From 825c5ee7dcd8d709c331032ed3fb6e68c798bcaa Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 24 Sep 2020 15:01:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/0xxx/CVE-2020-0435.json | 50 ++------------------------ 2020/12xxx/CVE-2020-12280.json | 61 +++++++++++++++++++++++++++---- 2020/12xxx/CVE-2020-12816.json | 50 ++++++++++++++++++++++++-- 2020/12xxx/CVE-2020-12817.json | 50 ++++++++++++++++++++++++-- 2020/12xxx/CVE-2020-12818.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13499.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13500.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13501.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13502.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13503.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13504.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13505.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13507.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13508.json | 50 ++++++++++++++++++++++++-- 2020/13xxx/CVE-2020-13521.json | 50 ++++++++++++++++++++++++-- 2020/15xxx/CVE-2020-15840.json | 66 ++++++++++++++++++++++++++++++---- 2020/15xxx/CVE-2020-15959.json | 5 +++ 2020/1xxx/CVE-2020-1472.json | 5 +++ 2020/24xxx/CVE-2020-24365.json | 56 +++++++++++++++++++++++++---- 2020/26xxx/CVE-2020-26088.json | 61 +++++++++++++++++++++++++++---- 2020/5xxx/CVE-2020-5540.json | 10 ++++++ 2020/5xxx/CVE-2020-5541.json | 10 ++++++ 2020/6xxx/CVE-2020-6153.json | 50 ++++++++++++++++++++++++-- 2020/6xxx/CVE-2020-6558.json | 5 +++ 2020/6xxx/CVE-2020-6559.json | 5 +++ 2020/6xxx/CVE-2020-6560.json | 5 +++ 2020/6xxx/CVE-2020-6561.json | 5 +++ 2020/6xxx/CVE-2020-6562.json | 5 +++ 2020/6xxx/CVE-2020-6563.json | 5 +++ 2020/6xxx/CVE-2020-6564.json | 5 +++ 2020/6xxx/CVE-2020-6565.json | 5 +++ 2020/6xxx/CVE-2020-6566.json | 5 +++ 2020/6xxx/CVE-2020-6567.json | 5 +++ 2020/6xxx/CVE-2020-6568.json | 5 +++ 2020/6xxx/CVE-2020-6569.json | 5 +++ 2020/6xxx/CVE-2020-6570.json | 5 +++ 2020/6xxx/CVE-2020-6571.json | 5 +++ 2020/6xxx/CVE-2020-6573.json | 5 +++ 2020/6xxx/CVE-2020-6574.json | 5 +++ 2020/6xxx/CVE-2020-6575.json | 5 +++ 2020/6xxx/CVE-2020-6576.json | 5 +++ 41 files changed, 1001 insertions(+), 113 deletions(-) diff --git a/2020/0xxx/CVE-2020-0435.json b/2020/0xxx/CVE-2020-0435.json index 008952ca8d3..2e8c519b94b 100644 --- a/2020/0xxx/CVE-2020-0435.json +++ b/2020/0xxx/CVE-2020-0435.json @@ -4,58 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-0435", - "ASSIGNER": "security@android.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "Android", - "version": { - "version_data": [ - { - "version_value": "Android kernel" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of privilege" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://source.android.com/security/bulletin/pixel/2020-09-01", - "url": "https://source.android.com/security/bulletin/pixel/2020-09-01" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "In inline_data_addr of f2fs.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133762747" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-14615. Reason: This candidate is a duplicate of CVE-2018-14615. Notes: All CVE users should reference CVE-2018-14615 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2020/12xxx/CVE-2020-12280.json b/2020/12xxx/CVE-2020-12280.json index d2bbdb83b43..3bda2ab68f1 100644 --- a/2020/12xxx/CVE-2020-12280.json +++ b/2020/12xxx/CVE-2020-12280.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-12280", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-12280", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://ismartgate.com/secure-garage-door/", + "refsource": "MISC", + "name": "https://ismartgate.com/secure-garage-door/" + }, + { + "refsource": "MISC", + "name": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf", + "url": "https://kth.diva-portal.org/smash/get/diva2:1464458/FULLTEXT01.pdf" } ] } diff --git a/2020/12xxx/CVE-2020-12816.json b/2020/12xxx/CVE-2020-12816.json index 518140e49fd..78c882271ad 100644 --- a/2020/12xxx/CVE-2020-12816.json +++ b/2020/12xxx/CVE-2020-12816.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12816", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiNAC", + "version": { + "version_data": [ + { + "version_value": "FortiNAC before 8.7.2" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execute unauthorized code or commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-002", + "url": "https://fortiguard.com/advisory/FG-IR-20-002" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users." } ] } diff --git a/2020/12xxx/CVE-2020-12817.json b/2020/12xxx/CVE-2020-12817.json index 5b2a4d74040..dbcea45525f 100644 --- a/2020/12xxx/CVE-2020-12817.json +++ b/2020/12xxx/CVE-2020-12817.