diff --git a/2018/10xxx/CVE-2018-10899.json b/2018/10xxx/CVE-2018-10899.json index 6f0e05e847f..6449c3346c7 100644 --- a/2018/10xxx/CVE-2018-10899.json +++ b/2018/10xxx/CVE-2018-10899.json @@ -68,6 +68,11 @@ "refsource": "MLIST", "name": "[activemq-issues] 20200102 [jira] [Created] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899", "url": "https://lists.apache.org/thread.html/1392fbebb4fbbec379a40d16e1288fe1e4c0289d257e5206051a3793@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20200120 [jira] [Work logged] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899", + "url": "https://lists.apache.org/thread.html/rc169dac018d07e8ddf2a3bb2fd1efc6cbda4f83f1bbf7a8c798e7f4f@%3Cissues.activemq.apache.org%3E" } ] }, diff --git a/2019/16xxx/CVE-2019-16405.json b/2019/16xxx/CVE-2019-16405.json index 5d86c2298e4..781d5ee01a6 100644 --- a/2019/16xxx/CVE-2019-16405.json +++ b/2019/16xxx/CVE-2019-16405.json @@ -96,6 +96,11 @@ "refsource": "CONFIRM", "name": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html", "url": "https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-19.10.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/155999/Centreon-19.04-Remote-Code-Execution.html" } ] } diff --git a/2019/19xxx/CVE-2019-19031.json b/2019/19xxx/CVE-2019-19031.json index 2e86aff4df5..c131663d88d 100644 --- a/2019/19xxx/CVE-2019-19031.json +++ b/2019/19xxx/CVE-2019-19031.json @@ -56,6 +56,11 @@ "refsource": "MISC", "name": "https://hackpuntes.com/cve-2019-19031-easy-xml-editor-1-7-8-inyeccion-xml/", "url": "https://hackpuntes.com/cve-2019-19031-easy-xml-editor-1-7-8-inyeccion-xml/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155996/Easy-XML-Editor-1.7.8-XML-Injection.html", + "url": "http://packetstormsecurity.com/files/155996/Easy-XML-Editor-1.7.8-XML-Injection.html" } ] } diff --git a/2019/20xxx/CVE-2019-20382.json b/2019/20xxx/CVE-2019-20382.json new file mode 100644 index 00000000000..2305dcf0dcf --- /dev/null +++ b/2019/20xxx/CVE-2019-20382.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20382", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20383.json b/2019/20xxx/CVE-2019-20383.json new file mode 100644 index 00000000000..c84eb28de0e --- /dev/null +++ b/2019/20xxx/CVE-2019-20383.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20383", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7239.json b/2020/7xxx/CVE-2020-7239.json new file mode 100644 index 00000000000..0cb2705c289 --- /dev/null +++ b/2020/7xxx/CVE-2020-7239.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-7239", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7240.json b/2020/7xxx/CVE-2020-7240.json new file mode 100644 index 00000000000..b93df28473c --- /dev/null +++ b/2020/7xxx/CVE-2020-7240.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-7240", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://sku11army.blogspot.com/2020/01/heinberg-lantime-m1000-rce.html", + "refsource": "MISC", + "name": "https://sku11army.blogspot.com/2020/01/heinberg-lantime-m1000-rce.html" + }, + { + "url": "https://sku11army.blogspot.com/2020/01/meinberg-lantime-m1000-rce.html", + "refsource": "MISC", + "name": "https://sku11army.blogspot.com/2020/01/meinberg-lantime-m1000-rce.html" + } + ] + } +} \ No newline at end of file diff --git a/2020/7xxx/CVE-2020-7241.json b/2020/7xxx/CVE-2020-7241.json new file mode 100644 index 00000000000..6dfcebe69c4 --- /dev/null +++ b/2020/7xxx/CVE-2020-7241.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-7241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in the directory wp-content/uploads/db-backup/. This might allow attackers to read ZIP archives by guessing random ID numbers, guessing date strings with a 2020_{0..1}{0..2}_{0..3}{0..9} format, guessing UNIX timestamps, and making HTTPS requests with the complete guessed URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://wordpress.org/plugins/wp-database-backup/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/wp-database-backup/#developers" + }, + { + "url": "https://github.com/V1n1v131r4/Exploiting-WP-Database-Backup-WordPress-Plugin/blob/master/README.md", + "refsource": "MISC", + "name": "https://github.com/V1n1v131r4/Exploiting-WP-Database-Backup-WordPress-Plugin/blob/master/README.md" + } + ] + } +} \ No newline at end of file