diff --git a/2018/1xxx/CVE-2018-1285.json b/2018/1xxx/CVE-2018-1285.json index c136cc032ee..8a4fbdb662b 100644 --- a/2018/1xxx/CVE-2018-1285.json +++ b/2018/1xxx/CVE-2018-1285.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-1285", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-1285", + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache log4net", + "version": { + "version_data": [ + { + "version_value": "Apache log4net up to 2.0.8" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XXE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/reab1c277c95310bad1038255e0757857b2fbe291411b4fa84552028a%40%3Cdev.logging.apache.org%3E", + "url": "https://lists.apache.org/thread.html/reab1c277c95310bad1038255e0757857b2fbe291411b4fa84552028a%40%3Cdev.logging.apache.org%3E" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Apache log4net before 2.0.8 does not disable XML external entities when parsing log4net configuration files. This could allow for XXE-based attacks in applications that accept arbitrary configuration files from users." } ] } diff --git a/2019/16xxx/CVE-2019-16203.json b/2019/16xxx/CVE-2019-16203.json index 2f1565c5401..4e85d4b2112 100644 --- a/2019/16xxx/CVE-2019-16203.json +++ b/2019/16xxx/CVE-2019-16203.json @@ -48,6 +48,11 @@ "refsource": "CONFIRM", "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-906", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-906" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200511-0008/", + "url": "https://security.netapp.com/advisory/ntap-20200511-0008/" } ] }, diff --git a/2019/16xxx/CVE-2019-16204.json b/2019/16xxx/CVE-2019-16204.json index 55bc5b68326..c69692abc0d 100644 --- a/2019/16xxx/CVE-2019-16204.json +++ b/2019/16xxx/CVE-2019-16204.json @@ -54,6 +54,11 @@ "refsource": "CONFIRM", "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-905", "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-905" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200511-0007/", + "url": "https://security.netapp.com/advisory/ntap-20200511-0007/" } ] }, diff --git a/2019/20xxx/CVE-2019-20794.json b/2019/20xxx/CVE-2019-20794.json index 2d9f3f4555b..74507608c4d 100644 --- a/2019/20xxx/CVE-2019-20794.json +++ b/2019/20xxx/CVE-2019-20794.json @@ -53,14 +53,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://github.com/sargun/fuse-example", - "url": "https://github.com/sargun/fuse-example" + "url": "https://github.com/sargun/fuse-example", + "refsource": "MISC", + "name": "https://github.com/sargun/fuse-example" }, { - "refsource": "CONFIRM", - "name": "https://sourceforge.net/p/fuse/mailman/message/36598753/", - "url": "https://sourceforge.net/p/fuse/mailman/message/36598753/" + "url": "https://sourceforge.net/p/fuse/mailman/message/36598753/", + "refsource": "MISC", + "name": "https://sourceforge.net/p/fuse/mailman/message/36598753/" } ] } diff --git a/2020/11xxx/CVE-2020-11108.json b/2020/11xxx/CVE-2020-11108.json index 2144ddc09ea..75504522876 100644 --- a/2020/11xxx/CVE-2020-11108.json +++ b/2020/11xxx/CVE-2020-11108.json @@ -61,6 +61,16 @@ "refsource": "MISC", "name": "https://github.com/Frichetten/CVE-2020-11108-PoC", "url": "https://github.com/Frichetten/CVE-2020-11108-PoC" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157623/Pi-hole-4.4-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/157623/Pi-hole-4.4-Remote-Code-Execution.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157624/Pi-hole-4.4-Remote-Code-Execution-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/157624/Pi-hole-4.4-Remote-Code-Execution-Privilege-Escalation.html" } ] } diff --git a/2020/12xxx/CVE-2020-12764.json b/2020/12xxx/CVE-2020-12764.json index c7bfc59400d..d3b34a332bd 100644 --- a/2020/12xxx/CVE-2020-12764.json +++ b/2020/12xxx/CVE-2020-12764.json @@ -53,9 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://github.com/BrunoBulle/GNUTeca3.8/blob/master/README.md", - "url": "https://github.com/BrunoBulle/GNUTeca3.8/blob/master/README.md" + "url": "https://github.com/BrunoBulle/GNUTeca3.8/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/BrunoBulle/GNUTeca3.8/blob/master/README.md" } ] } diff --git a/2020/12xxx/CVE-2020-12765.json b/2020/12xxx/CVE-2020-12765.json index 0cb01266336..33dd7aa87b7 100644 --- a/2020/12xxx/CVE-2020-12765.json +++ b/2020/12xxx/CVE-2020-12765.json @@ -53,9 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://github.com/BrunoBulle/Miolo_2.0/blob/master/README.md", - "url": "https://github.com/BrunoBulle/Miolo_2.0/blob/master/README.md" + "url": "https://github.com/BrunoBulle/Miolo_2.0/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/BrunoBulle/Miolo_2.0/blob/master/README.md" } ] } diff --git a/2020/12xxx/CVE-2020-12766.json b/2020/12xxx/CVE-2020-12766.json index e87daaca8e5..992af150ba4 100644 --- a/2020/12xxx/CVE-2020-12766.json +++ b/2020/12xxx/CVE-2020-12766.json @@ -53,9 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://github.com/BrunoBulle/GNUTeca_3.8-SQL_Inj/blob/master/README.md", - "url": "https://github.com/BrunoBulle/GNUTeca_3.8-SQL_Inj/blob/master/README.md" + "url": "https://github.com/BrunoBulle/GNUTeca_3.8-SQL_Inj/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/BrunoBulle/GNUTeca_3.8-SQL_Inj/blob/master/README.md" } ] } diff --git a/2020/12xxx/CVE-2020-12786.json b/2020/12xxx/CVE-2020-12786.json new file mode 100644 index 00000000000..6fe5cc3fccf --- /dev/null +++ b/2020/12xxx/CVE-2020-12786.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-12786", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file