41 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secure@symantec.com", "ID": "CVE-2016-5311", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Symantec", + "product": { + "product_data": [ + { + "product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360", + "version": { + "version_data": [ + { + "version_value": "before 22.7" + } + ] + } + }, + { + "product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client", + "version": { + "version_data": [ + { + "version_value": "before 22.8.0.50" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +44,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "untrusted search path" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.securityfocus.com/bid/94295", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/94295" + }, + { + "url": "http://www.securitytracker.com/id/1037323", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1037323" + }, + { + "url": "http://www.securitytracker.com/id/1037324", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1037324" + }, + { + "url": "http://www.securitytracker.com/id/1037325", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1037325" + }, + { + "refsource": "CONFIRM", + "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00", + "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00" } ] } diff --git a/2017/9xxx/CVE-2017-9841.json b/2017/9xxx/CVE-2017-9841.json index eb551677d56..3960b137f83 100644 --- a/2017/9xxx/CVE-2017-9841.json +++ b/2017/9xxx/CVE-2017-9841.json @@ -57,11 +57,6 @@ "refsource": "BID", "url": "http://www.securityfocus.com/bid/101798" }, - { - "name": "http://phpunit.vulnbusters.com/", - "refsource": "MISC", - "url": "http://phpunit.vulnbusters.com/" - }, { "name": "https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5", "refsource": "MISC", @@ -81,6 +76,11 @@ "name": "GLSA-201711-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201711-15" + }, + { + "refsource": "MISC", + "name": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/", + "url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/" } ] } diff --git a/2018/0xxx/CVE-2018-0576.json b/2018/0xxx/CVE-2018-0576.json index 447e5dc9192..b0cf0b9d833 100644 --- a/2018/0xxx/CVE-2018-0576.json +++ b/2018/0xxx/CVE-2018-0576.json @@ -61,6 +61,11 @@ "name": "JVN#85531148", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN85531148/index.html" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/9609", + "url": "https://wpvulndb.com/vulnerabilities/9609" } ] } diff --git a/2018/12xxx/CVE-2018-12327.json b/2018/12xxx/CVE-2018-12327.json index e86cfc4f5cd..e6c89790d66 100644 --- a/2018/12xxx/CVE-2018-12327.json +++ b/2018/12xxx/CVE-2018-12327.json @@ -91,6 +91,11 @@ "refsource": "CONFIRM", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" + }, + { + "refsource": "UBUNTU", + "name": "USN-4229-1", + "url": "https://usn.ubuntu.com/4229-1/" } ] } diff --git a/2018/12xxx/CVE-2018-12380.json b/2018/12xxx/CVE-2018-12380.json index a1a2fa47bd5..010a704e656 100644 --- a/2018/12xxx/CVE-2018-12380.json +++ b/2018/12xxx/CVE-2018-12380.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12380", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12380", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-17009. Reason: This candidate is a duplicate of CVE-2019-17009. Notes: All CVE users should reference CVE-2019-17009 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2019/11xxx/CVE-2019-11745.json b/2019/11xxx/CVE-2019-11745.json index 3f8df4f9ade..01a9bdac288 100644 --- a/2019/11xxx/CVE-2019-11745.json +++ b/2019/11xxx/CVE-2019-11745.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/12xxx/CVE-2019-12614.json b/2019/12xxx/CVE-2019-12614.json index 0f1c422e6f1..ac4ac3e6cd2 100644 --- a/2019/12xxx/CVE-2019-12614.json +++ b/2019/12xxx/CVE-2019-12614.json @@ -136,6 +136,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/14xxx/CVE-2019-14918.json b/2019/14xxx/CVE-2019-14918.json new file mode 100644 index 00000000000..4497e12d173 --- /dev/null +++ b/2019/14xxx/CVE-2019-14918.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14918", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/InnotecSystem/Device-Reversing/wiki/XSS-Injection-via-DHCP-requests", + "url": "https://github.com/InnotecSystem/Device-Reversing/wiki/XSS-Injection-via-DHCP-requests" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14919.json b/2019/14xxx/CVE-2019-14919.json new file mode 100644 index 00000000000..4ecc51e8565 --- /dev/null +++ b/2019/14xxx/CVE-2019-14919.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection", + "url": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection" + } + ] + } +} \ No newline at end of file diff --git a/2019/14xxx/CVE-2019-14920.json b/2019/14xxx/CVE-2019-14920.json new file mode 100644 index 00000000000..64473e074e6 --- /dev/null +++ b/2019/14xxx/CVE-2019-14920.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-14920", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection", + "url": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection" + } + ] + } +} \ No newline at end of file diff --git a/2019/15xxx/CVE-2019-15291.json b/2019/15xxx/CVE-2019-15291.json index 02d8ae0c34d..a1ce61a33e8 100644 --- a/2019/15xxx/CVE-2019-15291.json +++ b/2019/15xxx/CVE-2019-15291.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/15xxx/CVE-2019-15917.json b/2019/15xxx/CVE-2019-15917.json index 60e04ca4a12..c2f330e492d 100644 --- a/2019/15xxx/CVE-2019-15917.json +++ b/2019/15xxx/CVE-2019-15917.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/16xxx/CVE-2019-16773.json b/2019/16xxx/CVE-2019-16773.json index 18c0e01853d..d4b908e0a8e 100644 --- a/2019/16xxx/CVE-2019-16773.json +++ b/2019/16xxx/CVE-2019-16773.json @@ -71,6 +71,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/9975", + "url": "https://wpvulndb.com/vulnerabilities/9975" + }, { "name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/", "refsource": "MISC", diff --git a/2019/16xxx/CVE-2019-16788.json b/2019/16xxx/CVE-2019-16788.json index 7d09815beaf..f51b2e2c637 100644 --- a/2019/16xxx/CVE-2019-16788.json +++ b/2019/16xxx/CVE-2019-16788.json @@ -71,6 +71,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/9973", + "url": "https://wpvulndb.com/vulnerabilities/9973" + }, { "name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/", "refsource": "MISC", diff --git a/2019/17xxx/CVE-2019-17005.json b/2019/17xxx/CVE-2019-17005.json index fa9da0177b9..226c74f4bd4 100644 --- a/2019/17xxx/CVE-2019-17005.json +++ b/2019/17xxx/CVE-2019-17005.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17008.json b/2019/17xxx/CVE-2019-17008.json index 49d6211f1a8..bea1707f7a2 100644 --- a/2019/17xxx/CVE-2019-17008.json +++ b/2019/17xxx/CVE-2019-17008.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17009.json b/2019/17xxx/CVE-2019-17009.json index 4f6eca80c35..fa85e6e15c9 100644 --- a/2019/17xxx/CVE-2019-17009.json +++ b/2019/17xxx/CVE-2019-17009.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17010.json b/2019/17xxx/CVE-2019-17010.json index 737dd1f198d..69ed4101082 100644 --- a/2019/17xxx/CVE-2019-17010.json +++ b/2019/17xxx/CVE-2019-17010.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17011.json b/2019/17xxx/CVE-2019-17011.json index 0e306fb71b0..1ffca517077 100644 --- a/2019/17xxx/CVE-2019-17011.json +++ b/2019/17xxx/CVE-2019-17011.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17012.json b/2019/17xxx/CVE-2019-17012.json index 42ea9efa467..03df1580c52 100644 --- a/2019/17xxx/CVE-2019-17012.json +++ b/2019/17xxx/CVE-2019-17012.json @@ -83,6 +83,16 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2019-37/", "url": "https://www.mozilla.org/security/advisories/mfsa2019-37/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0003", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0002", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html" } ] }, diff --git a/2019/17xxx/CVE-2019-17016.json b/2019/17xxx/CVE-2019-17016.json index 50fe013c1a6..e3d3eefef72 100644 --- a/2019/17xxx/CVE-2019-17016.json +++ b/2019/17xxx/CVE-2019-17016.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4600", "url": "https://www.debian.org/security/2020/dsa-4600" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17017.json b/2019/17xxx/CVE-2019-17017.json index a418e43f2e5..836f8ae5154 100644 --- a/2019/17xxx/CVE-2019-17017.json +++ b/2019/17xxx/CVE-2019-17017.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4600", "url": "https://www.debian.org/security/2020/dsa-4600" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17020.json b/2019/17xxx/CVE-2019-17020.json index 8a83c732357..72fc2cc7c2d 100644 --- a/2019/17xxx/CVE-2019-17020.json +++ b/2019/17xxx/CVE-2019-17020.json @@ -53,6 +53,11 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2020-01/", "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17022.json b/2019/17xxx/CVE-2019-17022.json index fdcf0ed1b3d..26920740374 100644 --- a/2019/17xxx/CVE-2019-17022.json +++ b/2019/17xxx/CVE-2019-17022.