diff --git a/2019/10xxx/CVE-2019-10954.json b/2019/10xxx/CVE-2019-10954.json index 00012c04320..c6af2343fb6 100644 --- a/2019/10xxx/CVE-2019-10954.json +++ b/2019/10xxx/CVE-2019-10954.json @@ -1,25 +1,96 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10954", "ASSIGNER": "ics-cert@hq.dhs.gov", "STATE": "PUBLIC" }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow", + "cweId": "CWE-121" + } + ] + } + ] + }, "affects": { "vendor": { "vendor_data": [ { - "vendor_name": "CompactLogix", + "vendor_name": "Rockwell Automation", "product": { "product_data": [ { - "product_name": "CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers", + "product_name": "CompactLogix 5370 L1 controllers", "version": { "version_data": [ { - "version_value": "Versions 20 to 30.014 and earlier" + "version_affected": "<", + "version_name": "0", + "version_value": "20 - 30" + } + ] + } + }, + { + "product_name": "CompactLogix 5370 L2 controllers", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "20 - 30" + } + ] + } + }, + { + "product_name": "CompactLogix 5370 L3 controllers", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "20 - 30" + } + ] + } + }, + { + "product_name": "Compact GuardLogix 5370 controllers", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "20 - 30" + } + ] + } + }, + { + "product_name": "Armor Compact GuardLogix 5370 controllers", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "20 - 30" } ] } @@ -30,38 +101,48 @@ ] } }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "STACK-BASED BUFFER OVERFLOW CWE-121" - } - ] - } - ] - }, "references": { "reference_data": [ { + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01", "refsource": "MISC", - "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01", - "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01" + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01" }, { - "refsource": "BID", - "name": "108118", - "url": "http://www.securityfocus.com/bid/108118" + "url": "http://www.securityfocus.com/bid/108118", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/108118" + }, + { + "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979", + "refsource": "MISC", + "name": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979" } ] }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 to 30.014 and earlier." - } - ] - } + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\n

Rockwell recommends the following:

For more information please refer to Rockwell\u2019s Security Advisory: https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979

\n\n
" + } + ], + "value": "\nRockwell recommends the following:\n\n * Rockwell Automation strongly encourages users to apply the latest available version of firmware to keep up to date with the latest features, anomaly fixes, and security improvements. Update to a version of firmware as listed below that mitigates the associated risk:\n * Apply FRN 31.011 or later from: https://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?Keyword=5370&crumb=112 https://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx \n * For EtherNet/IP-based vulnerabilities (ID 1-14), block all traffic to and from outside the Manufacturing Zone by blocking or restricting access to Port 2222/TCP/UDP and Port 44818/TCP/UDP using proper network infrastructure controls, such as firewalls, UTM devices, or other security appliances. For more information on TCP/UDP ports used by Rockwell Automation Products, see Knowledgebase Article ID 898270 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/898270/page/1 \u00a0(login required). * Stratix users can use Device Manager or Studio 5000 Logix Designer to configure access control lists (ACL) to block/restrict ports. See section \u201cAccess Control Lists\u201d in Stratix Managed Switches User Manual, publication 1783-UM007 http://literature.rockwellautomation.com/idc/groups/literature/documents/um/1783-um007_-en-p.pdf , for detailed instructions.\n\n\n\n * For web-based vulnerabilities (ID 15-17), block all traffic from outside the Manufacturing Zone by blocking or restricting access to Port 80/443/TCP. * Stratix users can use Device Manager or Studio 5000 Logix Designer to configure ACL\u2019s to block/restrict ports. See section \u201cAccess Control Lists\u201d in Stratix Managed Switches User Manual, publication 1783-UM007 http://literature.rockwellautomation.com/idc/groups/literature/documents/um/1783-um007_-en-p.pdf , for detailed instructions.\n\n\n\n * Utilize proper network infrastructure controls, such as firewalls, to help ensure that SMTP packets from unauthorized sources are blocked.