diff --git a/2014/8xxx/CVE-2014-8826.json b/2014/8xxx/CVE-2014-8826.json index 5131c5a3c59..ec1d71ebe92 100644 --- a/2014/8xxx/CVE-2014-8826.json +++ b/2014/8xxx/CVE-2014-8826.json @@ -101,6 +101,11 @@ "name": "20150128 [AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Jan/109" + }, + { + "refsource": "MISC", + "name": "https://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html", + "url": "https://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html" } ] } diff --git a/2020/15xxx/CVE-2020-15497.json b/2020/15xxx/CVE-2020-15497.json index b47fb7d6055..c77a2042973 100644 --- a/2020/15xxx/CVE-2020-15497.json +++ b/2020/15xxx/CVE-2020-15497.json @@ -1,18 +1,91 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15497", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15497", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.jalios.com/jcms/j_6/en/home", + "refsource": "MISC", + "name": "https://www.jalios.com/jcms/j_6/en/home" + }, + { + "url": "https://twitter.com/joker2a1", + "refsource": "MISC", + "name": "https://twitter.com/joker2a1" + }, + { + "url": "https://github.com/Da2Duo", + "refsource": "MISC", + "name": "https://github.com/Da2Duo" + }, + { + "refsource": "MISC", + "name": "https://pastebin.com/KSJJu5Nx", + "url": "https://pastebin.com/KSJJu5Nx" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:N/I:L/PR:N/S:U/UI:N", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15810.json b/2020/15xxx/CVE-2020-15810.json new file mode 100644 index 00000000000..c63bc051da1 --- /dev/null +++ b/2020/15xxx/CVE-2020-15810.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15810", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15811.json b/2020/15xxx/CVE-2020-15811.json new file mode 100644 index 00000000000..aee6ba3c9b9 --- /dev/null +++ b/2020/15xxx/CVE-2020-15811.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15811", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15812.json b/2020/15xxx/CVE-2020-15812.json new file mode 100644 index 00000000000..12f08a40d1a --- /dev/null +++ b/2020/15xxx/CVE-2020-15812.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15812", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/15xxx/CVE-2020-15813.json b/2020/15xxx/CVE-2020-15813.json new file mode 100644 index 00000000000..f13df1dee55 --- /dev/null +++ b/2020/15xxx/CVE-2020-15813.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-15813", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5130.json b/2020/5xxx/CVE-2020-5130.json index 91655611bc1..adc9a098fe7 100644 --- a/2020/5xxx/CVE-2020-5130.json +++ b/2020/5xxx/CVE-2020-5130.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@sonicwall.com", - "ID" : "CVE-2020-5130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SonicOS", - "version" : { - "version_data" : [ - { - "version_value" : "6.5.4.4-44n and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "SonicWall" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20: Improper Input Validation" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT@sonicwall.com", + "ID": "CVE-2020-5130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SonicOS", + "version": { + "version_data": [ + { + "version_value": "6.5.4.4-44n and earlier" + } + ] + } + } + ] + }, + "vendor_name": "SonicWall" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003", - "refsource" : "CONFIRM", - "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0003" + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5131.json b/2020/5xxx/CVE-2020-5131.json index 16db5895d20..3ea2c5e1992 100644 --- a/2020/5xxx/CVE-2020-5131.json +++ b/2020/5xxx/CVE-2020-5131.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@sonicwall.com", - "ID" : "CVE-2020-5131", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SonicWall NetExtender", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.815 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "SonicWall" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20: Improper Input Validation" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT@sonicwall.com", + "ID": "CVE-2020-5131", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SonicWall NetExtender", + "version": { + "version_data": [ + { + "version_value": "9.0.815 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "SonicWall" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004", - "refsource" : "CONFIRM", - "url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. This vulnerability impact SonicWall NetExtender Windows client version 9.0.815 and earlier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20: Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0004" + } + ] + } +} \ No newline at end of file