From 784ab1a4490bbf7589c057a7834509fcfbd3f662 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Mon, 15 Jun 2020 17:01:23 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2018/21xxx/CVE-2018-21245.json | 62 +++++++++++++++++++++++++++++++
 2018/21xxx/CVE-2018-21246.json | 67 ++++++++++++++++++++++++++++++++++
 2019/20xxx/CVE-2019-20838.json | 67 ++++++++++++++++++++++++++++++++++
 2020/13xxx/CVE-2020-13775.json |  2 +-
 2020/14xxx/CVE-2020-14033.json | 66 ++++++++++++++++++++++++++++++---
 2020/14xxx/CVE-2020-14034.json | 66 ++++++++++++++++++++++++++++++---
 2020/14xxx/CVE-2020-14147.json | 18 +++++++++
 2020/14xxx/CVE-2020-14148.json | 18 +++++++++
 2020/14xxx/CVE-2020-14149.json | 18 +++++++++
 2020/14xxx/CVE-2020-14150.json | 67 ++++++++++++++++++++++++++++++++++
 2020/14xxx/CVE-2020-14151.json | 67 ++++++++++++++++++++++++++++++++++
 2020/14xxx/CVE-2020-14152.json | 67 ++++++++++++++++++++++++++++++++++
 2020/14xxx/CVE-2020-14153.json | 67 ++++++++++++++++++++++++++++++++++
 2020/14xxx/CVE-2020-14154.json | 67 ++++++++++++++++++++++++++++++++++
 2020/14xxx/CVE-2020-14155.json | 67 ++++++++++++++++++++++++++++++++++
 15 files changed, 773 insertions(+), 13 deletions(-)
 create mode 100644 2018/21xxx/CVE-2018-21245.json
 create mode 100644 2018/21xxx/CVE-2018-21246.json
 create mode 100644 2019/20xxx/CVE-2019-20838.json
 create mode 100644 2020/14xxx/CVE-2020-14147.json
 create mode 100644 2020/14xxx/CVE-2020-14148.json
 create mode 100644 2020/14xxx/CVE-2020-14149.json
 create mode 100644 2020/14xxx/CVE-2020-14150.json
 create mode 100644 2020/14xxx/CVE-2020-14151.json
 create mode 100644 2020/14xxx/CVE-2020-14152.json
 create mode 100644 2020/14xxx/CVE-2020-14153.json
 create mode 100644 2020/14xxx/CVE-2020-14154.json
 create mode 100644 2020/14xxx/CVE-2020-14155.json

diff --git a/2018/21xxx/CVE-2018-21245.json b/2018/21xxx/CVE-2018-21245.json
new file mode 100644
index 00000000000..f160dc4ed57
--- /dev/null
+++ b/2018/21xxx/CVE-2018-21245.json
@@ -0,0 +1,62 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2018-21245",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://admin.hostpoint.ch/pipermail/pound_apsis.ch/2018-May/000054.html",
+                "refsource": "MISC",
+                "name": "https://admin.hostpoint.ch/pipermail/pound_apsis.ch/2018-May/000054.html"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2018/21xxx/CVE-2018-21246.json b/2018/21xxx/CVE-2018-21246.json
new file mode 100644
index 00000000000..d52f2b00755
--- /dev/null
+++ b/2018/21xxx/CVE-2018-21246.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2018-21246",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/caddyserver/caddy/releases/tag/v0.10.13",
+                "refsource": "MISC",
+                "name": "https://github.com/caddyserver/caddy/releases/tag/v0.10.13"
+            },
+            {
+                "url": "https://bugs.gentoo.org/715214",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/715214"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2019/20xxx/CVE-2019-20838.json b/2019/20xxx/CVE-2019-20838.json
new file mode 100644
index 00000000000..211aef13613
--- /dev/null
+++ b/2019/20xxx/CVE-2019-20838.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2019-20838",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.gentoo.org/717920",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/717920"
+            },
+            {
+                "url": "https://www.pcre.org/original/changelog.txt",
+                "refsource": "MISC",
+                "name": "https://www.pcre.org/original/changelog.txt"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/13xxx/CVE-2020-13775.json b/2020/13xxx/CVE-2020-13775.json
index 9ec9ae71251..ef5aa4da4f8 100644
--- a/2020/13xxx/CVE-2020-13775.json
+++ b/2020/13xxx/CVE-2020-13775.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "ZNC 1.8.0 up to 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network."
+                "value": "ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network."