\n * Consult the product documentation for specific features, such as a hardware key-switch setting, which may be used to block unauthorized changes, etc.\n * Use trusted software, software patches, and antivirus/antimalware programs and interact only with trusted websites and attachments.\n * Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet. For further information about the risks of unprotected Internet accessible control systems, please see Knowledgebase Article ID 494865 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/494865/page/1 \u00a0(login required).\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that a VPN is only as secure as the connected devices.\n\n\nFor more information please refer to Rockwell\u2019s Security Advisory: https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979 https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1075979 \n\n\n\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "George Lashenko of CyberX reported to CISA." + } + ] } \ No newline at end of file diff --git a/2020/20xxx/CVE-2020-20067.json b/2020/20xxx/CVE-2020-20067.json index 80361cccdff..9fc4e6af75b 100644 --- a/2020/20xxx/CVE-2020-20067.json +++ b/2020/20xxx/CVE-2020-20067.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20067", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20067", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File upload vulnerability in ebCMS v.1.1.0 allows a remote attacker to execute arbitrary code via the upload type parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/a932278490/ebcms/issues/1", + "refsource": "MISC", + "name": "https://github.com/a932278490/ebcms/issues/1" } ] } diff --git a/2020/20xxx/CVE-2020-20070.json b/2020/20xxx/CVE-2020-20070.json index 213e4d773ee..87d98611dd9 100644 --- a/2020/20xxx/CVE-2020-20070.json +++ b/2020/20xxx/CVE-2020-20070.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20070", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20070", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/wkeyuan/DWSurvey/issues/48", + "refsource": "MISC", + "name": "https://github.com/wkeyuan/DWSurvey/issues/48" } ] } diff --git a/2020/20xxx/CVE-2020-20335.json b/2020/20xxx/CVE-2020-20335.json index 6820127a3e5..21f60d0acc4 100644 --- a/2020/20xxx/CVE-2020-20335.json +++ b/2020/20xxx/CVE-2020-20335.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20335", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20335", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer Overflow vulnerability in Antirez Kilo before commit 7709a04ae8520c5b04d261616098cebf742f5a23 allows a remote attacker to cause a denial of service via the editorUpdateRow function in kilo.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/antirez/kilo/issues/60", + "refsource": "MISC", + "name": "https://github.com/antirez/kilo/issues/60" } ] } diff --git a/2020/20xxx/CVE-2020-20413.json b/2020/20xxx/CVE-2020-20413.json index 54c92f1818b..92df9456a8a 100644 --- a/2020/20xxx/CVE-2020-20413.json +++ b/2020/20xxx/CVE-2020-20413.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20413", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20413", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle() function in admin/content.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/SuperSalsa20/WUZHICMS-SQL-Injection/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/SuperSalsa20/WUZHICMS-SQL-Injection/blob/master/README.md" } ] } diff --git a/2020/20xxx/CVE-2020-20491.json b/2020/20xxx/CVE-2020-20491.json index 5baae9c9b93..3ca0046e874 100644 --- a/2020/20xxx/CVE-2020-20491.json +++ b/2020/20xxx/CVE-2020-20491.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20491", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20491", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/opencart/opencart/issues/7612", + "refsource": "MISC", + "name": "https://github.com/opencart/opencart/issues/7612" } ] } diff --git a/2020/20xxx/CVE-2020-20502.json b/2020/20xxx/CVE-2020-20502.json index 0e034b0e3e5..711f6da9e46 100644 --- a/2020/20xxx/CVE-2020-20502.json +++ b/2020/20xxx/CVE-2020-20502.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20502", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20502", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery found in yzCMS v.2.0 allows a remote attacker to execute arbitrary code via the token check function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://www.yzmcms.com/", + "refsource": "MISC", + "name": "http://www.yzmcms.com/" + }, + { + "refsource": "MISC", + "name": "https://github.com/yzmcms/yzmcms/issues/27", + "url": "https://github.com/yzmcms/yzmcms/issues/27" } ] } diff --git a/2020/20xxx/CVE-2020-20636.json b/2020/20xxx/CVE-2020-20636.json index a8385d480ab..d2d18f4e518 100644 --- a/2020/20xxx/CVE-2020-20636.json +++ b/2020/20xxx/CVE-2020-20636.