From 644d0c468cc7265beafaf03d75cb401c34ce1490 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 27 Jul 2020 18:01:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/12xxx/CVE-2019-12380.json | 5 +++++ 2019/17xxx/CVE-2019-17514.json | 5 +++++ 2019/19xxx/CVE-2019-19947.json | 5 +++++ 2019/20xxx/CVE-2019-20810.json | 5 +++++ 2019/20xxx/CVE-2019-20907.json | 5 +++++ 2019/20xxx/CVE-2019-20908.json | 5 +++++ 2019/9xxx/CVE-2019-9674.json | 5 +++++ 2020/10xxx/CVE-2020-10177.json | 5 +++++ 2020/10xxx/CVE-2020-10378.json | 5 +++++ 2020/10xxx/CVE-2020-10732.json | 5 +++++ 2020/10xxx/CVE-2020-10994.json | 5 +++++ 2020/11xxx/CVE-2020-11538.json | 5 +++++ 2020/13xxx/CVE-2020-13974.json | 5 +++++ 2020/14xxx/CVE-2020-14039.json | 5 +++++ 2020/14xxx/CVE-2020-14422.json | 5 +++++ 2020/15xxx/CVE-2020-15103.json | 2 +- 2020/15xxx/CVE-2020-15120.json | 2 +- 2020/15xxx/CVE-2020-15586.json | 5 +++++ 18 files changed, 82 insertions(+), 2 deletions(-) diff --git a/2019/12xxx/CVE-2019-12380.json b/2019/12xxx/CVE-2019-12380.json index c6276593d11..64f506d6c5f 100644 --- a/2019/12xxx/CVE-2019-12380.json +++ b/2019/12xxx/CVE-2019-12380.json @@ -91,6 +91,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20190710-0002/", "url": "https://security.netapp.com/advisory/ntap-20190710-0002/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] } diff --git a/2019/17xxx/CVE-2019-17514.json b/2019/17xxx/CVE-2019-17514.json index 2c6f8ce0f33..74d167ae7fe 100644 --- a/2019/17xxx/CVE-2019-17514.json +++ b/2019/17xxx/CVE-2019-17514.json @@ -116,6 +116,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20191107-0005/", "url": "https://security.netapp.com/advisory/ntap-20191107-0005/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4428-1", + "url": "https://usn.ubuntu.com/4428-1/" } ] } diff --git a/2019/19xxx/CVE-2019-19947.json b/2019/19xxx/CVE-2019-19947.json index 7bc6441ade4..f2858a97ab9 100644 --- a/2019/19xxx/CVE-2019-19947.json +++ b/2019/19xxx/CVE-2019-19947.json @@ -86,6 +86,11 @@ "refsource": "UBUNTU", "name": "USN-4284-1", "url": "https://usn.ubuntu.com/4284-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] } diff --git a/2019/20xxx/CVE-2019-20810.json b/2019/20xxx/CVE-2019-20810.json index 4279d83cd20..54b038dc107 100644 --- a/2019/20xxx/CVE-2019-20810.json +++ b/2019/20xxx/CVE-2019-20810.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0935", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] } diff --git a/2019/20xxx/CVE-2019-20907.json b/2019/20xxx/CVE-2019-20907.json index 47bb88d0a97..9fb0401ab86 100644 --- a/2019/20xxx/CVE-2019-20907.json +++ b/2019/20xxx/CVE-2019-20907.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-e9251de272", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CAXHCY4V3LPAAJOBCJ26ISZ4NUXQXTUZ/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4428-1", + "url": "https://usn.ubuntu.com/4428-1/" } ] } diff --git a/2019/20xxx/CVE-2019-20908.json b/2019/20xxx/CVE-2019-20908.json index 9a32c779dae..404e2e8abe5 100644 --- a/2019/20xxx/CVE-2019-20908.json +++ b/2019/20xxx/CVE-2019-20908.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[oss-security] 20200720 Re: Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules", "url": "http://www.openwall.com/lists/oss-security/2020/07/20/6" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] } diff --git a/2019/9xxx/CVE-2019-9674.json b/2019/9xxx/CVE-2019-9674.json index 9fb196979a6..0deaa56ba4a 100644 --- a/2019/9xxx/CVE-2019-9674.json +++ b/2019/9xxx/CVE-2019-9674.json @@ -91,6 +91,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0696", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4428-1", + "url": "https://usn.ubuntu.com/4428-1/" } ] } diff --git a/2020/10xxx/CVE-2020-10177.json b/2020/10xxx/CVE-2020-10177.json index bf054470e25..a2f51172422 100644 --- a/2020/10xxx/CVE-2020-10177.json +++ b/2020/10xxx/CVE-2020-10177.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-d0737711b6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4430-1", + "url": "https://usn.ubuntu.com/4430-1/" } ] } diff --git a/2020/10xxx/CVE-2020-10378.json b/2020/10xxx/CVE-2020-10378.json index f160c9b6eb1..d68bc3b20f9 100644 --- a/2020/10xxx/CVE-2020-10378.json +++ b/2020/10xxx/CVE-2020-10378.