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4600", "url": "https://www.debian.org/security/2020/dsa-4600" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17023.json b/2019/17xxx/CVE-2019-17023.json index b0b34e84dd9..e49a75b5b4f 100644 --- a/2019/17xxx/CVE-2019-17023.json +++ b/2019/17xxx/CVE-2019-17023.json @@ -53,6 +53,11 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2020-01/", "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17024.json b/2019/17xxx/CVE-2019-17024.json index bacfee3e5ff..d2507c86abf 100644 --- a/2019/17xxx/CVE-2019-17024.json +++ b/2019/17xxx/CVE-2019-17024.json @@ -83,6 +83,11 @@ "refsource": "DEBIAN", "name": "DSA-4600", "url": "https://www.debian.org/security/2020/dsa-4600" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17025.json b/2019/17xxx/CVE-2019-17025.json index 7b555f7a8da..ec93eb143b5 100644 --- a/2019/17xxx/CVE-2019-17025.json +++ b/2019/17xxx/CVE-2019-17025.json @@ -53,6 +53,11 @@ "refsource": "CONFIRM", "name": "https://www.mozilla.org/security/advisories/mfsa2020-01/", "url": "https://www.mozilla.org/security/advisories/mfsa2020-01/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4234-1", + "url": "https://usn.ubuntu.com/4234-1/" } ] }, diff --git a/2019/17xxx/CVE-2019-17571.json b/2019/17xxx/CVE-2019-17571.json index b41d988da73..ef0f41998e3 100644 --- a/2019/17xxx/CVE-2019-17571.json +++ b/2019/17xxx/CVE-2019-17571.json @@ -153,6 +153,11 @@ "refsource": "MLIST", "name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200110-0001/", + "url": "https://security.netapp.com/advisory/ntap-20200110-0001/" } ] }, diff --git a/2019/18xxx/CVE-2019-18386.json b/2019/18xxx/CVE-2019-18386.json index b29a631b300..0a8e482a8bf 100644 --- a/2019/18xxx/CVE-2019-18386.json +++ b/2019/18xxx/CVE-2019-18386.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Systems management on Unisys Libra and Libra Software Series, with MCP-FIRMWARE through 2019-10-23, can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel." + "value": "Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel" } ] }, diff --git a/2019/18xxx/CVE-2019-18660.json b/2019/18xxx/CVE-2019-18660.json index 0d93c2e0288..b3f3ef1550e 100644 --- a/2019/18xxx/CVE-2019-18660.json +++ b/2019/18xxx/CVE-2019-18660.json @@ -126,6 +126,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/18xxx/CVE-2019-18683.json b/2019/18xxx/CVE-2019-18683.json index 860d4559a42..fa744a8d7be 100644 --- a/2019/18xxx/CVE-2019-18683.json +++ b/2019/18xxx/CVE-2019-18683.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/18xxx/CVE-2019-18859.json b/2019/18xxx/CVE-2019-18859.json new file mode 100644 index 00000000000..023d67b6fca --- /dev/null +++ b/2019/18xxx/CVE-2019-18859.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18859", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Digi AnywhereUSB 14 allows XSS via a link for the Digi Page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03", + "url": "https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03" + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18961.json b/2019/18xxx/CVE-2019-18961.json new file mode 100644 index 00000000000..c6a95908200 --- /dev/null +++ b/2019/18xxx/CVE-2019-18961.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18961", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18962.json b/2019/18xxx/CVE-2019-18962.json new file mode 100644 index 00000000000..bf52d13591b --- /dev/null +++ b/2019/18xxx/CVE-2019-18962.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18962", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18963.json b/2019/18xxx/CVE-2019-18963.json new file mode 100644 index 00000000000..33e024feb5d --- /dev/null +++ b/2019/18xxx/CVE-2019-18963.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18963", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18964.json b/2019/18xxx/CVE-2019-18964.json new file mode 100644 index 00000000000..91b49c093d2 --- /dev/null +++ b/2019/18xxx/CVE-2019-18964.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18964", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18965.json b/2019/18xxx/CVE-2019-18965.json new file mode 100644 index 00000000000..04d6fa92193 --- /dev/null +++ b/2019/18xxx/CVE-2019-18965.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18965", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18966.json b/2019/18xxx/CVE-2019-18966.json new file mode 100644 index 00000000000..d6905ecc14a --- /dev/null +++ b/2019/18xxx/CVE-2019-18966.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18966", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18967.json b/2019/18xxx/CVE-2019-18967.json new file mode 100644 index 00000000000..eadec6f5089 --- /dev/null +++ b/2019/18xxx/CVE-2019-18967.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18967", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18968.json b/2019/18xxx/CVE-2019-18968.json new file mode 100644 index 00000000000..c7ed042dde8 --- /dev/null +++ b/2019/18xxx/CVE-2019-18968.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18968", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18969.json b/2019/18xxx/CVE-2019-18969.json new file mode 100644 index 00000000000..d59ede9329a --- /dev/null +++ b/2019/18xxx/CVE-2019-18969.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18969", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/18xxx/CVE-2019-18970.json b/2019/18xxx/CVE-2019-18970.json new file mode 100644 index 00000000000..83601b48a77 --- /dev/null +++ b/2019/18xxx/CVE-2019-18970.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-18970", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/19xxx/CVE-2019-19057.json b/2019/19xxx/CVE-2019-19057.json index 94df188be5e..78a5234d779 100644 --- a/2019/19xxx/CVE-2019-19057.json +++ b/2019/19xxx/CVE-2019-19057.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/19xxx/CVE-2019-19062.json b/2019/19xxx/CVE-2019-19062.json index 7e2ade837a0..42e9ebb3e4b 100644 --- a/2019/19xxx/CVE-2019-19062.json +++ b/2019/19xxx/CVE-2019-19062.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/19xxx/CVE-2019-19063.json b/2019/19xxx/CVE-2019-19063.json index 0cbb4ca10c2..e473e63c706 100644 --- a/2019/19xxx/CVE-2019-19063.json +++ b/2019/19xxx/CVE-2019-19063.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/19xxx/CVE-2019-19227.json b/2019/19xxx/CVE-2019-19227.json index 1117ed794a8..169d3cc68f2 100644 --- a/2019/19xxx/CVE-2019-19227.json +++ b/2019/19xxx/CVE-2019-19227.json @@ -76,6 +76,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/19xxx/CVE-2019-19332.json b/2019/19xxx/CVE-2019-19332.json index 8c2b783d7b1..523e9990356 100644 --- a/2019/19xxx/CVE-2019-19332.json +++ b/2019/19xxx/CVE-2019-19332.json @@ -58,6 +58,11 @@ "url": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/", "refsource": "MISC", "name": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] }, diff --git a/2019/19xxx/CVE-2019-19524.json b/2019/19xxx/CVE-2019-19524.json index 7e1c1f1a24a..bceeab265ca 100644 --- a/2019/19xxx/CVE-2019-19524.json +++ b/2019/19xxx/CVE-2019-19524.json @@ -106,6 +106,11 @@ "refsource": "BUGTRAQ", "name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)", "url": "https://seclists.org/bugtraq/2020/Jan/10" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", + "url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html" } ] } diff --git a/2019/19xxx/CVE-2019-19781.json b/2019/19xxx/CVE-2019-19781.json index 56a320a9d05..c808a0a75f8 100644 --- a/2019/19xxx/CVE-2019-19781.json +++ b/2019/19xxx/CVE-2019-19781.json @@ -61,6 +61,11 @@ "refsource": "CERT-VN", "name": "VU#619785", "url": "https://www.kb.cert.org/vuls/id/619785" + }, + { + "refsource": "MISC", + "name": "https://twitter.com/bad_packets/status/1215431625766424576", + "url": "https://twitter.com/bad_packets/status/1215431625766424576" } ] } diff --git a/2019/19xxx/CVE-2019-19844.json b/2019/19xxx/CVE-2019-19844.json index c35725f77c0..06497c79b4e 100644 --- a/2019/19xxx/CVE-2019-19844.json +++ b/2019/19xxx/CVE-2019-19844.json @@ -86,6 +86,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html", "url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200110-0003/", + "url": "https://security.netapp.com/advisory/ntap-20200110-0003/" } ] } diff --git a/2019/19xxx/CVE-2019-19920.json b/2019/19xxx/CVE-2019-19920.json index e30f77d0d38..f63af4dc750 100644 --- a/2019/19xxx/CVE-2019-19920.json +++ b/2019/19xxx/CVE-2019-19920.json @@ -66,6 +66,11 @@ "url": "https://marc.info/?l=spamassassin-users&m=157668305026635&w=2", "refsource": "MISC", "name": "https://marc.info/?l=spamassassin-users&m=157668305026635&w=2" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20200109 [SECURITY] [DLA 2062-1] sa-exim security update", + "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00006.html" } ] } diff --git a/2019/20xxx/CVE-2019-20178.json b/2019/20xxx/CVE-2019-20178.json index 5266910d4c3..47b6613afe1 100644 --- a/2019/20xxx/CVE-2019-20178.json +++ b/2019/20xxx/CVE-2019-20178.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20178", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20178", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20178-peel-shopping-ecommerce-shopping-cart-9-2-1-cross-site-request-forgery-17fc49ab5a65", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20178-peel-shopping-ecommerce-shopping-cart-9-2-1-cross-site-request-forgery-17fc49ab5a65" } ] } diff --git a/2019/20xxx/CVE-2019-20179.json b/2019/20xxx/CVE-2019-20179.json index 042e2513438..03e5291b853 100644 --- a/2019/20xxx/CVE-2019-20179.json +++ b/2019/20xxx/CVE-2019-20179.