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20636", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20636", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability found in Joyplus-cms v.1.6.0 allows a remote attacker to access sensitive information via the id parameter of the goodbad() function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/joyplus/joyplus-cms/issues/447", + "refsource": "MISC", + "name": "https://github.com/joyplus/joyplus-cms/issues/447" } ] } diff --git a/2020/20xxx/CVE-2020-20697.json b/2020/20xxx/CVE-2020-20697.json index 0e92155454a..cf1e5eb5f6a 100644 --- a/2020/20xxx/CVE-2020-20697.json +++ b/2020/20xxx/CVE-2020-20697.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20697", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20697", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in khodakhah NodCMS v.3.0 allows a remote attacker to execute arbitrary code and gain access to senstivie information via a crafted script to the address parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/khodakhah/nodcms/issues/41", + "refsource": "MISC", + "name": "https://github.com/khodakhah/nodcms/issues/41" } ] } diff --git a/2020/20xxx/CVE-2020-20703.json b/2020/20xxx/CVE-2020-20703.json index bc77c308834..2f0c6b03678 100644 --- a/2020/20xxx/CVE-2020-20703.json +++ b/2020/20xxx/CVE-2020-20703.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20703", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20703", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vim/vim/issues/5041", + "refsource": "MISC", + "name": "https://github.com/vim/vim/issues/5041" } ] } diff --git a/2020/20xxx/CVE-2020-20718.json b/2020/20xxx/CVE-2020-20718.json index ac5d464c34d..d3a2fce115c 100644 --- a/2020/20xxx/CVE-2020-20718.json +++ b/2020/20xxx/CVE-2020-20718.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20718", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20718", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to the the save_file() parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pluck-cms/pluck/issues/79", + "refsource": "MISC", + "name": "https://github.com/pluck-cms/pluck/issues/79" } ] } diff --git a/2020/20xxx/CVE-2020-20725.json b/2020/20xxx/CVE-2020-20725.json index 33902fac97e..0a2479f449a 100644 --- a/2020/20xxx/CVE-2020-20725.json +++ b/2020/20xxx/CVE-2020-20725.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20725", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20725", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in taogogo taoCMS v.2.5 beta5.1 allows remote attacker to execute arbitrary code via the name field in admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/taogogo/taocms/issues/2", + "refsource": "MISC", + "name": "https://github.com/taogogo/taocms/issues/2" } ] } diff --git a/2020/20xxx/CVE-2020-20726.json b/2020/20xxx/CVE-2020-20726.json index c46e9e6da4d..c359043b22a 100644 --- a/2020/20xxx/CVE-2020-20726.json +++ b/2020/20xxx/CVE-2020-20726.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20726", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20726", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/update_rows/user parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GilaCMS/gila/issues/51", + "refsource": "MISC", + "name": "https://github.com/GilaCMS/gila/issues/51" } ] } diff --git a/2020/20xxx/CVE-2020-20735.json b/2020/20xxx/CVE-2020-20735.json index 7881369ff33..f437625dbc4 100644 --- a/2020/20xxx/CVE-2020-20735.json +++ b/2020/20xxx/CVE-2020-20735.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20735", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20735", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in LJCMS v.4.3.R60321 allows a remote attacker to execute arbitrary code via the ljcms/index.php parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/0xyu/PHP_Learning/issues/2", + "refsource": "MISC", + "name": "https://github.com/0xyu/PHP_Learning/issues/2" } ] } diff --git a/2020/20xxx/CVE-2020-20918.json b/2020/20xxx/CVE-2020-20918.json index 653a2e0215d..f1b2b759696 100644 --- a/2020/20xxx/CVE-2020-20918.json +++ b/2020/20xxx/CVE-2020-20918.