             }
         ]
     },
diff --git a/2020/14xxx/CVE-2020-14033.json b/2020/14xxx/CVE-2020-14033.json
index fc4bf4fa502..574ec4d16da 100644
--- a/2020/14xxx/CVE-2020-14033.json
+++ b/2020/14xxx/CVE-2020-14033.json
@@ -1,17 +1,71 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-14033",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-14033",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117",
+                "refsource": "MISC",
+                "name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6117"
+            },
+            {
+                "url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166",
+                "refsource": "MISC",
+                "name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/plugins/janus_streaming.c#L6166"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/meetecho/janus-gateway/pull/2229",
+                "url": "https://github.com/meetecho/janus-gateway/pull/2229"
             }
         ]
     }
diff --git a/2020/14xxx/CVE-2020-14034.json b/2020/14xxx/CVE-2020-14034.json
index a43969e7ef5..91dee8f05a5 100644
--- a/2020/14xxx/CVE-2020-14034.json
+++ b/2020/14xxx/CVE-2020-14034.json
@@ -1,17 +1,71 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-14034",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-14034",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381",
+                "refsource": "MISC",
+                "name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L381"
+            },
+            {
+                "url": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401",
+                "refsource": "MISC",
+                "name": "https://github.com/meetecho/janus-gateway/blob/v0.10.0/utils.c#L401"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/meetecho/janus-gateway/pull/2229",
+                "url": "https://github.com/meetecho/janus-gateway/pull/2229"
             }
         ]
     }
diff --git a/2020/14xxx/CVE-2020-14147.json b/2020/14xxx/CVE-2020-14147.json
new file mode 100644
index 00000000000..3f1ebf30203
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14147.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-14147",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14148.json b/2020/14xxx/CVE-2020-14148.json
new file mode 100644
index 00000000000..4ff52ab8a0f
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14148.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-14148",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14149.json b/2020/14xxx/CVE-2020-14149.json
new file mode 100644
index 00000000000..1130a8c1141
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14149.json
@@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-14149",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14150.json b/2020/14xxx/CVE-2020-14150.json
new file mode 100644
index 00000000000..25beb336b1f
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14150.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14150",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash)."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html",
+                "refsource": "MISC",
+                "name": "https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html"
+            },
+            {
+                "url": "https://bugs.gentoo.org/717936",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/717936"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14151.json b/2020/14xxx/CVE-2020-14151.json
new file mode 100644
index 00000000000..b6573b538ab
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14151.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14151",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "In IJG JPEG (aka libjpeg) before 9d, read_*_pixel() in rdtarga.c in cjpeg mishandles EOF."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.gentoo.org/727908",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/727908"
+            },
+            {
+                "url": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz",
+                "refsource": "MISC",
+                "name": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14152.json b/2020/14xxx/CVE-2020-14152.json
new file mode 100644
index 00000000000..30147619980
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14152.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14152",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.gentoo.org/727908",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/727908"
+            },
+            {
+                "url": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz",
+                "refsource": "MISC",
+                "name": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14153.json b/2020/14xxx/CVE-2020-14153.json
new file mode 100644
index 00000000000..53253629ca3
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14153.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14153",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "In IJG JPEG (aka libjpeg) before 9d, jdhuff.c has an out-of-bounds array read for certain table pointers."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.gentoo.org/727908",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/727908"
+            },
+            {
+                "url": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz",
+                "refsource": "MISC",
+                "name": "http://www.ijg.org/files/jpegsrc.v9d.tar.gz"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14154.json b/2020/14xxx/CVE-2020-14154.json
new file mode 100644
index 00000000000..b2467e315fd
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14154.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14154",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "http://www.mutt.org",
+                "refsource": "MISC",
+                "name": "http://www.mutt.org"
+            },
+            {
+                "url": "http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html",
+                "refsource": "MISC",
+                "name": "http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html"
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/2020/14xxx/CVE-2020-14155.json b/2020/14xxx/CVE-2020-14155.json
new file mode 100644
index 00000000000..7024ad09d00
--- /dev/null
+++ b/2020/14xxx/CVE-2020-14155.json
@@ -0,0 +1,67 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-14155",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugs.gentoo.org/717920",
+                "refsource": "MISC",
+                "name": "https://bugs.gentoo.org/717920"
+            },
+            {
+                "url": "https://www.pcre.org/original/changelog.txt",
+                "refsource": "MISC",
+                "name": "https://www.pcre.org/original/changelog.txt"
+            }
+        ]
+    }
+}
\ No newline at end of file