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20179", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20179", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SOPlanning 1.45 has SQL injection via the user_list.php \"by\" parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1" } ] } diff --git a/2019/20xxx/CVE-2019-20180.json b/2019/20xxx/CVE-2019-20180.json index fae4ebf58d6..3c27df9b451 100644 --- a/2019/20xxx/CVE-2019-20180.json +++ b/2019/20xxx/CVE-2019-20180.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20180", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20180", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20180-tablepress-version-1-9-2-csv-injection-65309fcc8be8", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20180-tablepress-version-1-9-2-csv-injection-65309fcc8be8" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10016", + "url": "https://wpvulndb.com/vulnerabilities/10016" } ] } diff --git a/2019/20xxx/CVE-2019-20181.json b/2019/20xxx/CVE-2019-20181.json index 09b800d7454..ddad9846c7c 100644 --- a/2019/20xxx/CVE-2019-20181.json +++ b/2019/20xxx/CVE-2019-20181.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20181", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20181", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20181-awesome-support-wordpress-helpdesk-support-plugin-5-8-0-84a0c022cf53", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20181-awesome-support-wordpress-helpdesk-support-plugin-5-8-0-84a0c022cf53" } ] } diff --git a/2019/20xxx/CVE-2019-20182.json b/2019/20xxx/CVE-2019-20182.json index be9210c6f9f..f1069ad86cb 100644 --- a/2019/20xxx/CVE-2019-20182.json +++ b/2019/20xxx/CVE-2019-20182.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20182", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20182", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The FooGallery plugin 1.8.12 for WordPress allow XSS via the post_title parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20182-foogallery-image-gallery-wordpress-plugin-1-8-12-stored-cross-site-scripting-d5864f1259f", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20182-foogallery-image-gallery-wordpress-plugin-1-8-12-stored-cross-site-scripting-d5864f1259f" } ] } diff --git a/2019/20xxx/CVE-2019-20183.json b/2019/20xxx/CVE-2019-20183.json index 115e1656c06..db62307d11a 100644 --- a/2019/20xxx/CVE-2019-20183.json +++ b/2019/20xxx/CVE-2019-20183.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20183", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20183", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. The attacker can modify global.js to allow the .php extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34" } ] } diff --git a/2019/20xxx/CVE-2019-20184.json b/2019/20xxx/CVE-2019-20184.json index 70c89f66dd0..d5cbff37ef3 100644 --- a/2019/20xxx/CVE-2019-20184.json +++ b/2019/20xxx/CVE-2019-20184.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20184", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20184", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "KeePass 2.4.1 allows CSV injection in the title field of a CSV export." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@Pablo0xSantiago/cve-2019-20184-keepass-2-4-1-csv-injection-33f08de3c11a", + "url": "https://medium.com/@Pablo0xSantiago/cve-2019-20184-keepass-2-4-1-csv-injection-33f08de3c11a" } ] } diff --git a/2019/20xxx/CVE-2019-20372.json b/2019/20xxx/CVE-2019-20372.json new file mode 100644 index 00000000000..7df973615e1 --- /dev/null +++ b/2019/20xxx/CVE-2019-20372.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf", + "refsource": "MISC", + "name": "https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf" + }, + { + "url": "http://nginx.org/en/CHANGES", + "refsource": "MISC", + "name": "http://nginx.org/en/CHANGES" + }, + { + "url": "https://duo.com/docs/dng-notes#version-1.5.4-january-2020", + "refsource": "MISC", + "name": "https://duo.com/docs/dng-notes#version-1.5.4-january-2020" + }, + { + "url": "https://github.com/kubernetes/ingress-nginx/pull/4859", + "refsource": "MISC", + "name": "https://github.com/kubernetes/ingress-nginx/pull/4859" + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20373.json b/2019/20xxx/CVE-2019-20373.json new file mode 100644 index 00000000000..72f785152d5 --- /dev/null +++ b/2019/20xxx/CVE-2019-20373.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.launchpad.net/~ltsp-upstream/ltsp/+git/ldm/commit/?id=c351ac69ef63ed6c84221cef73e409059661b8ba", + "refsource": "MISC", + "name": "https://git.launchpad.net/~ltsp-upstream/ltsp/+git/ldm/commit/?id=c351ac69ef63ed6c84221cef73e409059661b8ba" + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20374.json b/2019/20xxx/CVE-2019-20374.json new file mode 100644 index 00000000000..870bc550f0e --- /dev/null +++ b/2019/20xxx/CVE-2019-20374.json @@ -0,0 +1,81 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML sanitization. Given that the application is based on the Electron framework, the XSS leads to remote code execution in an unsandboxed environment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/typora/typora-issues/issues/3124", + "refsource": "MISC", + "name": "https://github.com/typora/typora-issues/issues/3124" + }, + { + "url": "https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4a0e", + "refsource": "MISC", + "name": "https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4a0e" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20375.json b/2019/20xxx/CVE-2019-20375.json new file mode 100644 index 00000000000..6e5e1368455 --- /dev/null +++ b/2019/20xxx/CVE-2019-20375.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bitbucket.org/ritt/elog/commits/eefdabb714f26192f585083ef96c8413e459a1d1", + "refsource": "MISC", + "name": "https://bitbucket.org/ritt/elog/commits/eefdabb714f26192f585083ef96c8413e459a1d1" + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20376.json b/2019/20xxx/CVE-2019-20376.json new file mode 100644 index 00000000000..2546c0aa19c --- /dev/null +++ b/2019/20xxx/CVE-2019-20376.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-20376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bitbucket.org/ritt/elog/commits/993bed4923c88593cc6b1186e0d1b9564994a25a", + "refsource": "MISC", + "name": "https://bitbucket.org/ritt/elog/commits/993bed4923c88593cc6b1186e0d1b9564994a25a" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2729.json b/2019/2xxx/CVE-2019-2729.json index cb958e309dc..2828374b89d 100644 --- a/2019/2xxx/CVE-2019-2729.json +++ b/2019/2xxx/CVE-2019-2729.json @@ -62,6 +62,11 @@ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155886/Oracle-Weblogic-10.3.6.0.0-Remote-Command-Execution.html", + "url": "http://packetstormsecurity.com/files/155886/Oracle-Weblogic-10.3.6.0.0-Remote-Command-Execution.html" } ] } diff --git a/2019/4xxx/CVE-2019-4343.json b/2019/4xxx/CVE-2019-4343.json index c1c20705dcd..727af39b77c 100644 --- a/2019/4xxx/CVE-2019-4343.json +++ b/2019/4xxx/CVE-2019-4343.json @@ -26,6 +26,11 @@ "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/161422", "title": "X-Force Vulnerability Report" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200110-0002/", + "url": "https://security.netapp.com/advisory/ntap-20200110-0002/" } ] }, diff --git a/2019/4xxx/CVE-2019-4651.json b/2019/4xxx/CVE-2019-4651.json index d7ed8c20f29..f407e1c16ff 100644 --- a/2019/4xxx/CVE-2019-4651.json +++ b/2019/4xxx/CVE-2019-4651.json @@ -1,17 +1,89 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-4651", - "STATE": "RESERVED" + "data_type": "CVE", + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 1169956 (Jazz Reporting Service (JRS))", + "url": "https://www.ibm.com/support/pages/node/1169956", + "name": "https://www.ibm.com/support/pages/node/1169956", + "refsource": "CONFIRM" + }, + { + "name": "ibm-jrs-cve20194651-xss (170962)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/170962", + "refsource": "XF", + "title": "X-Force Vulnerability Report" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "6.0.6.1" + } + ] + }, + "product_name": "Jazz Reporting Service (JRS)" + } + ] + }, + "vendor_name": "IBM" + } + ] + } }, "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170962.", + "lang": "eng" + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2019-4651", + "DATE_PUBLIC": "2020-01-08T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "AV": "N", + "UI": "R", + "I": "L", + "S": "C", + "A": "N", + "SCORE": "5.400", + "PR": "L", + "AC": "L", + "C": "L" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "H" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] } ] } diff --git a/2019/5xxx/CVE-2019-5205.json b/2019/5xxx/CVE-2019-5205.json index 489304f7368..776f001c1d6 100644 --- a/2019/5xxx/CVE-2019-5205.json +++ b/2019/5xxx/CVE-2019-5205.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5205", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5205", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/5xxx/CVE-2019-5206.json b/2019/5xxx/CVE-2019-5206.json index 675d9b93402..34a6cc0961e 100644 --- a/2019/5xxx/CVE-2019-5206.json +++ b/2019/5xxx/CVE-2019-5206.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5206", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5206", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/5xxx/CVE-2019-5207.json b/2019/5xxx/CVE-2019-5207.json index ebed7051383..28d7aa46165 100644 --- a/2019/5xxx/CVE-2019-5207.json +++ b/2019/5xxx/CVE-2019-5207.