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20918", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20918", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pluck-cms/pluck/issues/80", + "refsource": "MISC", + "name": "https://github.com/pluck-cms/pluck/issues/80" } ] } diff --git a/2020/20xxx/CVE-2020-20919.json b/2020/20xxx/CVE-2020-20919.json index d3678670bef..f32795a6309 100644 --- a/2020/20xxx/CVE-2020-20919.json +++ b/2020/20xxx/CVE-2020-20919.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20919", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20919", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File upload vulnerability in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary code and access sensitive information via the theme.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pluck-cms/pluck/issues/85", + "refsource": "MISC", + "name": "https://github.com/pluck-cms/pluck/issues/85" } ] } diff --git a/2020/20xxx/CVE-2020-20969.json b/2020/20xxx/CVE-2020-20969.json index 6ac849744ad..5d6d3d0b12a 100644 --- a/2020/20xxx/CVE-2020-20969.json +++ b/2020/20xxx/CVE-2020-20969.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20969", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20969", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in PluckCMS v.4.7.10 allows a remote attacker to execute arbitrary code via the trashcan_restoreitem.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/pluck-cms/pluck/issues/86", + "refsource": "MISC", + "name": "https://github.com/pluck-cms/pluck/issues/86" } ] } diff --git a/2020/21xxx/CVE-2020-21052.json b/2020/21xxx/CVE-2020-21052.json index 274c250efb0..fb229178a80 100644 --- a/2020/21xxx/CVE-2020-21052.json +++ b/2020/21xxx/CVE-2020-21052.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21052", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21052", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote attacker to execute arbitrary code via the nickame parameter of the /post/addComment function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/94fzb/zrlog/issues/56", + "refsource": "MISC", + "name": "https://github.com/94fzb/zrlog/issues/56" } ] } diff --git a/2020/21xxx/CVE-2020-21058.json b/2020/21xxx/CVE-2020-21058.json index 677d1009ce3..feb0af67b12 100644 --- a/2020/21xxx/CVE-2020-21058.json +++ b/2020/21xxx/CVE-2020-21058.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21058", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21058", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote attacker to execute arbitrary code via the mermaid sytax." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/typora/typora-issues/issues/2959", + "refsource": "MISC", + "name": "https://github.com/typora/typora-issues/issues/2959" } ] } diff --git a/2020/21xxx/CVE-2020-21174.json b/2020/21xxx/CVE-2020-21174.json index 90be570deeb..cbe99a4ba83 100644 --- a/2020/21xxx/CVE-2020-21174.json +++ b/2020/21xxx/CVE-2020-21174.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21174", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21174", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/liufee/cms/issues/44", + "refsource": "MISC", + "name": "https://github.com/liufee/cms/issues/44" } ] } diff --git a/2020/21xxx/CVE-2020-21246.json b/2020/21xxx/CVE-2020-21246.json index 973e22d1ae4..b5b41a51d15 100644 --- a/2020/21xxx/CVE-2020-21246.json +++ b/2020/21xxx/CVE-2020-21246.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21246", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21246", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in YiiCMS v.1.0 allows a remote attacker to execute arbitrary code via the news function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/yongshengli/yiicms/issues/6", + "refsource": "MISC", + "name": "https://github.com/yongshengli/yiicms/issues/6" } ] } diff --git a/2020/21xxx/CVE-2020-21252.json b/2020/21xxx/CVE-2020-21252.json index bd2a275a3b4..7b1dfba5740 100644 --- a/2020/21xxx/CVE-2020-21252.json +++ b/2020/21xxx/CVE-2020-21252.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21252", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21252", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges via the updateusers parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Neeke/HongCMS/issues/13", + "refsource": "MISC", + "name": "https://github.com/Neeke/HongCMS/issues/13" } ] } diff --git a/2020/21xxx/CVE-2020-21268.json b/2020/21xxx/CVE-2020-21268.json index d17626f2e58..f6e5c816d7e 100644 --- a/2020/21xxx/CVE-2020-21268.json +++ b/2020/21xxx/CVE-2020-21268.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21268", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21268", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/easysoft/zentaopms/issues/40", + "refsource": "MISC", + "name": "https://github.com/easysoft/zentaopms/issues/40" } ] } diff --git a/2020/21xxx/CVE-2020-21325.json b/2020/21xxx/CVE-2020-21325.json index a4f94ff8464..bbe7f3c0275 100644 --- a/2020/21xxx/CVE-2020-21325.json +++ b/2020/21xxx/CVE-2020-21325.