diff --git a/2020/11xxx/CVE-2020-11975.json b/2020/11xxx/CVE-2020-11975.json index 60e1b6357b3..1e1bd70669c 100644 --- a/2020/11xxx/CVE-2020-11975.json +++ b/2020/11xxx/CVE-2020-11975.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "http://unomi.apache.org/security/cve-2020-11975.txt", "url": "http://unomi.apache.org/security/cve-2020-11975.txt" + }, + { + "refsource": "MLIST", + "name": "[unomi-commits] 20201113 svn commit: r1883398 - in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2020-13942.txt", + "url": "https://lists.apache.org/thread.html/r01021bc4b25c1e98812efca0b07f0e078a6281bd52f7c3817a429d95@%3Ccommits.unomi.apache.org%3E" } ] }, diff --git a/2020/24xxx/CVE-2020-24373.json b/2020/24xxx/CVE-2020-24373.json index 22bc54bdb48..c72af827ab1 100644 --- a/2020/24xxx/CVE-2020-24373.json +++ b/2020/24xxx/CVE-2020-24373.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://dev.freebox.fr/blog/?p=10222", "url": "https://dev.freebox.fr/blog/?p=10222" + }, + { + "refsource": "MISC", + "name": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/", + "url": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/" } ] }, diff --git a/2020/24xxx/CVE-2020-24374.json b/2020/24xxx/CVE-2020-24374.json index 79bc75754fd..3a9352d3941 100644 --- a/2020/24xxx/CVE-2020-24374.json +++ b/2020/24xxx/CVE-2020-24374.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://dev.freebox.fr/blog/?p=10222", "url": "https://dev.freebox.fr/blog/?p=10222" + }, + { + "refsource": "MISC", + "name": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/", + "url": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/" } ] }, @@ -55,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "A DNS rebinding vulnerability in Freebox HD before 1.5.29." + "value": "A DNS rebinding vulnerability in Freebox v5 before 1.5.29." } ] } diff --git a/2020/24xxx/CVE-2020-24376.json b/2020/24xxx/CVE-2020-24376.json index abefe3429a8..c30fc9f0489 100644 --- a/2020/24xxx/CVE-2020-24376.json +++ b/2020/24xxx/CVE-2020-24376.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://dev.freebox.fr/blog/?p=10222", "url": "https://dev.freebox.fr/blog/?p=10222" + }, + { + "refsource": "MISC", + "name": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/", + "url": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/" } ] }, @@ -55,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox Server before 4.2.3." + "value": "A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3." } ] } diff --git a/2020/24xxx/CVE-2020-24377.json b/2020/24xxx/CVE-2020-24377.json index 9a4132ab972..83725cb1b7e 100644 --- a/2020/24xxx/CVE-2020-24377.json +++ b/2020/24xxx/CVE-2020-24377.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://dev.freebox.fr/blog/?p=10222", "url": "https://dev.freebox.fr/blog/?p=10222" + }, + { + "refsource": "MISC", + "name": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/", + "url": "https://www.gabriel.urdhr.fr/2020/09/23/dns-rebinding-freebox/" } ] }, diff --git a/2020/28xxx/CVE-2020-28637.json b/2020/28xxx/CVE-2020-28637.json new file mode 100644 index 00000000000..658d4810b5b --- /dev/null +++ b/2020/28xxx/CVE-2020-28637.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-28637", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28638.json b/2020/28xxx/CVE-2020-28638.json new file mode 100644 index 00000000000..0557198af66 --- /dev/null +++ b/2020/28xxx/CVE-2020-28638.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-28638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with \"tomb {W] Detected DISPLAY, but only pinentry-curses is found.\" as the encryption key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/dyne/Tomb/issues/385", + "refsource": "MISC", + "name": "https://github.com/dyne/Tomb/issues/385" + } + ] + } +} \ No newline at end of file