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5207", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5207", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/5xxx/CVE-2019-5208.json b/2019/5xxx/CVE-2019-5208.json index 150a773ff95..0dc9430c15a 100644 --- a/2019/5xxx/CVE-2019-5208.json +++ b/2019/5xxx/CVE-2019-5208.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5208", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5208", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/5xxx/CVE-2019-5209.json b/2019/5xxx/CVE-2019-5209.json index 5b185147ed6..51b0c7d167c 100644 --- a/2019/5xxx/CVE-2019-5209.json +++ b/2019/5xxx/CVE-2019-5209.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5209", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5209", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none." } ] } diff --git a/2019/5xxx/CVE-2019-5844.json b/2019/5xxx/CVE-2019-5844.json index 76e009b817f..d7a7bb3b33a 100644 --- a/2019/5xxx/CVE-2019-5844.json +++ b/2019/5xxx/CVE-2019-5844.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/915206", "refsource": "MISC", "name": "https://crbug.com/915206" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0004", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00002.html" } ] }, @@ -65,4 +70,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5845.json b/2019/5xxx/CVE-2019-5845.json index 5cb9d377f3f..f6911af9e0c 100644 --- a/2019/5xxx/CVE-2019-5845.json +++ b/2019/5xxx/CVE-2019-5845.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/915197", "refsource": "MISC", "name": "https://crbug.com/915197" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0004", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00002.html" } ] }, @@ -65,4 +70,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5846.json b/2019/5xxx/CVE-2019-5846.json index 33209a73789..7ce2ae03b5c 100644 --- a/2019/5xxx/CVE-2019-5846.json +++ b/2019/5xxx/CVE-2019-5846.json @@ -54,6 +54,11 @@ "url": "https://crbug.com/915218", "refsource": "MISC", "name": "https://crbug.com/915218" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0004", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00002.html" } ] }, @@ -65,4 +70,4 @@ } ] } -} +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6319.json b/2019/6xxx/CVE-2019-6319.json index bc6c031ab39..0f36cd67baa 100644 --- a/2019/6xxx/CVE-2019-6319.json +++ b/2019/6xxx/CVE-2019-6319.json @@ -1,17 +1,70 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6319", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6319", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP DeskJet 3630 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "F5S43A - F5S57A" + }, + { + "version_value": "K4T93A - K4T99C" + }, + { + "version_value": "K4U00B - K4U03B" + }, + { + "version_value": "V3F21A - V3F22A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery in HP DeskJet 3630 Printers" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/us-en/document/c06308143", + "url": "https://support.hp.com/us-en/document/c06308143" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration." } ] } diff --git a/2019/6xxx/CVE-2019-6320.json b/2019/6xxx/CVE-2019-6320.json index 47079c62e58..6f9d373fa1d 100644 --- a/2019/6xxx/CVE-2019-6320.json +++ b/2019/6xxx/CVE-2019-6320.json @@ -1,17 +1,70 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6320", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6320", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP DeskJet 3630 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "F5S43A - F5S57A" + }, + { + "version_value": "K4T93A - K4T99C" + }, + { + "version_value": "K4U00B - K4U03B" + }, + { + "version_value": "V3F21A - V3F22A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery in HP DeskJet 3630 Printers" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/us-en/document/c06308143", + "url": "https://support.hp.com/us-en/document/c06308143" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration." } ] } diff --git a/2019/6xxx/CVE-2019-6330.json b/2019/6xxx/CVE-2019-6330.json index ee1e330dafd..e31d4f978d0 100644 --- a/2019/6xxx/CVE-2019-6330.json +++ b/2019/6xxx/CVE-2019-6330.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6330", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6330", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HP Access Control", + "version": { + "version_data": [ + { + "version_value": "prior to 16.7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege vulnerability is found in HP Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/in-en/document/c06463137", + "url": "https://support.hp.com/in-en/document/c06463137" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability has been identified in the software solution HP Access Control versions prior to 16.7. This vulnerability could potentially grant elevation of privilege." } ] } diff --git a/2019/6xxx/CVE-2019-6331.json b/2019/6xxx/CVE-2019-6331.json index bb5036469d4..a0d9bcb407f 100644 --- a/2019/6xxx/CVE-2019-6331.json +++ b/2019/6xxx/CVE-2019-6331.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6331", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6331", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Samsung Mobile Print (Android)", + "version": { + "version_data": [ + { + "version_value": "prior to 4.08.007" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposure of Application Configuration Details in Samsung Mobile Print (Android)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/in-en/document/c06424557", + "url": "https://support.hp.com/in-en/document/c06424557" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential security vulnerability caused by incomplete obfuscation of application configuration information." } ] } diff --git a/2019/6xxx/CVE-2019-6332.json b/2019/6xxx/CVE-2019-6332.json index 50a8f327b2c..218661f9ace 100644 --- a/2019/6xxx/CVE-2019-6332.json +++ b/2019/6xxx/CVE-2019-6332.json @@ -1,17 +1,218 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6332", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6332", + "ASSIGNER": "hp-security-alert@hp.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HP Inc.", + "product": { + "product_data": [ + { + "product_name": "HP DeskJet 2600 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "4UJ28B" + }, + { + "version_value": "V1N01A - V1N08A" + }, + { + "version_value": "Y5H60A - Y5H80A" + } + ] + } + }, + { + "product_name": "HP DeskJet Ink Advantage 2600 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "V1N02A - V1N02B" + }, + { + "version_value": "Y5Z00A - Y5Z04B" + } + ] + } + }, + { + "product_name": "HP DeskJet Ink Advantage 5000 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "M2U86A - M2U89B" + } + ] + } + }, + { + "product_name": "HP DeskJet Ink Advantage 5200 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "M2U76A - M2U78B" + } + ] + } + }, + { + "product_name": "HP ENVY 5000 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "M2U85A - M2U85B" + }, + { + "version_value": "M2U91A - M2U94B" + }, + { + "version_value": "Z4A54A - Z4A74A" + } + ] + } + }, + { + "product_name": "HP ENVY Photo 6200 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "K7G18A-K7G26B" + }, + { + "version_value": "K7S21B" + }, + { + "version_value": "Y0K13D - Y0K15A" + } + ] + } + }, + { + "product_name": "HP ENVY Photo 7100 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "3XD89A" + }, + { + "version_value": "K7G93A-K7G99A" + }, + { + "version_value": "Z3M37A - Z3M52A" + } + ] + } + }, + { + "product_name": "HP ENVY Photo 7800 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "K7R96A" + }, + { + "version_value": "K7S00A - K7S10D" + }, + { + "version_value": "Y0G42D - Y0G52B" + } + ] + } + }, + { + "product_name": "HP Ink Tank Wireless 410 series", + "version": { + "version_data": [ + { + "version_value": "Z4B53A - Z4B55A" + }, + { + "version_value": "Z6Z95A - Z6Z99A" + }, + { + "version_value": "4DX94A - 4DX95A" + }, + { + "version_value": "4YF79A" + }, + { + "version_value": "Z7A01A" + } + ] + } + }, + { + "product_name": "HP OfficeJet 5200 All-in-One Printer series", + "version": { + "version_data": [ + { + "version_value": "M2U75A" + }, + { + "version_value": "M2U81A-M2U84B" + }, + { + "version_value": "Z4B12A - Z4B14A" + }, + { + "version_value": "Z4B27A - Z4B29A" + } + ] + } + }, + { + "product_name": "HP Smart Tank Wireless 450 series", + "version": { + "version_data": [ + { + "version_value": "Z4B56A" + }, + { + "version_value": "Z6Z96A - Z6Z98A" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Scripting (XSS) in HP InkJet Printers" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.hp.com/in-en/document/c06428029", + "url": "https://support.hp.com/in-en/document/c06428029" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A - V1N08A, Y5H60A - Y5H80A; HP DeskJet Ink Advantage 2600 All-in-One Printer series model numbers V1N02A - V1N02B, Y5Z00A - Y5Z04B; HP DeskJet Ink Advantage 5000 All-in-One Printer series model numbers M2U86A - M2U89B; HP DeskJet Ink Advantage 5200 All-in-One Printer series model numbers M2U76A - M2U78B; HP ENVY 5000 All-in-One Printer series model numbers M2U85A - M2U85B, M2U91A - M2U94B, Z4A54A - Z4A74A; HP ENVY Photo 6200 All-in-One Printer series model numbers K7G18A-K7G26B, K7S21B, Y0K13D - Y0K15A; HP ENVY Photo 7100 All-in-One Printer series model numbers 3XD89A, K7G93A-K7G99A, Z3M37A - Z3M52A; HP ENVY Photo 7800 All-in-One Printer series model numbers K7R96A, K7S00A - K7S10D, Y0G42D - Y0G52B; HP Ink Tank Wireless 410 series model numbers Z4B53A - Z4B55A, Z6Z95A - Z6Z99A, 4DX94A - 4DX95A, 4YF79A, Z7A01A; HP OfficeJet 5200 All-in-One Printer series model numbers M2U75A, M2U81A-M2U84B, Z4B12A - Z4B14A, Z4B27A - Z4B29A; HP Smart Tank Wireless 450 series model numbers Z4B56A, Z6Z96A - Z6Z98A." } ] } diff --git a/2020/1xxx/CVE-2020-1765.json b/2020/1xxx/CVE-2020-1765.json index 0435ebbb5cd..737ef66e88f 100644 --- a/2020/1xxx/CVE-2020-1765.json +++ b/2020/1xxx/CVE-2020-1765.json @@ -1,18 +1,124 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@otrs.com", + "DATE_PUBLIC": "2020-01-10T00:00:00.000Z", "ID": "CVE-2020-1765", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Spoofing of From field in several screens" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "((OTRS)) Community Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0.x", + "version_value": "5.0.39" + }, + { + "version_affected": "<=", + "version_name": "6.0.x", + "version_value": "6.0.24" + } + ] + } + }, + { + "product_name": "OTRS", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0.x", + "version_value": "7.0.13" + } + ] + } + } + ] + }, + "vendor_name": "OTRS AG" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Sebastian Renker, Jonas Becker" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound.