diff --git a/2019/18xxx/CVE-2019-18849.json b/2019/18xxx/CVE-2019-18849.json index 07c1848cad3..5f23107169e 100644 --- a/2019/18xxx/CVE-2019-18849.json +++ b/2019/18xxx/CVE-2019-18849.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-815807c020", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4524-1", + "url": "https://usn.ubuntu.com/4524-1/" } ] } diff --git a/2020/11xxx/CVE-2020-11031.json b/2020/11xxx/CVE-2020-11031.json index 82e667c3b33..8bebe3f78dc 100644 --- a/2020/11xxx/CVE-2020-11031.json +++ b/2020/11xxx/CVE-2020-11031.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data.\n\nThis is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium." + "value": "In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium." } ] }, diff --git a/2020/5xxx/CVE-2020-5781.json b/2020/5xxx/CVE-2020-5781.json index 69e9985dcaa..3e79cec8c1a 100644 --- a/2020/5xxx/CVE-2020-5781.json +++ b/2020/5xxx/CVE-2020-5781.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5781", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "IgniteNet HeliOS GLinq", + "version": { + "version_data": [ + { + "version_value": "v2.2.1 r2961" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-55", + "url": "https://www.tenable.com/security/research/tra-2020-55" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. When modified with arbitrary javascript, this causes a denial-of-service condition for all other users." } ] } diff --git a/2020/5xxx/CVE-2020-5782.json b/2020/5xxx/CVE-2020-5782.json index 0be16695364..141390ca068 100644 --- a/2020/5xxx/CVE-2020-5782.json +++ b/2020/5xxx/CVE-2020-5782.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5782", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "IgniteNet HeliOS GLinq", + "version": { + "version_data": [ + { + "version_value": "v2.2.1 r2961" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-55", + "url": "https://www.tenable.com/security/research/tra-2020-55" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the \u2018wan_type\u2019 parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection." } ] } diff --git a/2020/5xxx/CVE-2020-5783.json b/2020/5xxx/CVE-2020-5783.json index ed3aed63282..a7b99991cbd 100644 --- a/2020/5xxx/CVE-2020-5783.json +++ b/2020/5xxx/CVE-2020-5783.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5783", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "IgniteNet HeliOS GLinq", + "version": { + "version_data": [ + { + "version_value": "v2.2.1 r2961" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-55", + "url": "https://www.tenable.com/security/research/tra-2020-55" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms." } ] }