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-d0737711b6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4430-1", + "url": "https://usn.ubuntu.com/4430-1/" } ] } diff --git a/2020/10xxx/CVE-2020-10732.json b/2020/10xxx/CVE-2020-10732.json index 89d2cb71833..9eeddf23590 100644 --- a/2020/10xxx/CVE-2020-10732.json +++ b/2020/10xxx/CVE-2020-10732.json @@ -88,6 +88,11 @@ "refsource": "UBUNTU", "name": "USN-4411-1", "url": "https://usn.ubuntu.com/4411-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] }, diff --git a/2020/10xxx/CVE-2020-10994.json b/2020/10xxx/CVE-2020-10994.json index b85b3cbd7d4..1504c38a210 100644 --- a/2020/10xxx/CVE-2020-10994.json +++ b/2020/10xxx/CVE-2020-10994.json @@ -86,6 +86,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-d0737711b6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4430-1", + "url": "https://usn.ubuntu.com/4430-1/" } ] } diff --git a/2020/11xxx/CVE-2020-11538.json b/2020/11xxx/CVE-2020-11538.json index 8681b61a96f..fea710ca6f5 100644 --- a/2020/11xxx/CVE-2020-11538.json +++ b/2020/11xxx/CVE-2020-11538.json @@ -81,6 +81,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-d0737711b6", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEBCPE4F2VHTIT6EZA2YZQZLPVDEBJGD/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4430-1", + "url": "https://usn.ubuntu.com/4430-1/" } ] } diff --git a/2020/13xxx/CVE-2020-13974.json b/2020/13xxx/CVE-2020-13974.json index 86719dbbd13..ce4cca0a412 100644 --- a/2020/13xxx/CVE-2020-13974.json +++ b/2020/13xxx/CVE-2020-13974.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:0935", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4427-1", + "url": "https://usn.ubuntu.com/4427-1/" } ] } diff --git a/2020/14xxx/CVE-2020-14039.json b/2020/14xxx/CVE-2020-14039.json index 04c71fb47ca..914fd9de93e 100644 --- a/2020/14xxx/CVE-2020-14039.json +++ b/2020/14xxx/CVE-2020-14039.json @@ -66,6 +66,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1087", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1095", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html" } ] } diff --git a/2020/14xxx/CVE-2020-14422.json b/2020/14xxx/CVE-2020-14422.json index 8e20abed65d..c7a3349200f 100644 --- a/2020/14xxx/CVE-2020-14422.json +++ b/2020/14xxx/CVE-2020-14422.json @@ -106,6 +106,11 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200724-0004/", "url": "https://security.netapp.com/advisory/ntap-20200724-0004/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4428-1", + "url": "https://usn.ubuntu.com/4428-1/" } ] } diff --git a/2020/15xxx/CVE-2020-15103.json b/2020/15xxx/CVE-2020-15103.json index 872ce45024d..e4df3494ee0 100644 --- a/2020/15xxx/CVE-2020-15103.json +++ b/2020/15xxx/CVE-2020-15103.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`)\n\nThis has been fixed in 2.2.0.\n\nAs a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto " + "value": "In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto" } ] }, diff --git a/2020/15xxx/CVE-2020-15120.json b/2020/15xxx/CVE-2020-15120.json index 071a342e6f3..7f2041c6581 100644 --- a/2020/15xxx/CVE-2020-15120.json +++ b/2020/15xxx/CVE-2020-15120.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "An authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's private code.\n\nWith the default configuration, anybody is allowed to create a new project. An attacker can create a new project and then use it to become authenticated and exploit this flaw. As such, the exposure is similar to an unauthenticated attack, because it is trivial to become authenticated." + "value": "An authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's private code. With the default configuration, anybody is allowed to create a new project. An attacker can create a new project and then use it to become authenticated and exploit this flaw. As such, the exposure is similar to an unauthenticated attack, because it is trivial to become authenticated." } ] }, diff --git a/2020/15xxx/CVE-2020-15586.json b/2020/15xxx/CVE-2020-15586.json index 6bf4f7f794c..c9f0f5c34aa 100644 --- a/2020/15xxx/CVE-2020-15586.json +++ b/2020/15xxx/CVE-2020-15586.json @@ -71,6 +71,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1087", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1095", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html" } ] }