diff --git a/2010/0xxx/CVE-2010-0751.json b/2010/0xxx/CVE-2010-0751.json index 187b3540615..fa76fccd133 100644 --- a/2010/0xxx/CVE-2010-0751.json +++ b/2010/0xxx/CVE-2010-0751.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "The ip_evictor function in ip_fragment.c in libnids 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets." + "value": "The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets." } ] }, diff --git a/2015/5xxx/CVE-2015-5238.json b/2015/5xxx/CVE-2015-5238.json index 232e75e79ec..94d30af706c 100644 --- a/2015/5xxx/CVE-2015-5238.json +++ b/2015/5xxx/CVE-2015-5238.json @@ -1,17 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2015-5238", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-5238", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-3796. Reason: This candidate is a reservation duplicate of CVE-2015-3796. Notes: All CVE users should reference CVE-2015-3796 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2020/13xxx/CVE-2020-13932.json b/2020/13xxx/CVE-2020-13932.json index 765be21caab..2d5ad174781 100644 --- a/2020/13xxx/CVE-2020-13932.json +++ b/2020/13xxx/CVE-2020-13932.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt", "url": "https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt" + }, + { + "refsource": "MLIST", + "name": "[activemq-users] 20200721 Re: [ANNOUNCE] CVE-2020-13932 Apache ActiveMQ Artemis - Remote XSS in Web console Diagram Plugin", + "url": "https://lists.apache.org/thread.html/r7fcedcc89e5f296b174d6b8c1438c607c30d809c04292e5732d6e4eb@%3Cusers.activemq.apache.org%3E" } ] }, diff --git a/2020/14xxx/CVE-2020-14063.json b/2020/14xxx/CVE-2020-14063.json index ba136d2f767..e8d97fa9ac3 100644 --- a/2020/14xxx/CVE-2020-14063.json +++ b/2020/14xxx/CVE-2020-14063.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-14063", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-14063", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom JavaScript plugin before 1.2.2 for WordPress allows unauthenticated remote attackers to inject arbitrary JavaScript via the tccj-content parameter. This is displayed in the page footer of every front-end page and executed in the browser of visitors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/tc-custom-javascript/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/tc-custom-javascript/#developers" + }, + { + "refsource": "MISC", + "name": "https://www.wordfence.com/blog/2020/07/high-severity-vulnerability-patched-in-tc-custom-javascript/", + "url": "https://www.wordfence.com/blog/2020/07/high-severity-vulnerability-patched-in-tc-custom-javascript/" } ] } diff --git a/2020/15xxx/CVE-2020-15102.json b/2020/15xxx/CVE-2020-15102.json index 26514d2ce2f..d15531c1d3a 100644 --- a/2020/15xxx/CVE-2020-15102.json +++ b/2020/15xxx/CVE-2020-15102.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration.\n\nThe problem is fixed in 2.1.0." + "value": "In PrestaShop Dashboard Productions before version 2.1.0, there is improper authorization which enables an attacker to change the configuration. The problem is fixed in 2.1.0." } ] }, diff --git a/2020/15xxx/CVE-2020-15722.json b/2020/15xxx/CVE-2020-15722.json index 0fac3a58a6c..b504d83e296 100644 --- a/2020/15xxx/CVE-2020-15722.json +++ b/2020/15xxx/CVE-2020-15722.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-15722", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@360.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "360 Total Security", + "version": { + "version_data": [ + { + "version_value": "12.1.0.1004" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local privilege escalation vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.360.cn/News/news/id/232", + "url": "https://security.360.cn/News/news/id/232" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking could execute arbitrary code on the Local system." } ] } diff --git a/2020/15xxx/CVE-2020-15723.json b/2020/15xxx/CVE-2020-15723.json index 8848de5f2fc..288b74bb023 100644 --- a/2020/15xxx/CVE-2020-15723.json +++ b/2020/15xxx/CVE-2020-15723.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-15723", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@360.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "360 Total Security", + "version": { + "version_data": [ + { + "version_value": "12.1.0.1004" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local privilege escalation vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.360.cn/News/news/id/232", + "url": "https://security.360.cn/News/news/id/232" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system." } ] } diff --git a/2020/15xxx/CVE-2020-15724.json b/2020/15xxx/CVE-2020-15724.json index 5169b523b7c..3d3d0825617 100644 --- a/2020/15xxx/CVE-2020-15724.json +++ b/2020/15xxx/CVE-2020-15724.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-15724", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@360.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "360 Total Security", + "version": { + "version_data": [ + { + "version_value": "12.1.0.1005" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local privilege escalation vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.360.cn/News/news/id/232", + "url": "https://security.360.cn/News/news/id/232" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system." } ] }