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21325", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21325", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in WUZHI CMS v.4.1.0 allows a remote attacker to execute arbitrary code via the set_chache method of the function\\common.func.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/wuzhicms/wuzhicms/issues/188", + "refsource": "MISC", + "name": "https://github.com/wuzhicms/wuzhicms/issues/188" } ] } diff --git a/2020/21xxx/CVE-2020-21366.json b/2020/21xxx/CVE-2020-21366.json index 5c30537ce46..fc228b69336 100644 --- a/2020/21xxx/CVE-2020-21366.json +++ b/2020/21xxx/CVE-2020-21366.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21366", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21366", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GreenCMS/GreenCMS/issues/115", + "refsource": "MISC", + "name": "https://github.com/GreenCMS/GreenCMS/issues/115" } ] } diff --git a/2020/21xxx/CVE-2020-21400.json b/2020/21xxx/CVE-2020-21400.json index 9f485fd532c..fb240c061ad 100644 --- a/2020/21xxx/CVE-2020-21400.json +++ b/2020/21xxx/CVE-2020-21400.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21400", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21400", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gaozhifeng/PHPMyWind/issues/11", + "refsource": "MISC", + "name": "https://github.com/gaozhifeng/PHPMyWind/issues/11" } ] } diff --git a/2020/21xxx/CVE-2020-21474.json b/2020/21xxx/CVE-2020-21474.json index 392b825a3de..7375cad5662 100644 --- a/2020/21xxx/CVE-2020-21474.json +++ b/2020/21xxx/CVE-2020-21474.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21474", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21474", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir=rsd parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/NucleusCMS/NucleusCMS/issues/95", + "refsource": "MISC", + "name": "https://github.com/NucleusCMS/NucleusCMS/issues/95" } ] } diff --git a/2020/21xxx/CVE-2020-21485.json b/2020/21xxx/CVE-2020-21485.json index 4f37028116e..4ed01ca6d43 100644 --- a/2020/21xxx/CVE-2020-21485.json +++ b/2020/21xxx/CVE-2020-21485.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21485", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21485", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting vulnerability in Alluxio v.1.8.1 allows a remote attacker to executea arbitrary code via the path parameter in the browse board component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Alluxio/alluxio/issues/10552", + "refsource": "MISC", + "name": "https://github.com/Alluxio/alluxio/issues/10552" } ] } diff --git a/2020/21xxx/CVE-2020-21486.json b/2020/21xxx/CVE-2020-21486.json index ede2d2325fb..ada74d0094e 100644 --- a/2020/21xxx/CVE-2020-21486.json +++ b/2020/21xxx/CVE-2020-21486.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21486", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21486", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the _userlist function in framerwork/phpok_call.php file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/qinggan/phpok/issues/8", + "refsource": "MISC", + "name": "https://github.com/qinggan/phpok/issues/8" } ] } diff --git a/2020/21xxx/CVE-2020-21489.json b/2020/21xxx/CVE-2020-21489.json index fd4f7fccd36..df802c893ba 100644 --- a/2020/21xxx/CVE-2020-21489.json +++ b/2020/21xxx/CVE-2020-21489.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21489", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21489", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/liufee/cms/issues/46", + "refsource": "MISC", + "name": "https://github.com/liufee/cms/issues/46" } ] } diff --git a/2023/2xxx/CVE-2023-2533.json b/2023/2xxx/CVE-2023-2533.json index a86d0da9288..8ac665b253c 100644 --- a/2023/2xxx/CVE-2023-2533.json +++ b/2023/2xxx/CVE-2023-2533.json @@ -1,17 +1,110 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-2533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "help@fluidattacks.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Cross-Site Request Forgery (CSRF) vulnerability has been identified in\nPaperCut NG/MF, which, under specific conditions, could potentially enable\nan attacker to alter security settings or execute arbitrary code. This could\nbe exploited if the target is an admin with a current login session. Exploiting\nthis would typically involve the possibility of deceiving an admin into clicking\na specially crafted malicious link, potentially leading to unauthorized changes.