From 8eea78ff3f0863046bf7ddd05baa1b200eda5772 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 25 Mar 2020 20:01:38 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/10xxx/CVE-2020-10952.json | 18 ++++++++++ 2020/10xxx/CVE-2020-10953.json | 18 ++++++++++ 2020/10xxx/CVE-2020-10954.json | 18 ++++++++++ 2020/10xxx/CVE-2020-10955.json | 18 ++++++++++ 2020/10xxx/CVE-2020-10956.json | 18 ++++++++++ 2020/3xxx/CVE-2020-3761.json | 62 +++++++++++++++++++++++++++++----- 2020/3xxx/CVE-2020-3769.json | 62 +++++++++++++++++++++++++++++----- 2020/3xxx/CVE-2020-3794.json | 62 +++++++++++++++++++++++++++++----- 2020/3xxx/CVE-2020-3808.json | 62 +++++++++++++++++++++++++++++----- 2020/6xxx/CVE-2020-6422.json | 5 +++ 2020/6xxx/CVE-2020-6424.json | 5 +++ 2020/6xxx/CVE-2020-6425.json | 5 +++ 2020/6xxx/CVE-2020-6426.json | 5 +++ 2020/6xxx/CVE-2020-6427.json | 5 +++ 2020/6xxx/CVE-2020-6428.json | 5 +++ 2020/6xxx/CVE-2020-6429.json | 5 +++ 2020/6xxx/CVE-2020-6449.json | 5 +++ 17 files changed, 342 insertions(+), 36 deletions(-) create mode 100644 2020/10xxx/CVE-2020-10952.json create mode 100644 2020/10xxx/CVE-2020-10953.json create mode 100644 2020/10xxx/CVE-2020-10954.json create mode 100644 2020/10xxx/CVE-2020-10955.json create mode 100644 2020/10xxx/CVE-2020-10956.json diff --git a/2020/10xxx/CVE-2020-10952.json b/2020/10xxx/CVE-2020-10952.json new file mode 100644 index 00000000000..665a43188cc --- /dev/null +++ b/2020/10xxx/CVE-2020-10952.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10952", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10953.json b/2020/10xxx/CVE-2020-10953.json new file mode 100644 index 00000000000..3260aad78e1 --- /dev/null +++ b/2020/10xxx/CVE-2020-10953.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10953", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10954.json b/2020/10xxx/CVE-2020-10954.json new file mode 100644 index 00000000000..e904d7f0083 --- /dev/null +++ b/2020/10xxx/CVE-2020-10954.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10954", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10955.json b/2020/10xxx/CVE-2020-10955.json new file mode 100644 index 00000000000..49099e732ae --- /dev/null +++ b/2020/10xxx/CVE-2020-10955.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10955", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10956.json b/2020/10xxx/CVE-2020-10956.json new file mode 100644 index 00000000000..128c0a41273 --- /dev/null +++ b/2020/10xxx/CVE-2020-10956.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-10956", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3761.json b/2020/3xxx/CVE-2020-3761.json index fd26536285a..856ec0df33a 100644 --- a/2020/3xxx/CVE-2020-3761.json +++ b/2020/3xxx/CVE-2020-3761.json @@ -1,18 +1,62 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-3761", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a remote file read vulnerability. Successful exploitation could lead to arbitrary file read from the coldfusion install directory." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "ColdFusion 2016, and ColdFusion 2018 versions" + } + ] + }, + "product_name": "ColdFusion" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote file read" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2020-3761", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3769.json b/2020/3xxx/CVE-2020-3769.json index 26afcebbbdf..060340ccb85 100644 --- a/2020/3xxx/CVE-2020-3769.json +++ b/2020/3xxx/CVE-2020-3769.json @@ -1,18 +1,62 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-3769", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "6.5 and earlier versions" + } + ] + }, + "product_name": "Adobe Experience Manager" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Server-side request forgery (SSRF)" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/experience-manager/apsb20-15.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/experience-manager/apsb20-15.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2020-3769", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3794.json b/2020/3xxx/CVE-2020-3794.json index 69f8a12a650..869e4cd8be8 100644 --- a/2020/3xxx/CVE-2020-3794.json +++ b/2020/3xxx/CVE-2020-3794.json @@ -1,18 +1,62 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-3794", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "ColdFusion 2016, and ColdFusion 2018 versions" + } + ] + }, + "product_name": "ColdFusion" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "File inclusion " + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/coldfusion/apsb20-16.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2020-3794", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3808.json b/2020/3xxx/CVE-2020-3808.json index 81948393982..b256b88ba5d 100644 --- a/2020/3xxx/CVE-2020-3808.json +++ b/2020/3xxx/CVE-2020-3808.json @@ -1,18 +1,62 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-3808", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion." } ] + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "Creative Cloud Desktop Application versions" + } + ] + }, + "product_name": "Creative Cloud Desktop Application" + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Time-of-check to time-of-use (TOCTOU) race condition" + } + ] + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://helpx.adobe.com/security/products/creative-cloud/apsb20-11.html", + "refsource": "CONFIRM", + "name": "https://helpx.adobe.com/security/products/creative-cloud/apsb20-11.html" + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2020-3808", + "ASSIGNER": "psirt@adobe.com" } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6422.json b/2020/6xxx/CVE-2020-6422.json index fdb80aa9890..a6d8262c5e5 100644 --- a/2020/6xxx/CVE-2020-6422.json +++ b/2020/6xxx/CVE-2020-6422.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6424.json b/2020/6xxx/CVE-2020-6424.json index 593be2de8d5..b64658bd110 100644 --- a/2020/6xxx/CVE-2020-6424.json +++ b/2020/6xxx/CVE-2020-6424.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6425.json b/2020/6xxx/CVE-2020-6425.json index 52fd7a179fe..ec07a7719ad 100644 --- a/2020/6xxx/CVE-2020-6425.json +++ b/2020/6xxx/CVE-2020-6425.json @@ -64,6 +64,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6426.json b/2020/6xxx/CVE-2020-6426.json index cd786f28967..0e583299ed0 100644 --- a/2020/6xxx/CVE-2020-6426.json +++ b/2020/6xxx/CVE-2020-6426.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6427.json b/2020/6xxx/CVE-2020-6427.json index 52f7e1636df..28c36bdec06 100644 --- a/2020/6xxx/CVE-2020-6427.json +++ b/2020/6xxx/CVE-2020-6427.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6428.json b/2020/6xxx/CVE-2020-6428.json index c790b35ef01..38f24b4e732 100644 --- a/2020/6xxx/CVE-2020-6428.json +++ b/2020/6xxx/CVE-2020-6428.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6429.json b/2020/6xxx/CVE-2020-6429.json index 8bdb25ddb6d..6b3b6238c21 100644 --- a/2020/6xxx/CVE-2020-6429.json +++ b/2020/6xxx/CVE-2020-6429.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] }, diff --git a/2020/6xxx/CVE-2020-6449.json b/2020/6xxx/CVE-2020-6449.json index bd8a74740b6..497eec4b885 100644 --- a/2020/6xxx/CVE-2020-6449.json +++ b/2020/6xxx/CVE-2020-6449.json @@ -69,6 +69,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-7fd051b378", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202003-53", + "url": "https://security.gentoo.org/glsa/202003-53" } ] },