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12817", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiAnalyzer", + "version": { + "version_data": [ + { + "version_value": "FortiAnalyzer before 6.4.1; before 6.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execute unauthorized code or commands" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-054", + "url": "https://fortiguard.com/advisory/FG-IR-20-054" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors." } ] } diff --git a/2020/12xxx/CVE-2020-12818.json b/2020/12xxx/CVE-2020-12818.json index bca7b4c1352..9cf55a57681 100644 --- a/2020/12xxx/CVE-2020-12818.json +++ b/2020/12xxx/CVE-2020-12818.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12818", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Fortinet", + "product": { + "product_data": [ + { + "product_name": "Fortinet FortiOS", + "version": { + "version_data": [ + { + "version_value": "FortiOS before 6.4.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://fortiguard.com/advisory/FG-IR-20-033", + "url": "https://fortiguard.com/advisory/FG-IR-20-033" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed." } ] } diff --git a/2020/13xxx/CVE-2020-13499.json b/2020/13xxx/CVE-2020-13499.json index 31c3c8101c3..ed1e6fcedf7 100644 --- a/2020/13xxx/CVE-2020-13499.json +++ b/2020/13xxx/CVE-2020-13499.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] } diff --git a/2020/13xxx/CVE-2020-13500.json b/2020/13xxx/CVE-2020-13500.json index b5d6e32b3e2..73888d35706 100644 --- a/2020/13xxx/CVE-2020-13500.json +++ b/2020/13xxx/CVE-2020-13500.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13500", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] } diff --git a/2020/13xxx/CVE-2020-13501.json b/2020/13xxx/CVE-2020-13501.json index aa2906078b9..8a24f1f45e8 100644 --- a/2020/13xxx/CVE-2020-13501.json +++ b/2020/13xxx/CVE-2020-13501.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13501", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1106" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] } diff --git a/2020/13xxx/CVE-2020-13502.json b/2020/13xxx/CVE-2020-13502.json index 6d1d7ebe7c8..2eb628a2762 100644 --- a/2020/13xxx/CVE-2020-13502.json +++ b/2020/13xxx/CVE-2020-13502.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13502", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1107", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1107" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable SQL injection vulnerability exists in the DNAPoints.asmx web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. A specially crafted SOAP web request can cause an SQL injection resulting in data compromise. An attacker can send an unauthenticated HTTP request to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13503.json b/2020/13xxx/CVE-2020-13503.json index 2a281fc52b6..32bea0bf3f2 100644 --- a/2020/13xxx/CVE-2020-13503.json +++ b/2020/13xxx/CVE-2020-13503.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13503", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Parameter AttFilterName in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13504.json b/2020/13xxx/CVE-2020-13504.json index b42af429fd4..32ff8f26958 100644 --- a/2020/13xxx/CVE-2020-13504.json +++ b/2020/13xxx/CVE-2020-13504.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13504", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13505.json b/2020/13xxx/CVE-2020-13505.json index d343b2f684e..6c35df2cc48 100644 --- a/2020/13xxx/CVE-2020-13505.json +++ b/2020/13xxx/CVE-2020-13505.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13505", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13507.json b/2020/13xxx/CVE-2020-13507.json index e9b8787e5ae..9e094f2aeee 100644 --- a/2020/13xxx/CVE-2020-13507.json +++ b/2020/13xxx/CVE-2020-13507.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13507", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1109", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1109" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL injection vulnerability exists in the Alias.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Parameter OrigID in Alias.asmx is vulnerable to unauthenticated SQL injection attacks An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13508.json b/2020/13xxx/CVE-2020-13508.json index 4566896ed06..d0c962a0c62 100644 --- a/2020/13xxx/CVE-2020-13508.json +++ b/2020/13xxx/CVE-2020-13508.