"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2020-04-29 18:01:27 +00:00 · 2020-04-29 18:01:27 +00:00 · 89a90c4886
commit 89a90c4886
parent 5f0dba9a05
9 changed files with 119 additions and 2 deletions
--- a/2016/4xxx/CVE-2016-4437.json
+++ b/2016/4xxx/CVE-2016-4437.json
@ -81,6 +81,11 @@
                "name": "20160603 [Announce] CVE-2016-4437: Apache Shiro information disclosure vulnerability",
                "refsource": "BUGTRAQ",
                "url": "http://www.securityfocus.com/archive/1/538570/100/0/threaded"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157497/Apache-Shiro-1.2.4-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/157497/Apache-Shiro-1.2.4-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2018/6xxx/CVE-2018-6892.json
+++ b/2018/6xxx/CVE-2018-6892.json
@ -81,6 +81,11 @@
                "name": "44027",
                "refsource": "EXPLOIT-DB",
                "url": "https://www.exploit-db.com/exploits/44027/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157407/CloudMe-1.11.2-Buffer-Overflow.html",
+                "url": "http://packetstormsecurity.com/files/157407/CloudMe-1.11.2-Buffer-Overflow.html"
            }
        ]
    }
--- a/2019/3xxx/CVE-2019-3999.json
+++ b/2019/3xxx/CVE-2019-3999.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.tenable.com/security/research/tra-2020-12",
                "url": "https://www.tenable.com/security/research/tra-2020-12"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157493/Druva-inSync-Windows-Client-6.5.2-Privilege-Escalation.html",
+                "url": "http://packetstormsecurity.com/files/157493/Druva-inSync-Windows-Client-6.5.2-Privilege-Escalation.html"
            }
        ]
    },
--- a/2020/11xxx/CVE-2020-11020.json
+++ b/2020/11xxx/CVE-2020-11020.json
@ -41,7 +41,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication\nbypass in the extension system. \n\nThe vulnerability allows any client to bypass checks put in place by server-side\nextensions, by appending extra segments to the message channel.\n\nIt is patched in versions 1.0.4, 1.1.3 and 1.2.5. "
+                "value": "Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication bypass in the extension system. The vulnerability allows any client to bypass checks put in place by server-side extensions, by appending extra segments to the message channel. It is patched in versions 1.0.4, 1.1.3 and 1.2.5."
            }
        ]
    },
@ -91,4 +91,4 @@
        "advisory": "GHSA-qpg4-4w7w-2mq5",
        "discovery": "UNKNOWN"
    }
-}
+}
--- a/2020/11xxx/CVE-2020-11941.json
+++ b/2020/11xxx/CVE-2020-11941.json
@ -61,6 +61,11 @@
                "refsource": "MISC",
                "name": "https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities",
                "url": "https://www.coresecurity.com/advisories/open-audit-multiple-vulnerabilities"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157476/Open-AudIT-3.2.2-Command-Injection-SQL-Injection.html",
+                "url": "http://packetstormsecurity.com/files/157476/Open-AudIT-3.2.2-Command-Injection-SQL-Injection.html"
            }
        ]
    }
--- a/2020/12xxx/CVE-2020-12251.json
+++ b/2020/12xxx/CVE-2020-12251.json
@ -56,6 +56,11 @@
                "refsource": "MISC",
                "name": "https://seclists.org/fulldisclosure/2020/Apr/56",
                "url": "https://seclists.org/fulldisclosure/2020/Apr/56"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157484/Gigamon-GigaVUE-5.5.01.11-Directory-Traversal-File-Upload.html",
+                "url": "http://packetstormsecurity.com/files/157484/Gigamon-GigaVUE-5.5.01.11-Directory-Traversal-File-Upload.html"
            }
        ]
    }
--- a/2020/12xxx/CVE-2020-12252.json
+++ b/2020/12xxx/CVE-2020-12252.json
@ -56,6 +56,11 @@
                "refsource": "MISC",
                "name": "https://seclists.org/fulldisclosure/2020/Apr/56",
                "url": "https://seclists.org/fulldisclosure/2020/Apr/56"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157484/Gigamon-GigaVUE-5.5.01.11-Directory-Traversal-File-Upload.html",
+                "url": "http://packetstormsecurity.com/files/157484/Gigamon-GigaVUE-5.5.01.11-Directory-Traversal-File-Upload.html"
            }
        ]
    }
--- a/2020/12xxx/CVE-2020-12464.json
+++ b/2020/12xxx/CVE-2020-12464.json
@ -0,0 +1,82 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2020-12464",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://patchwork.kernel.org/patch/11463781/",
+                "refsource": "MISC",
+                "name": "https://patchwork.kernel.org/patch/11463781/"
+            },
+            {
+                "url": "https://lkml.org/lkml/2020/3/23/52",
+                "refsource": "MISC",
+                "name": "https://lkml.org/lkml/2020/3/23/52"
+            },
+            {
+                "url": "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b",
+                "refsource": "MISC",
+                "name": "https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b"
+            },
+            {
+                "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b",
+                "refsource": "MISC",
+                "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b"
+            },
+            {
+                "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
+                "refsource": "MISC",
+                "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8"
+            }
+        ]
+    }
+}
--- a/2020/8xxx/CVE-2020-8813.json
+++ b/2020/8xxx/CVE-2020-8813.json
@ -111,6 +111,11 @@
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0558",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html"
            }
        ]
    }