diff --git a/2020/12xxx/CVE-2020-12689.json b/2020/12xxx/CVE-2020-12689.json index 509467eb8d9..ad492b5550c 100644 --- a/2020/12xxx/CVE-2020-12689.json +++ b/2020/12xxx/CVE-2020-12689.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone", "url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "UBUNTU", + "name": "USN-4480-1", + "url": "https://usn.ubuntu.com/4480-1/" } ] } diff --git a/2020/12xxx/CVE-2020-12690.json b/2020/12xxx/CVE-2020-12690.json index 3bf03ef1102..e150e506a75 100644 --- a/2020/12xxx/CVE-2020-12690.json +++ b/2020/12xxx/CVE-2020-12690.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone", "url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "UBUNTU", + "name": "USN-4480-1", + "url": "https://usn.ubuntu.com/4480-1/" } ] } diff --git a/2020/12xxx/CVE-2020-12691.json b/2020/12xxx/CVE-2020-12691.json index cd380ec6818..51127ebb029 100644 --- a/2020/12xxx/CVE-2020-12691.json +++ b/2020/12xxx/CVE-2020-12691.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[druid-commits] 20200520 [GitHub] [druid] ccaominh opened a new pull request #9903: Suppress CVEs for openstack-keystone", "url": "https://lists.apache.org/thread.html/re4ffc55cd2f1b55a26e07c83b3c22c3fe4bae6054d000a57fb48d8c2@%3Ccommits.druid.apache.org%3E" + }, + { + "refsource": "UBUNTU", + "name": "USN-4480-1", + "url": "https://usn.ubuntu.com/4480-1/" } ] } diff --git a/2020/12xxx/CVE-2020-12692.json b/2020/12xxx/CVE-2020-12692.json index 2589a051847..a1214a5d023 100644 --- a/2020/12xxx/CVE-2020-12692.json +++ b/2020/12xxx/CVE-2020-12692.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[oss-security] 20200507 Re: [OSSA-2020-003] Keystone: Keystone does not check signature TTL of the EC2 credential auth method (CVE PENDING)", "url": "http://www.openwall.com/lists/oss-security/2020/05/07/1" + }, + { + "refsource": "UBUNTU", + "name": "USN-4480-1", + "url": "https://usn.ubuntu.com/4480-1/" } ] } diff --git a/2020/13xxx/CVE-2020-13757.json b/2020/13xxx/CVE-2020-13757.json index 0216c822fdc..c5c5e28a50a 100644 --- a/2020/13xxx/CVE-2020-13757.json +++ b/2020/13xxx/CVE-2020-13757.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-5ed5627d2b", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYB65VNILRBTXL6EITQTH2PZPK7I23MW/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4478-1", + "url": "https://usn.ubuntu.com/4478-1/" } ] } diff --git a/2020/16xxx/CVE-2020-16150.json b/2020/16xxx/CVE-2020-16150.json index e60476f7782..4322b664339 100644 --- a/2020/16xxx/CVE-2020-16150.json +++ b/2020/16xxx/CVE-2020-16150.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-16150", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-16150", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://tls.mbed.org/tech-updates/security-advisories", + "refsource": "MISC", + "name": "https://tls.mbed.org/tech-updates/security-advisories" + }, + { + "refsource": "CONFIRM", + "name": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1", + "url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1" } ] } diff --git a/2020/24xxx/CVE-2020-24583.json b/2020/24xxx/CVE-2020-24583.json index 4b487abc777..2b91c082fdb 100644 --- a/2020/24xxx/CVE-2020-24583.json +++ b/2020/24xxx/CVE-2020-24583.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://www.djangoproject.com/weblog/2020/sep/01/security-releases/", "url": "https://www.djangoproject.com/weblog/2020/sep/01/security-releases/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4479-1", + "url": "https://usn.ubuntu.com/4479-1/" } ] } diff --git a/2020/24xxx/CVE-2020-24584.json b/2020/24xxx/CVE-2020-24584.json index fe3ef3e457d..99bda6ea62c 100644 --- a/2020/24xxx/CVE-2020-24584.json +++ b/2020/24xxx/CVE-2020-24584.json @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://www.djangoproject.com/weblog/2020/sep/01/security-releases/", "url": "https://www.djangoproject.com/weblog/2020/sep/01/security-releases/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4479-1", + "url": "https://usn.ubuntu.com/4479-1/" } ] } diff --git a/2020/25xxx/CVE-2020-25075.json b/2020/25xxx/CVE-2020-25075.json new file mode 100644 index 00000000000..bef17f50edf --- /dev/null +++ b/2020/25xxx/CVE-2020-25075.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25075", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25076.json b/2020/25xxx/CVE-2020-25076.json new file mode 100644 index 00000000000..44f837febcf --- /dev/null +++ b/2020/25xxx/CVE-2020-25076.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25076", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25077.json b/2020/25xxx/CVE-2020-25077.json new file mode 100644 index 00000000000..8fe09a00837 --- /dev/null +++ b/2020/25xxx/CVE-2020-25077.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-25077", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25078.json b/2020/25xxx/CVE-2020-25078.json new file mode 100644 index 00000000000..284b0266c4b --- /dev/null +++ b/2020/25xxx/CVE-2020-25078.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-25078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180" + }, + { + "url": "https://twitter.com/Dogonsecurity/status/1273251236167516161", + "refsource": "MISC", + "name": "https://twitter.com/Dogonsecurity/status/1273251236167516161" + } + ] + } +} \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25079.json b/2020/25xxx/CVE-2020-25079.json new file mode 100644 index 00000000000..bd8874baaf4 --- /dev/null +++ b/2020/25xxx/CVE-2020-25079.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-25079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. cgi-bin/ddns_enc.cgi allows authenticated command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180", + "refsource": "MISC", + "name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180" + }, + { + "url": "https://twitter.com/Dogonsecurity/status/1271265152118259712", + "refsource": "MISC", + "name": "https://twitter.com/Dogonsecurity/status/1271265152118259712" + } + ] + } +} \ No newline at end of file