\n\nThis issue affects:\n((OTRS)) Community Edition\n5.0.x version 5.0.39 and prior versions;\n6.0.x version 6.0.24 and prior versions.\nOTRS\n7.0.x version 7.0.13 and prior versions." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-472 External Control of Assumed-Immutable Web Parameter" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-01/" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25, ((OTRS)) Community Edition 5.0.40 " + }, + { + "lang": "eng", + "value": "Patch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/d146d4997cbd6e1370669784c6a2ec8d64655252 \nPatch for ((OTRS)) Community Edition 5: https://github.com/OTRS/otrs/commit/874889b86abea4c01ceb1368a836b66694fae1c3" + } + ], + "source": { + "advisory": "OSA-2020-01", + "defect": [ + "2019100942003876" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/1xxx/CVE-2020-1766.json b/2020/1xxx/CVE-2020-1766.json index 30401d17bd9..832c1888815 100644 --- a/2020/1xxx/CVE-2020-1766.json +++ b/2020/1xxx/CVE-2020-1766.json @@ -1,18 +1,124 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@otrs.com", + "DATE_PUBLIC": "2020-01-10T00:00:00.000Z", "ID": "CVE-2020-1766", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Improper handling of uploaded inline images" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "((OTRS)) Community Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "5.0.x", + "version_value": "5.0.39" + }, + { + "version_affected": "<=", + "version_name": "6.0.x", + "version_value": "6.0.24" + } + ] + } + }, + { + "product_name": "OTRS", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0.x", + "version_value": "7.0.13" + } + ] + } + } + ] + }, + "vendor_name": "OTRS AG" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": " Anton Astaf'ev " + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Due to improper handling of uploaded images it is possible in very unlikely and rare conditions to force the agents browser to execute malicious javascript from a special crafted SVG file rendered as inline jpg file. \n\nThis issue affects:\n((OTRS)) Community Edition\n5.0.x version 5.0.39 and prior versions;\n6.0.x version 6.0.24 and prior versions.\nOTRS\n7.0.x version 7.0.13 and prior versions." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 2, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-02/" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25, ((OTRS)) Community Edition 5.0.40 " + }, + { + "lang": "eng", + "value": "Patch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/128078b0bb30f601ed97d4a13906644264ee6013 \nPatch for ((OTRS)) Community Edition 5: https://github.com/OTRS/otrs/commit/b7d80f9000fc9a435743d8d1d7d44d9a17483a9a" + } + ], + "source": { + "advisory": "OSA-2020-02", + "defect": [ + "2019112942001838" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/1xxx/CVE-2020-1767.json b/2020/1xxx/CVE-2020-1767.json index 67c9361f46e..aabfe6d5a38 100644 --- a/2020/1xxx/CVE-2020-1767.json +++ b/2020/1xxx/CVE-2020-1767.json @@ -1,18 +1,113 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@otrs.com", + "DATE_PUBLIC": "2020-01-10T00:00:00.000Z", "ID": "CVE-2020-1767", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Possible to send drafted messages as wrong agent" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "((OTRS)) Community Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "6.0.x", + "version_value": "6.0.24" + } + ] + } + }, + { + "product_name": "OTRS", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "7.0.x", + "version_value": "7.0.13" + } + ] + } + } + ] + }, + "vendor_name": "OTRS AG" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Agent A is able to save a draft (i.e. for customer reply). Then Agent B can open the draft, change the text completely and send it in the name of Agent A. For the customer it will not be visible that the message was sent by another agent.\n\nThis issue affects:\n((OTRS)) Community Edition\n6.0.x version 6.0.24 and prior versions.\nOTRS\n7.0.x version 7.0.13 and prior versions." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Sender spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://otrs.com/release-notes/otrs-security-advisory-2020-03/" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade to OTRS 7.0.14, ((OTRS)) Community Edition 6.0.25" + }, + { + "lang": "eng", + "value": "Patch for ((OTRS)) Community Edition 6: https://github.com/OTRS/otrs/commit/5f488fd6c809064ee49def3a432030258d211570" + } + ], + "source": { + "advisory": "OSA-2020-03", + "defect": [ + "2019121042000738" + ], + "discovery": "USER" } } \ No newline at end of file diff --git a/2020/1xxx/CVE-2020-1786.json b/2020/1xxx/CVE-2020-1786.json index e9cc590239c..4d565d02241 100644 --- a/2020/1xxx/CVE-2020-1786.json +++ b/2020/1xxx/CVE-2020-1786.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-1786", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HUAWEI Mate 20 Pro", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 10.0.0.175(C00E69R3P8)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-smartphone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-smartphone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a special condition which could allow an attacker to forge a crafted application as a normal one. Successful exploit could allow the attacker to bypass digital balance function." } ] } diff --git a/2020/1xxx/CVE-2020-1787.json b/2020/1xxx/CVE-2020-1787.json index 96dc75e3044..0b3b4d69eaf 100644 --- a/2020/1xxx/CVE-2020-1787.json +++ b/2020/1xxx/CVE-2020-1787.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-1787", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "HUAWEI Mate 20", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 9.1.0.139(C00E133R3P1)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-02-smartphone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host user's desktop in an instant, without unlocking the screen lock of the host user." } ] } diff --git a/2020/1xxx/CVE-2020-1810.json b/2020/1xxx/CVE-2020-1810.json index 0742111e578..51f75623955 100644 --- a/2020/1xxx/CVE-2020-1810.json +++ b/2020/1xxx/CVE-2020-1810.json @@ -4,14 +4,201 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-1810", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "CloudEngine 12800", + "version": { + "version_data": [ + { + "version_value": "V100R003C00SPC600" + }, + { + "version_value": "V100R003C10SPC100" + }, + { + "version_value": "V100R005C00SPC200" + }, + { + "version_value": "V100R005C00SPC300" + }, + { + "version_value": "V100R005C10HP0001" + }, + { + "version_value": "V100R005C10SPC100" + }, + { + "version_value": "V100R005C10SPC200" + }, + { + "version_value": "V100R006C00" + }, + { + "version_value": "V200R001C00" + }, + { + "version_value": "V200R002C01" + }, + { + "version_value": "V200R002C10" + }, + { + "version_value": "V200R002C20" + }, + { + "version_value": "V200R005C10" + } + ] + } + }, + { + "product_name": "CloudEngine S5700", + "version": { + "version_data": [ + { + "version_value": "V200R005C00SPC500" + }, + { + "version_value": "V200R005C03" + }, + { + "version_value": "V200R006C00SPC100" + }, + { + "version_value": "V200R006C00SPC300" + }, + { + "version_value": "V200R006C00SPC500" + }, + { + "version_value": "V200R007C00SPC100" + }, + { + "version_value": "V200R007C00SPC500" + }, + { + "version_value": "V200R010C00SPC300" + }, + { + "version_value": "V200R010C00SPC600" + }, + { + "version_value": "V200R010C00SPC700" + }, + { + "version_value": "V200R011C00SPC200" + }, + { + "version_value": "V200R011C10SPC500" + }, + { + "version_value": "V200R011C10SPC600" + }, + { + "version_value": "V200R012C00SPC200" + }, + { + "version_value": "V200R012C00SPC500" + }, + { + "version_value": "V200R012C00SPC600" + }, + { + "version_value": "V200R012C00SPC700" + }, + { + "version_value": "V200R012C00SPC710" + }, + { + "version_value": "V200R012C20" + } + ] + } + }, + { + "product_name": "CloudEngine S6700", + "version": { + "version_data": [ + { + "version_value": "V200R005C00SPC500" + }, + { + "version_value": "V200R005C01" + }, + { + "version_value": "V200R008C00SPC500" + }, + { + "version_value": "V200R010C00SPC300" + }, + { + "version_value": "V200R010C00SPC600" + }, + { + "version_value": "V200R011C00SPC200" + }, + { + "version_value": "V200R011C10SPC500" + }, + { + "version_value": "V200R011C10SPC600" + }, + { + "version_value": "V200R012C00SPC200" + }, + { + "version_value": "V200R012C00SPC500" + }, + { + "version_value": "V200R012C00SPC600" + }, + { + "version_value": "V200R012C00SPC710" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Weak Algorithm" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-rsa-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Huawei products CloudEngine 12800, S5700, and S6700 have a weak algorithm vulnerability. