diff --git a/2019/15xxx/CVE-2019-15126.json b/2019/15xxx/CVE-2019-15126.json index d208001d044..a1b32cad8d9 100644 --- a/2019/15xxx/CVE-2019-15126.json +++ b/2019/15xxx/CVE-2019-15126.json @@ -111,6 +111,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05" } ] } diff --git a/2020/11xxx/CVE-2020-11976.json b/2020/11xxx/CVE-2020-11976.json index 3d3c9085bbd..3bf57c92b97 100644 --- a/2020/11xxx/CVE-2020-11976.json +++ b/2020/11xxx/CVE-2020-11976.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11976", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache Wicket", + "version": { + "version_data": [ + { + "version_value": "Apache Wicket 7.16.0, 8.8.0, 9.0.0-M5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r104eeefeb1e9da51f7ef79cef0f9ff12e21ef8559b77801e86b21e16%40%3Cusers.wicket.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r104eeefeb1e9da51f7ef79cef0f9ff12e21ef8559b77801e86b21e16%40%3Cusers.wicket.apache.org%3E" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5" } ] } diff --git a/2020/13xxx/CVE-2020-13179.json b/2020/13xxx/CVE-2020-13179.json index 24d3162ae55..1216ef3335a 100644 --- a/2020/13xxx/CVE-2020-13179.json +++ b/2020/13xxx/CVE-2020-13179.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13179", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@teradici.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "- PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows", + "version": { + "version_data": [ + { + "version_value": "PCoIP Standard Agent for Windows 20.04 and earlier, PCoIP Graphics Agent for Windows 20.04 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposure of Sensitive Information (CWE-200)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://advisory.teradici.com/security-advisories/60/", + "url": "https://advisory.teradici.com/security-advisories/60/" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure." } ] } diff --git a/2020/17xxx/CVE-2020-17482.json b/2020/17xxx/CVE-2020-17482.json new file mode 100644 index 00000000000..b74d1516aa6 --- /dev/null +++ b/2020/17xxx/CVE-2020-17482.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17482", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8597.json b/2020/8xxx/CVE-2020-8597.json index 79e5c6a8376..839d53ceb7a 100644 --- a/2020/8xxx/CVE-2020-8597.json +++ b/2020/8xxx/CVE-2020-8597.json @@ -156,6 +156,11 @@ "refsource": "MISC", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04" } ] } diff --git a/2020/8xxx/CVE-2020-8918.json b/2020/8xxx/CVE-2020-8918.json index f4808a68cbf..d229d817eb6 100644 --- a/2020/8xxx/CVE-2020-8918.json +++ b/2020/8xxx/CVE-2020-8918.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "cve-coordination@google.com", + "ASSIGNER": "security@google.com", "ID": "CVE-2020-8918", "STATE": "PUBLIC", "TITLE": "TPM 1.2 key authorization values are vulnerable to a TPM transport eavesdropper" @@ -90,5 +90,4 @@ "source": { "discovery": "INTERNAL" } -} - +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9244.json b/2020/9xxx/CVE-2020-9244.json index f59e14e86c0..0b2af5900fb 100644 --- a/2020/9xxx/CVE-2020-9244.json +++ b/2020/9xxx/CVE-2020-9244.json @@ -4,14 +4,88 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-9244", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HUAWEI Mate 20;HUAWEI Mate 20 Pro;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;HUAWEI Mate 20 RS;HonorMagic2;Honor20;Honor20 PRO;HonorMagic2;HonorV20", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R3P8)" + }, + { + "version_value": "Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P8)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C786E160R3P8)" + }, + { + "version_value": "Versions earlier than 10.0.0.187(C00E61R2P11)" + }, + { + "version_value": "Versions earlier than 10.0.0.175(C00E58R4P11)" + }, + { + "version_value": "Versions earlier than 10.0.0.194(C00E62R8P12)" + }, + { + "version_value": "Versions earlier than 10.0.0.187(C00E61R2P11)" + }, + { + "version_value": "Versions earlier than 10.0.0.188(C00E62R2P11)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-02-smartphone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged" } ] } diff --git a/2020/9xxx/CVE-2020-9403.json b/2020/9xxx/CVE-2020-9403.json index 6ee92e4600d..76dc483308a 100644 --- a/2020/9xxx/CVE-2020-9403.json +++ b/2020/9xxx/CVE-2020-9403.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9403", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9403", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf", + "url": "https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf" } ] } diff --git a/2020/9xxx/CVE-2020-9404.json b/2020/9xxx/CVE-2020-9404.json index 2cbfa6a2a99..cf73175dd0a 100644 --- a/2020/9xxx/CVE-2020-9404.json +++ b/2020/9xxx/CVE-2020-9404.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-9404", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-9404", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf", + "url": "https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf" } ] }