\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PaperCut", + "product": { + "product_data": [ + { + "product_name": "PaperCut NG/MF", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "2.1.1", + "status": "affected", + "version": "22.0.10", + "versionType": "custom" + }, + { + "status": "unaffected", + "version": "21.2.12" + }, + { + "status": "unaffected", + "version": "20.1.8" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://fluidattacks.com/advisories/arcangel/", + "refsource": "MISC", + "name": "https://fluidattacks.com/advisories/arcangel/" + }, + { + "url": "https://www.papercut.com/", + "refsource": "MISC", + "name": "https://www.papercut.com/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.4, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/31xxx/CVE-2023-31486.json b/2023/31xxx/CVE-2023-31486.json index 71293f461d5..28d891e8a78 100644 --- a/2023/31xxx/CVE-2023-31486.json +++ b/2023/31xxx/CVE-2023-31486.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[oss-security] 20230507 Re: Perl's HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modules", "url": "http://www.openwall.com/lists/oss-security/2023/05/07/2" + }, + { + "refsource": "MISC", + "name": "https://github.com/chansen/p5-http-tiny/pull/153", + "url": "https://github.com/chansen/p5-http-tiny/pull/153" } ] } diff --git a/2023/34xxx/CVE-2023-34541.json b/2023/34xxx/CVE-2023-34541.json index 6359d77fa6e..5615515769c 100644 --- a/2023/34xxx/CVE-2023-34541.json +++ b/2023/34xxx/CVE-2023-34541.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-34541", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-34541", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/hwchase17/langchain/issues/4849", + "refsource": "MISC", + "name": "https://github.com/hwchase17/langchain/issues/4849" } ] } diff --git a/2023/34xxx/CVE-2023-34600.json b/2023/34xxx/CVE-2023-34600.json index c4b95f5988d..466607648fe 100644 --- a/2023/34xxx/CVE-2023-34600.json +++ b/2023/34xxx/CVE-2023-34600.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-34600", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-34600", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://loganalyzer.adiscon.com/", + "refsource": "MISC", + "name": "https://loganalyzer.adiscon.com/" + }, + { + "refsource": "MISC", + "name": "https://github.com/costacoco/Adiscon/blob/main/README.md", + "url": "https://github.com/costacoco/Adiscon/blob/main/README.md" } ] } diff --git a/2023/35xxx/CVE-2023-35924.json b/2023/35xxx/CVE-2023-35924.json new file mode 100644 index 00000000000..1b14482a4c7 --- /dev/null +++ b/2023/35xxx/CVE-2023-35924.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35924", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35925.json b/2023/35xxx/CVE-2023-35925.json new file mode 100644 index 00000000000..06b0b3e7cd3 --- /dev/null +++ b/2023/35xxx/CVE-2023-35925.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35925", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35926.json b/2023/35xxx/CVE-2023-35926.json new file mode 100644 index 00000000000..73c8f67b827 --- /dev/null +++ b/2023/35xxx/CVE-2023-35926.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35926", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35927.json b/2023/35xxx/CVE-2023-35927.json new file mode 100644 index 00000000000..619d932896a --- /dev/null +++ b/2023/35xxx/CVE-2023-35927.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35927", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35928.json b/2023/35xxx/CVE-2023-35928.json new file mode 100644 index 00000000000..53dfb95ef02 --- /dev/null +++ b/2023/35xxx/CVE-2023-35928.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35928", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35929.json b/2023/35xxx/CVE-2023-35929.json new file mode 100644 index 00000000000..f97376db03e --- /dev/null +++ b/2023/35xxx/CVE-2023-35929.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35929", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35930.json b/2023/35xxx/CVE-2023-35930.json new file mode 100644 index 00000000000..f117835eb8a --- /dev/null +++ b/2023/35xxx/CVE-2023-35930.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35930", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35931.json b/2023/35xxx/CVE-2023-35931.json new file mode 100644 index 00000000000..1e2b480b78c --- /dev/null +++ b/2023/35xxx/CVE-2023-35931.