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information. Affected product versions include: CloudEngine 12800 versions V100R003C00SPC600, V100R003C10SPC100, V100R005C00SPC200, V100R005C00SPC300, V100R005C10HP0001, V100R005C10SPC100, V100R005C10SPC200, V100R006C00, V200R001C00, V200R002C01, V200R002C10, V200R002C20, V200R005C10; CloudEngine S5700 versions V200R005C00SPC500, V200R005C03, V200R006C00SPC100, V200R006C00SPC300, V200R006C00SPC500, V200R007C00SPC100, V200R007C00SPC500, V200R010C00SPC300, V200R010C00SPC600, V200R010C00SPC700, V200R011C00SPC200, V200R011C10SPC500, V200R011C10SPC600, V200R012C00SPC200, V200R012C00SPC500, V200R012C00SPC600, V200R012C00SPC700, V200R012C00SPC710, V200R012C20; CloudEngine S6700 versions V200R005C00SPC500, V200R005C01, V200R008C00SPC500, V200R010C00SPC300, V200R010C00SPC600, V200R011C00SPC200, V200R011C10SPC500, V200R011C10SPC600, V200R012C00SPC200, V200R012C00SPC500, V200R012C00SPC600, V200R012C00SPC710." } ] } diff --git a/2020/1xxx/CVE-2020-1826.json b/2020/1xxx/CVE-2020-1826.json index 307334755a2..47a176ae768 100644 --- a/2020/1xxx/CVE-2020-1826.json +++ b/2020/1xxx/CVE-2020-1826.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-1826", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Huawei", + "product": { + "product_data": [ + { + "product_name": "Honor Magic2", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 10.0.0.175(C00E59R2P11)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Leak" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-phone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200108-01-phone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root permission may exploit the vulnerability to obtain some information." } ] } diff --git a/2020/1xxx/CVE-2020-1925.json b/2020/1xxx/CVE-2020-1925.json index 178e1dd32cb..ab7c10b0e10 100644 --- a/2020/1xxx/CVE-2020-1925.json +++ b/2020/1xxx/CVE-2020-1925.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-1925", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apache Software Foundation", + "product": { + "product_data": [ + { + "product_name": "Apache Olingo", + "version": { + "version_data": [ + { + "version_value": "4.0.0 to 4.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Server Side Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://mail-archives.apache.org/mod_mbox/olingo-user/202001.mbox/%3CCAGSZ4d6HwpF2woOrZJg_d0SkHytXJaCtAWXa3ZtBn33WG0YFvw%40mail.gmail.com%3E", + "url": "https://mail-archives.apache.org/mod_mbox/olingo-user/202001.mbox/%3CCAGSZ4d6HwpF2woOrZJg_d0SkHytXJaCtAWXa3ZtBn33WG0YFvw%40mail.gmail.com%3E" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker." } ] } diff --git a/2020/5xxx/CVE-2020-5308.json b/2020/5xxx/CVE-2020-5308.json index 0c73017f387..8139971c2fe 100644 --- a/2020/5xxx/CVE-2020-5308.json +++ b/2020/5xxx/CVE-2020-5308.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/155861/Dairy-Farm-Shop-Management-System-1.0-Cross-Site-Scripting.html", "url": "http://packetstormsecurity.com/files/155861/Dairy-Farm-Shop-Management-System-1.0-Cross-Site-Scripting.html" + }, + { + "refsource": "MISC", + "name": "https://cinzinga.github.io/CVE-2020-5307-5308/", + "url": "https://cinzinga.github.io/CVE-2020-5307-5308/" } ] } diff --git a/2020/5xxx/CVE-2020-5504.json b/2020/5xxx/CVE-2020-5504.json index 889d188cb09..57b69576323 100644 --- a/2020/5xxx/CVE-2020-5504.json +++ b/2020/5xxx/CVE-2020-5504.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5504", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5504", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.phpmyadmin.net/security/PMASA-2020-1/", + "url": "https://www.phpmyadmin.net/security/PMASA-2020-1/" } ] } diff --git a/2020/6xxx/CVE-2020-6166.json b/2020/6xxx/CVE-2020-6166.json index c07ec5f5289..9ce7003595d 100644 --- a/2020/6xxx/CVE-2020-6166.json +++ b/2020/6xxx/CVE-2020-6166.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6166", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6166", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10009", + "url": "https://wpvulndb.com/vulnerabilities/10009" + }, + { + "refsource": "CONFIRM", + "name": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers", + "url": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers" + }, + { + "refsource": "MISC", + "name": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/", + "url": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:L/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6167.json b/2020/6xxx/CVE-2020-6167.json index 14e9bd4d114..d68698c67ba 100644 --- a/2020/6xxx/CVE-2020-6167.json +++ b/2020/6xxx/CVE-2020-6167.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6167", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6167", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10007", + "url": "https://wpvulndb.com/vulnerabilities/10007" + }, + { + "refsource": "CONFIRM", + "name": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers", + "url": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers" + }, + { + "refsource": "MISC", + "name": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/", + "url": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6168.json b/2020/6xxx/CVE-2020-6168.json index 7f4ec03979e..a2242efad9f 100644 --- a/2020/6xxx/CVE-2020-6168.json +++ b/2020/6xxx/CVE-2020-6168.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-6168", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-6168", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availability and confidentiality of a vulnerable site, along with the integrity of the setting)." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/10008", + "url": "https://wpvulndb.com/vulnerabilities/10008" + }, + { + "refsource": "CONFIRM", + "name": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers", + "url": "https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/#developers" + }, + { + "refsource": "MISC", + "name": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/", + "url": "https://www.wordfence.com/blog/2020/01/multiple-vulnerabilities-patched-in-minimal-coming-soon-maintenance-mode-coming-soon-page-plugin/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:L/I:L/PR:L/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6750.json b/2020/6xxx/CVE-2020-6750.json new file mode 100644 index 00000000000..01c80f2157b --- /dev/null +++ b/2020/6xxx/CVE-2020-6750.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-6750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://gitlab.gnome.org/GNOME/glib/issues/1989", + "refsource": "MISC", + "name": "https://gitlab.gnome.org/GNOME/glib/issues/1989" + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6751.json b/2020/6xxx/CVE-2020-6751.json new file mode 100644 index 00000000000..f179592a173 --- /dev/null +++ b/2020/6xxx/CVE-2020-6751.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6751", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6752.json b/2020/6xxx/CVE-2020-6752.json new file mode 100644 index 00000000000..676e49d6683 --- /dev/null +++ b/2020/6xxx/CVE-2020-6752.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6752", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6753.json b/2020/6xxx/CVE-2020-6753.json new file mode 100644 index 00000000000..b51bccee3a9 --- /dev/null +++ b/2020/6xxx/CVE-2020-6753.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6753", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6754.json b/2020/6xxx/CVE-2020-6754.json new file mode 100644 index 00000000000..424ad6432ee --- /dev/null +++ b/2020/6xxx/CVE-2020-6754.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6755.json b/2020/6xxx/CVE-2020-6755.json new file mode 100644 index 00000000000..2e139263c4e --- /dev/null +++ b/2020/6xxx/CVE-2020-6755.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6755", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6756.json b/2020/6xxx/CVE-2020-6756.json new file mode 100644 index 00000000000..03784c261d1 --- /dev/null +++ b/2020/6xxx/CVE-2020-6756.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-6756", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/", + "refsource": "MISC", + "name": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6757.json b/2020/6xxx/CVE-2020-6757.json new file mode 100644 index 00000000000..168a6ff0591 --- /dev/null +++ b/2020/6xxx/CVE-2020-6757.