From 5e33b12aae0a6a9d31712e6c388fd3406128879a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 28 Jan 2020 18:01:23 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/19xxx/CVE-2019-19740.json | 5 +++ 2020/1xxx/CVE-2020-1940.json | 5 +++ 2020/5xxx/CVE-2020-5209.json | 14 ++++---- 2020/5xxx/CVE-2020-5210.json | 4 +-- 2020/6xxx/CVE-2020-6851.json | 2 +- 2020/7xxx/CVE-2020-7991.json | 5 +++ 2020/8xxx/CVE-2020-8112.json | 62 ++++++++++++++++++++++++++++++++++ 2020/8xxx/CVE-2020-8113.json | 18 ++++++++++ 2020/8xxx/CVE-2020-8114.json | 18 ++++++++++ 9 files changed, 123 insertions(+), 10 deletions(-) create mode 100644 2020/8xxx/CVE-2020-8112.json create mode 100644 2020/8xxx/CVE-2020-8113.json create mode 100644 2020/8xxx/CVE-2020-8114.json diff --git a/2019/19xxx/CVE-2019-19740.json b/2019/19xxx/CVE-2019-19740.json index a43bcc4d916..4a32f0fc295 100644 --- a/2019/19xxx/CVE-2019-19740.json +++ b/2019/19xxx/CVE-2019-19740.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/BrunoBulle/Oempro_4.7/blob/master/README.md", "url": "https://github.com/BrunoBulle/Oempro_4.7/blob/master/README.md" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156113/Octeth-Oempro-4.8-SQL-Injection.html", + "url": "http://packetstormsecurity.com/files/156113/Octeth-Oempro-4.8-SQL-Injection.html" } ] } diff --git a/2020/1xxx/CVE-2020-1940.json b/2020/1xxx/CVE-2020-1940.json index a4f7f3b6010..f813523b8b4 100644 --- a/2020/1xxx/CVE-2020-1940.json +++ b/2020/1xxx/CVE-2020-1940.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://lists.apache.org/thread.html/rccc0ed467faa35734ea16b8f5de5603e708936c41a4eddd90fddeaf0%40%3Cusers.jackrabbit.apache.org%3E", "url": "https://lists.apache.org/thread.html/rccc0ed467faa35734ea16b8f5de5603e708936c41a4eddd90fddeaf0%40%3Cusers.jackrabbit.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[jackrabbit-announce] 20200128 CVE-2020-1940: Apache Jackrabbit Oak sensitive information disclosure vulnerability", + "url": "https://lists.apache.org/thread.html/rccc0ed467faa35734ea16b8f5de5603e708936c41a4eddd90fddeaf0@%3Cannounce.jackrabbit.apache.org%3E" } ] }, diff --git a/2020/5xxx/CVE-2020-5209.json b/2020/5xxx/CVE-2020-5209.json index 22b695a181f..9630528c223 100644 --- a/2020/5xxx/CVE-2020-5209.json +++ b/2020/5xxx/CVE-2020-5209.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options.\n\nUsers should upgrade to NetHack 3.6.5." + "value": "In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5." } ] }, @@ -69,15 +69,15 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8", - "refsource": "CONFIRM", - "url": "https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8" - }, { "name": "https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77", "refsource": "MISC", "url": "https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77" + }, + { + "name": "https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8", + "refsource": "CONFIRM", + "url": "https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8" } ] }, @@ -85,4 +85,4 @@ "advisory": "GHSA-fw72-r8xm-45p8", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5210.json b/2020/5xxx/CVE-2020-5210.json index 9d9c87dbe09..f3d97bce94c 100644 --- a/2020/5xxx/CVE-2020-5210.json +++ b/2020/5xxx/CVE-2020-5210.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation.\n\nThis vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options.\n\nUsers should upgrade to NetHack 3.6.5." + "value": "In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5." } ] }, @@ -85,4 +85,4 @@ "advisory": "GHSA-v5pg-hpjg-9rpp", "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6851.json b/2020/6xxx/CVE-2020-6851.json index fcc3e5dae65..8c06ab8fcac 100644 --- a/2020/6xxx/CVE-2020-6851.json +++ b/2020/6xxx/CVE-2020-6851.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so." + "value": "OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation." } ] }, diff --git a/2020/7xxx/CVE-2020-7991.json b/2020/7xxx/CVE-2020-7991.json index b0475d4b0f1..ad0501e84b3 100644 --- a/2020/7xxx/CVE-2020-7991.json +++ b/2020/7xxx/CVE-2020-7991.json @@ -61,6 +61,11 @@ "url": "https://github.com/ferdinandmartin/adive-php7/blob/master/README.md", "refsource": "MISC", "name": "https://github.com/ferdinandmartin/adive-php7/blob/master/README.md" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/156106/Adive-Framework-2.0.8-Cross-Site-Request-Forgery.html", + "url": "http://packetstormsecurity.com/files/156106/Adive-Framework-2.0.8-Cross-Site-Request-Forgery.html" } ] } diff --git a/2020/8xxx/CVE-2020-8112.json b/2020/8xxx/CVE-2020-8112.json new file mode 100644 index 00000000000..4f9ed37e1ab --- /dev/null +++ b/2020/8xxx/CVE-2020-8112.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-8112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/uclouvain/openjpeg/issues/1231", + "refsource": "MISC", + "name": "https://github.com/uclouvain/openjpeg/issues/1231" + } + ] + } +} \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8113.json b/2020/8xxx/CVE-2020-8113.json new file mode 100644 index 00000000000..7cac61ace6f --- /dev/null +++ b/2020/8xxx/CVE-2020-8113.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-8113", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8114.json b/2020/8xxx/CVE-2020-8114.json new file mode 100644 index 00000000000..ecd3e6e2ff7 --- /dev/null +++ b/2020/8xxx/CVE-2020-8114.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-8114", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file