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13508", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1109", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1109" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL injection vulnerability exists in the Alias.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Parameter AliasName in Alias.asmx is vulnerable to unauthenticated SQL injection attacks. An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/13xxx/CVE-2020-13521.json b/2020/13xxx/CVE-2020-13521.json index 1c00029f165..55382b33a22 100644 --- a/2020/13xxx/CVE-2020-13521.json +++ b/2020/13xxx/CVE-2020-13521.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-13521", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1108" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Parameter psAttribute in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability." } ] } diff --git a/2020/15xxx/CVE-2020-15840.json b/2020/15xxx/CVE-2020-15840.json index 5817788d1c1..550235b8412 100644 --- a/2020/15xxx/CVE-2020-15840.json +++ b/2020/15xxx/CVE-2020-15840.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15840", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15840", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities", + "refsource": "MISC", + "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities" + }, + { + "refsource": "CONFIRM", + "name": "https://issues.liferay.com/browse/LPE-17046", + "url": "https://issues.liferay.com/browse/LPE-17046" + }, + { + "refsource": "CONFIRM", + "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119772204", + "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/119772204" } ] } diff --git a/2020/15xxx/CVE-2020-15959.json b/2020/15xxx/CVE-2020-15959.json index 696df6d0f27..9ef9645a5fb 100644 --- a/2020/15xxx/CVE-2020-15959.json +++ b/2020/15xxx/CVE-2020-15959.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1472.json b/2020/1xxx/CVE-2020-1472.json index 9b80f53020c..f5270a4f228 100644 --- a/2020/1xxx/CVE-2020-1472.json +++ b/2020/1xxx/CVE-2020-1472.json @@ -211,6 +211,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-0be2776ed3", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1513", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html" } ] } diff --git a/2020/24xxx/CVE-2020-24365.json b/2020/24xxx/CVE-2020-24365.json index 40d939e764f..6ec872fad21 100644 --- a/2020/24xxx/CVE-2020-24365.json +++ b/2020/24xxx/CVE-2020-24365.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24365", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24365", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://pastebin.com/QTev1TjM", + "url": "https://pastebin.com/QTev1TjM" } ] } diff --git a/2020/26xxx/CVE-2020-26088.json b/2020/26xxx/CVE-2020-26088.json index ed4c43fc2c0..7d7558c0bdb 100644 --- a/2020/26xxx/CVE-2020-26088.json +++ b/2020/26xxx/CVE-2020-26088.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-26088", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-26088", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/torvalds/linux/commit/26896f01467a28651f7a536143fe5ac8449d4041", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/26896f01467a28651f7a536143fe5ac8449d4041" + }, + { + "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2", + "refsource": "MISC", + "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.2" } ] } diff --git a/2020/5xxx/CVE-2020-5540.json b/2020/5xxx/CVE-2020-5540.json index 321c068f697..287ecaed468 100644 --- a/2020/5xxx/CVE-2020-5540.json +++ b/2020/5xxx/CVE-2020-5540.json @@ -44,6 +44,11 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed", + "url": "https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed" + }, { "url": "https://sup.cybersolutions.co.jp/otrs/customer.pl?Action=CustomerFAQZoom;ItemID=985", "refsource": "MISC", @@ -53,6 +58,11 @@ "url": "https://jvn.jp/en/jp/JVN46258789/", "refsource": "MISC", "name": "https://jvn.jp/en/jp/JVN46258789/" + }, + { + "refsource": "MISC", + "name": "https://www.chtsecurity.com/news/fff688e5-8ba2-4da2-be65-732fc6c9ce9d", + "url": "https://www.chtsecurity.com/news/fff688e5-8ba2-4da2-be65-732fc6c9ce9d" } ] }, diff --git a/2020/5xxx/CVE-2020-5541.json b/2020/5xxx/CVE-2020-5541.json index 1623fb74ccb..db08b726629 100644 --- a/2020/5xxx/CVE-2020-5541.json +++ b/2020/5xxx/CVE-2020-5541.json @@ -53,6 +53,16 @@ "url": "https://jvn.jp/en/jp/JVN46258789/", "refsource": "MISC", "name": "https://jvn.jp/en/jp/JVN46258789/" + }, + { + "refsource": "MISC", + "name": "https://www.chtsecurity.com/news/cf5742f8-a676-43c2-a8b9-bff17f452823", + "url": "https://www.chtsecurity.com/news/cf5742f8-a676-43c2-a8b9-bff17f452823" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/tonykuo76/ffdaa7bfabf2205dc5bac010eee38509", + "url": "https://gist.github.com/tonykuo76/ffdaa7bfabf2205dc5bac010eee38509" } ] }, diff --git a/2020/6xxx/CVE-2020-6153.json b/2020/6xxx/CVE-2020-6153.json index 5d889d6fb09..a3092b8894d 100644 --- a/2020/6xxx/CVE-2020-6153.json +++ b/2020/6xxx/CVE-2020-6153.