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-6757", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authenticated attackers to remotely execute code via the name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/", + "refsource": "MISC", + "name": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:L/C:L/I:L/PR:L/S:C/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6758.json b/2020/6xxx/CVE-2020-6758.json new file mode 100644 index 00000000000..185b6979da5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6758.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-6758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows remote attackers to inject arbitrary web script or HTML via the ContentFrame parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/", + "refsource": "MISC", + "name": "https://pwnedchile.com/2020/01/08/pixelstor-5000-rce-exploit/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:U/UI:R", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6759.json b/2020/6xxx/CVE-2020-6759.json new file mode 100644 index 00000000000..8faef1e4926 --- /dev/null +++ b/2020/6xxx/CVE-2020-6759.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6759", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6760.json b/2020/6xxx/CVE-2020-6760.json new file mode 100644 index 00000000000..c53b8881f07 --- /dev/null +++ b/2020/6xxx/CVE-2020-6760.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6760", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6761.json b/2020/6xxx/CVE-2020-6761.json new file mode 100644 index 00000000000..df04cf5f5ac --- /dev/null +++ b/2020/6xxx/CVE-2020-6761.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6761", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6762.json b/2020/6xxx/CVE-2020-6762.json new file mode 100644 index 00000000000..49f34156ea2 --- /dev/null +++ b/2020/6xxx/CVE-2020-6762.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6762", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6763.json b/2020/6xxx/CVE-2020-6763.json new file mode 100644 index 00000000000..1c3bc98d29a --- /dev/null +++ b/2020/6xxx/CVE-2020-6763.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6763", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6764.json b/2020/6xxx/CVE-2020-6764.json new file mode 100644 index 00000000000..fca87bd1748 --- /dev/null +++ b/2020/6xxx/CVE-2020-6764.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6764", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6765.json b/2020/6xxx/CVE-2020-6765.json new file mode 100644 index 00000000000..c584c16f87c --- /dev/null +++ b/2020/6xxx/CVE-2020-6765.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6765", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6766.json b/2020/6xxx/CVE-2020-6766.json new file mode 100644 index 00000000000..fd0c6dbffc4 --- /dev/null +++ b/2020/6xxx/CVE-2020-6766.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6766", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6767.json b/2020/6xxx/CVE-2020-6767.json new file mode 100644 index 00000000000..ae8a4f73af5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6767.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6767", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6768.json b/2020/6xxx/CVE-2020-6768.json new file mode 100644 index 00000000000..423c6fe6b5c --- /dev/null +++ b/2020/6xxx/CVE-2020-6768.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6768", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6769.json b/2020/6xxx/CVE-2020-6769.json new file mode 100644 index 00000000000..9aad0180d86 --- /dev/null +++ b/2020/6xxx/CVE-2020-6769.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6769", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6770.json b/2020/6xxx/CVE-2020-6770.json new file mode 100644 index 00000000000..6fd8249ca03 --- /dev/null +++ b/2020/6xxx/CVE-2020-6770.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6770", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6771.json b/2020/6xxx/CVE-2020-6771.json new file mode 100644 index 00000000000..a4f0e3a8ead --- /dev/null +++ b/2020/6xxx/CVE-2020-6771.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6771", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6772.json b/2020/6xxx/CVE-2020-6772.json new file mode 100644 index 00000000000..2a05d361036 --- /dev/null +++ b/2020/6xxx/CVE-2020-6772.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6772", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6773.json b/2020/6xxx/CVE-2020-6773.json new file mode 100644 index 00000000000..d6ab6e9e7e0 --- /dev/null +++ b/2020/6xxx/CVE-2020-6773.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6773", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6774.json b/2020/6xxx/CVE-2020-6774.json new file mode 100644 index 00000000000..3678af106a9 --- /dev/null +++ b/2020/6xxx/CVE-2020-6774.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6774", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6775.json b/2020/6xxx/CVE-2020-6775.json new file mode 100644 index 00000000000..e01c1578bc6 --- /dev/null +++ b/2020/6xxx/CVE-2020-6775.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6775", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6776.json b/2020/6xxx/CVE-2020-6776.json new file mode 100644 index 00000000000..09ab16f85f5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6776.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6776", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6777.json b/2020/6xxx/CVE-2020-6777.json new file mode 100644 index 00000000000..1dfcad4d672 --- /dev/null +++ b/2020/6xxx/CVE-2020-6777.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6777", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6778.json b/2020/6xxx/CVE-2020-6778.json new file mode 100644 index 00000000000..ac515c18445 --- /dev/null +++ b/2020/6xxx/CVE-2020-6778.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6778", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6779.json b/2020/6xxx/CVE-2020-6779.json new file mode 100644 index 00000000000..26f34d03a7b --- /dev/null +++ b/2020/6xxx/CVE-2020-6779.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6779", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6780.json b/2020/6xxx/CVE-2020-6780.json new file mode 100644 index 00000000000..6e60a692318 --- /dev/null +++ b/2020/6xxx/CVE-2020-6780.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6780", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6781.json b/2020/6xxx/CVE-2020-6781.json new file mode 100644 index 00000000000..a918269526b --- /dev/null +++ b/2020/6xxx/CVE-2020-6781.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6781", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6782.json b/2020/6xxx/CVE-2020-6782.json new file mode 100644 index 00000000000..90c59ddfa07 --- /dev/null +++ b/2020/6xxx/CVE-2020-6782.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6782", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6783.json b/2020/6xxx/CVE-2020-6783.json new file mode 100644 index 00000000000..caa458618c0 --- /dev/null +++ b/2020/6xxx/CVE-2020-6783.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6783", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6784.json b/2020/6xxx/CVE-2020-6784.json new file mode 100644 index 00000000000..155d16ed502 --- /dev/null +++ b/2020/6xxx/CVE-2020-6784.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6784", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6785.json b/2020/6xxx/CVE-2020-6785.json new file mode 100644 index 00000000000..0bf97ea3157 --- /dev/null +++ b/2020/6xxx/CVE-2020-6785.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6785", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6786.json b/2020/6xxx/CVE-2020-6786.json new file mode 100644 index 00000000000..e2c28fbe396 --- /dev/null +++ b/2020/6xxx/CVE-2020-6786.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6786", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6787.json b/2020/6xxx/CVE-2020-6787.json new file mode 100644 index 00000000000..da49f2643ae --- /dev/null +++ b/2020/6xxx/CVE-2020-6787.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6787", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6788.json b/2020/6xxx/CVE-2020-6788.json new file mode 100644 index 00000000000..f5df90a7723 --- /dev/null +++ b/2020/6xxx/CVE-2020-6788.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6788", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6789.json b/2020/6xxx/CVE-2020-6789.json new file mode 100644 index 00000000000..2b670ac4c56 --- /dev/null +++ b/2020/6xxx/CVE-2020-6789.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6789", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6790.json b/2020/6xxx/CVE-2020-6790.json new file mode 100644 index 00000000000..42492ff07ed --- /dev/null +++ b/2020/6xxx/CVE-2020-6790.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6790", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6791.json b/2020/6xxx/CVE-2020-6791.json new file mode 100644 index 00000000000..1055be74f06 --- /dev/null +++ b/2020/6xxx/CVE-2020-6791.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6791", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6792.json b/2020/6xxx/CVE-2020-6792.json new file mode 100644 index 00000000000..3f1fb6947c6 --- /dev/null +++ b/2020/6xxx/CVE-2020-6792.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6792", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6793.json b/2020/6xxx/CVE-2020-6793.json new file mode 100644 index 00000000000..45f7ed338de --- /dev/null +++ b/2020/6xxx/CVE-2020-6793.