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35931", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35932.json b/2023/35xxx/CVE-2023-35932.json new file mode 100644 index 00000000000..519b9afaa8a --- /dev/null +++ b/2023/35xxx/CVE-2023-35932.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35932", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35933.json b/2023/35xxx/CVE-2023-35933.json new file mode 100644 index 00000000000..ca3a670748a --- /dev/null +++ b/2023/35xxx/CVE-2023-35933.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35933", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35934.json b/2023/35xxx/CVE-2023-35934.json new file mode 100644 index 00000000000..a0d79d5ef84 --- /dev/null +++ b/2023/35xxx/CVE-2023-35934.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35934", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35935.json b/2023/35xxx/CVE-2023-35935.json new file mode 100644 index 00000000000..696b2e08747 --- /dev/null +++ b/2023/35xxx/CVE-2023-35935.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35935", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35936.json b/2023/35xxx/CVE-2023-35936.json new file mode 100644 index 00000000000..2f51cee141a --- /dev/null +++ b/2023/35xxx/CVE-2023-35936.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35936", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35937.json b/2023/35xxx/CVE-2023-35937.json new file mode 100644 index 00000000000..c7e08f9ab3e --- /dev/null +++ b/2023/35xxx/CVE-2023-35937.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35937", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35938.json b/2023/35xxx/CVE-2023-35938.json new file mode 100644 index 00000000000..449177e0b53 --- /dev/null +++ b/2023/35xxx/CVE-2023-35938.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35938", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35939.json b/2023/35xxx/CVE-2023-35939.json new file mode 100644 index 00000000000..ac173d221f8 --- /dev/null +++ b/2023/35xxx/CVE-2023-35939.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35939", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35940.json b/2023/35xxx/CVE-2023-35940.json new file mode 100644 index 00000000000..1dd651fd8c9 --- /dev/null +++ b/2023/35xxx/CVE-2023-35940.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35940", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35941.json b/2023/35xxx/CVE-2023-35941.json new file mode 100644 index 00000000000..5788c1e8433 --- /dev/null +++ b/2023/35xxx/CVE-2023-35941.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35941", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35942.json b/2023/35xxx/CVE-2023-35942.json new file mode 100644 index 00000000000..ec78263f976 --- /dev/null +++ b/2023/35xxx/CVE-2023-35942.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35942", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35943.json b/2023/35xxx/CVE-2023-35943.json new file mode 100644 index 00000000000..594a5a210e5 --- /dev/null +++ b/2023/35xxx/CVE-2023-35943.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35943", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35944.json b/2023/35xxx/CVE-2023-35944.json new file mode 100644 index 00000000000..852097bf659 --- /dev/null +++ b/2023/35xxx/CVE-2023-35944.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35944", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35945.json b/2023/35xxx/CVE-2023-35945.json new file mode 100644 index 00000000000..1b985b8ff9c --- /dev/null +++ b/2023/35xxx/CVE-2023-35945.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35945", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35946.json b/2023/35xxx/CVE-2023-35946.json new file mode 100644 index 00000000000..bbacde8d03d --- /dev/null +++ b/2023/35xxx/CVE-2023-35946.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35946", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35947.json b/2023/35xxx/CVE-2023-35947.json new file mode 100644 index 00000000000..6c2bbaf9f58 --- /dev/null +++ b/2023/35xxx/CVE-2023-35947.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35947", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35948.json b/2023/35xxx/CVE-2023-35948.json new file mode 100644 index 00000000000..a70ea595cf5 --- /dev/null +++ b/2023/35xxx/CVE-2023-35948.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35948", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/3xxx/CVE-2023-3338.json b/2023/3xxx/CVE-2023-3338.json new file mode 100644 index 00000000000..c7d5ba1e189 --- /dev/null +++ b/2023/3xxx/CVE-2023-3338.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-3338", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file