diff --git a/2020/27xxx/CVE-2020-27747.json b/2020/27xxx/CVE-2020-27747.json index 84fcd3d38e8..a0db21e5a34 100644 --- a/2020/27xxx/CVE-2020-27747.json +++ b/2020/27xxx/CVE-2020-27747.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-27747", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-27747", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.clickstudios.com.au/", + "refsource": "MISC", + "name": "https://www.clickstudios.com.au/" + }, + { + "refsource": "MISC", + "name": "https://github.com/jet-pentest/CVE-2020-27747", + "url": "https://github.com/jet-pentest/CVE-2020-27747" } ] } diff --git a/2020/27xxx/CVE-2020-27996.json b/2020/27xxx/CVE-2020-27996.json new file mode 100644 index 00000000000..82d9f7a1570 --- /dev/null +++ b/2020/27xxx/CVE-2020-27996.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/smartstore/SmartStoreNET/commit/8702c6140f4fc91956ef35dba12d24492fb3f768", + "refsource": "MISC", + "name": "https://github.com/smartstore/SmartStoreNET/commit/8702c6140f4fc91956ef35dba12d24492fb3f768" + }, + { + "url": "https://github.com/smartstore/SmartStoreNET/compare/4.0.0...4.0.1", + "refsource": "MISC", + "name": "https://github.com/smartstore/SmartStoreNET/compare/4.0.0...4.0.1" + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27997.json b/2020/27xxx/CVE-2020-27997.json new file mode 100644 index 00000000000..1d376aeb021 --- /dev/null +++ b/2020/27xxx/CVE-2020-27997.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27997", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27998.json b/2020/27xxx/CVE-2020-27998.json new file mode 100644 index 00000000000..f78593d04d8 --- /dev/null +++ b/2020/27xxx/CVE-2020-27998.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/FastReports/FastReport/pull/206", + "refsource": "MISC", + "name": "https://github.com/FastReports/FastReport/pull/206" + }, + { + "url": "https://opensource.fast-report.com/2020/09/report-script-security.html", + "refsource": "MISC", + "name": "https://opensource.fast-report.com/2020/09/report-script-security.html" + }, + { + "url": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0", + "refsource": "MISC", + "name": "https://github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0" + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27999.json b/2020/27xxx/CVE-2020-27999.json new file mode 100644 index 00000000000..8304097b29d --- /dev/null +++ b/2020/27xxx/CVE-2020-27999.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27999", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28000.json b/2020/28xxx/CVE-2020-28000.json new file mode 100644 index 00000000000..49dea86c271 --- /dev/null +++ b/2020/28xxx/CVE-2020-28000.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28000", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file