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6793", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6794.json b/2020/6xxx/CVE-2020-6794.json new file mode 100644 index 00000000000..1b6b4c99947 --- /dev/null +++ b/2020/6xxx/CVE-2020-6794.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6794", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6795.json b/2020/6xxx/CVE-2020-6795.json new file mode 100644 index 00000000000..0b65624f4d9 --- /dev/null +++ b/2020/6xxx/CVE-2020-6795.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6796.json b/2020/6xxx/CVE-2020-6796.json new file mode 100644 index 00000000000..3d98dda9e3a --- /dev/null +++ b/2020/6xxx/CVE-2020-6796.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6796", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6797.json b/2020/6xxx/CVE-2020-6797.json new file mode 100644 index 00000000000..59b66510b79 --- /dev/null +++ b/2020/6xxx/CVE-2020-6797.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6797", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6798.json b/2020/6xxx/CVE-2020-6798.json new file mode 100644 index 00000000000..f82750e3c3a --- /dev/null +++ b/2020/6xxx/CVE-2020-6798.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6798", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6799.json b/2020/6xxx/CVE-2020-6799.json new file mode 100644 index 00000000000..09af982ec52 --- /dev/null +++ b/2020/6xxx/CVE-2020-6799.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6799", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6800.json b/2020/6xxx/CVE-2020-6800.json new file mode 100644 index 00000000000..93afcf77c88 --- /dev/null +++ b/2020/6xxx/CVE-2020-6800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6801.json b/2020/6xxx/CVE-2020-6801.json new file mode 100644 index 00000000000..ce4ae0dcafc --- /dev/null +++ b/2020/6xxx/CVE-2020-6801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6802.json b/2020/6xxx/CVE-2020-6802.json new file mode 100644 index 00000000000..72dcad28461 --- /dev/null +++ b/2020/6xxx/CVE-2020-6802.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6802", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6803.json b/2020/6xxx/CVE-2020-6803.json new file mode 100644 index 00000000000..4b9fa3bee2b --- /dev/null +++ b/2020/6xxx/CVE-2020-6803.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6803", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6804.json b/2020/6xxx/CVE-2020-6804.json new file mode 100644 index 00000000000..4370c6ad1d5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6804.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6804", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6805.json b/2020/6xxx/CVE-2020-6805.json new file mode 100644 index 00000000000..94385442e7c --- /dev/null +++ b/2020/6xxx/CVE-2020-6805.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6805", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6806.json b/2020/6xxx/CVE-2020-6806.json new file mode 100644 index 00000000000..9e8a57ae74a --- /dev/null +++ b/2020/6xxx/CVE-2020-6806.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6807.json b/2020/6xxx/CVE-2020-6807.json new file mode 100644 index 00000000000..f0ac23ce52e --- /dev/null +++ b/2020/6xxx/CVE-2020-6807.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6808.json b/2020/6xxx/CVE-2020-6808.json new file mode 100644 index 00000000000..a45b7b1c09b --- /dev/null +++ b/2020/6xxx/CVE-2020-6808.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6808", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6809.json b/2020/6xxx/CVE-2020-6809.json new file mode 100644 index 00000000000..64d1c58214f --- /dev/null +++ b/2020/6xxx/CVE-2020-6809.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6809", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6810.json b/2020/6xxx/CVE-2020-6810.json new file mode 100644 index 00000000000..a8d571ce79d --- /dev/null +++ b/2020/6xxx/CVE-2020-6810.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6810", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6811.json b/2020/6xxx/CVE-2020-6811.json new file mode 100644 index 00000000000..0b299414082 --- /dev/null +++ b/2020/6xxx/CVE-2020-6811.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6811", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6812.json b/2020/6xxx/CVE-2020-6812.json new file mode 100644 index 00000000000..9e855988605 --- /dev/null +++ b/2020/6xxx/CVE-2020-6812.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6812", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6813.json b/2020/6xxx/CVE-2020-6813.json new file mode 100644 index 00000000000..0d4aae53517 --- /dev/null +++ b/2020/6xxx/CVE-2020-6813.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6813", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6814.json b/2020/6xxx/CVE-2020-6814.json new file mode 100644 index 00000000000..75579d51f7b --- /dev/null +++ b/2020/6xxx/CVE-2020-6814.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6814", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6815.json b/2020/6xxx/CVE-2020-6815.json new file mode 100644 index 00000000000..eeb50cde568 --- /dev/null +++ b/2020/6xxx/CVE-2020-6815.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6815", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6816.json b/2020/6xxx/CVE-2020-6816.json new file mode 100644 index 00000000000..43129ce0606 --- /dev/null +++ b/2020/6xxx/CVE-2020-6816.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6816", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6817.json b/2020/6xxx/CVE-2020-6817.json new file mode 100644 index 00000000000..a6b7151bbd5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6817.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6817", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6818.json b/2020/6xxx/CVE-2020-6818.json new file mode 100644 index 00000000000..3b266bc50e8 --- /dev/null +++ b/2020/6xxx/CVE-2020-6818.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6818", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6819.json b/2020/6xxx/CVE-2020-6819.json new file mode 100644 index 00000000000..edcce24c5a5 --- /dev/null +++ b/2020/6xxx/CVE-2020-6819.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6819", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6820.json b/2020/6xxx/CVE-2020-6820.json new file mode 100644 index 00000000000..9bc4652fe4f --- /dev/null +++ b/2020/6xxx/CVE-2020-6820.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6820", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6821.json b/2020/6xxx/CVE-2020-6821.json new file mode 100644 index 00000000000..11c8c88ae90 --- /dev/null +++ b/2020/6xxx/CVE-2020-6821.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6821", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6822.json b/2020/6xxx/CVE-2020-6822.json new file mode 100644 index 00000000000..5ec4252d02e --- /dev/null +++ b/2020/6xxx/CVE-2020-6822.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6822", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6823.json b/2020/6xxx/CVE-2020-6823.json new file mode 100644 index 00000000000..c148f84a9f7 --- /dev/null +++ b/2020/6xxx/CVE-2020-6823.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6823", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6824.json b/2020/6xxx/CVE-2020-6824.json new file mode 100644 index 00000000000..de2605a18e9 --- /dev/null +++ b/2020/6xxx/CVE-2020-6824.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6824", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6825.json b/2020/6xxx/CVE-2020-6825.json new file mode 100644 index 00000000000..4eec3e6136a --- /dev/null +++ b/2020/6xxx/CVE-2020-6825.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6825", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6826.json b/2020/6xxx/CVE-2020-6826.json new file mode 100644 index 00000000000..8715e499bdd --- /dev/null +++ b/2020/6xxx/CVE-2020-6826.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6826", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6827.json b/2020/6xxx/CVE-2020-6827.json new file mode 100644 index 00000000000..7135cf41047 --- /dev/null +++ b/2020/6xxx/CVE-2020-6827.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6827", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6828.json b/2020/6xxx/CVE-2020-6828.json new file mode 100644 index 00000000000..d7b0004142e --- /dev/null +++ b/2020/6xxx/CVE-2020-6828.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6828", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6829.json b/2020/6xxx/CVE-2020-6829.json new file mode 100644 index 00000000000..c50b4158bac --- /dev/null +++ b/2020/6xxx/CVE-2020-6829.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6829", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6830.json b/2020/6xxx/CVE-2020-6830.json new file mode 100644 index 00000000000..6889b4b088e --- /dev/null +++ b/2020/6xxx/CVE-2020-6830.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6830", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6831.json b/2020/6xxx/CVE-2020-6831.json new file mode 100644 index 00000000000..ebcdc8c5d28 --- /dev/null +++ b/2020/6xxx/CVE-2020-6831.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-6831", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file