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6153", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aveva", + "version": { + "version_data": [ + { + "version_value": "Aveva eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1097", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1097" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable SQL injection vulnerability exists in the FavoritesService.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. A specially crafted SOAP web request can cause an SQL injection resulting in data compromise. An attacker can send an unauthenticated HTTP request to trigger this vulnerability." } ] } diff --git a/2020/6xxx/CVE-2020-6558.json b/2020/6xxx/CVE-2020-6558.json index b99060925ec..390926153bb 100644 --- a/2020/6xxx/CVE-2020-6558.json +++ b/2020/6xxx/CVE-2020-6558.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6559.json b/2020/6xxx/CVE-2020-6559.json index 1d23d7da532..02f1c1e81ab 100644 --- a/2020/6xxx/CVE-2020-6559.json +++ b/2020/6xxx/CVE-2020-6559.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6560.json b/2020/6xxx/CVE-2020-6560.json index 3edc1079d98..11a03660d67 100644 --- a/2020/6xxx/CVE-2020-6560.json +++ b/2020/6xxx/CVE-2020-6560.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6561.json b/2020/6xxx/CVE-2020-6561.json index b31d31df5a1..01a2f38abf4 100644 --- a/2020/6xxx/CVE-2020-6561.json +++ b/2020/6xxx/CVE-2020-6561.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6562.json b/2020/6xxx/CVE-2020-6562.json index 7d2c15fea26..0bb3505abc7 100644 --- a/2020/6xxx/CVE-2020-6562.json +++ b/2020/6xxx/CVE-2020-6562.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6563.json b/2020/6xxx/CVE-2020-6563.json index 3e470d72c71..2e0758935c9 100644 --- a/2020/6xxx/CVE-2020-6563.json +++ b/2020/6xxx/CVE-2020-6563.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6564.json b/2020/6xxx/CVE-2020-6564.json index 956049061c9..e06670c36d4 100644 --- a/2020/6xxx/CVE-2020-6564.json +++ b/2020/6xxx/CVE-2020-6564.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6565.json b/2020/6xxx/CVE-2020-6565.json index ad7381af0a0..661f960c5ef 100644 --- a/2020/6xxx/CVE-2020-6565.json +++ b/2020/6xxx/CVE-2020-6565.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6566.json b/2020/6xxx/CVE-2020-6566.json index a6fe76bf236..7112cc7e751 100644 --- a/2020/6xxx/CVE-2020-6566.json +++ b/2020/6xxx/CVE-2020-6566.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6567.json b/2020/6xxx/CVE-2020-6567.json index ad710a42bff..fbab4afcefe 100644 --- a/2020/6xxx/CVE-2020-6567.json +++ b/2020/6xxx/CVE-2020-6567.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6568.json b/2020/6xxx/CVE-2020-6568.json index cb7a272262b..61e519b91a1 100644 --- a/2020/6xxx/CVE-2020-6568.json +++ b/2020/6xxx/CVE-2020-6568.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6569.json b/2020/6xxx/CVE-2020-6569.json index 9249f107d2a..f71c828a173 100644 --- a/2020/6xxx/CVE-2020-6569.json +++ b/2020/6xxx/CVE-2020-6569.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6570.json b/2020/6xxx/CVE-2020-6570.json index 0c267b7729c..039fa3bc4b0 100644 --- a/2020/6xxx/CVE-2020-6570.json +++ b/2020/6xxx/CVE-2020-6570.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6571.json b/2020/6xxx/CVE-2020-6571.json index 0897d977ed0..88b561f788c 100644 --- a/2020/6xxx/CVE-2020-6571.json +++ b/2020/6xxx/CVE-2020-6571.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6573.json b/2020/6xxx/CVE-2020-6573.json index ad7e36167dd..46d4622e87e 100644 --- a/2020/6xxx/CVE-2020-6573.json +++ b/2020/6xxx/CVE-2020-6573.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6574.json b/2020/6xxx/CVE-2020-6574.json index ae26bd42009..f3a5bfcf9b5 100644 --- a/2020/6xxx/CVE-2020-6574.json +++ b/2020/6xxx/CVE-2020-6574.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6575.json b/2020/6xxx/CVE-2020-6575.json index 6f97fa0d482..6d247a3bf8b 100644 --- a/2020/6xxx/CVE-2020-6575.json +++ b/2020/6xxx/CVE-2020-6575.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] }, diff --git a/2020/6xxx/CVE-2020-6576.json b/2020/6xxx/CVE-2020-6576.json index 17f3d68354b..2e0097c3677 100644 --- a/2020/6xxx/CVE-2020-6576.json +++ b/2020/6xxx/CVE-2020-6576.json @@ -64,6 +64,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2020:1510", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:1514", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html" } ] },