From cc8b8bd491d6bbfbe7a512bc4601cfff337142ab Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 7 Jan 2020 21:01:14 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/14xxx/CVE-2019-14815.json | 10 ++++++ 2019/14xxx/CVE-2019-14906.json | 3 +- 2019/6xxx/CVE-2019-6529.json | 58 ++++++++++++++++++++++++++++++---- 2020/5xxx/CVE-2020-5307.json | 5 +++ 2020/5xxx/CVE-2020-5841.json | 56 ++++++++++++++++++++++++++++---- 5 files changed, 118 insertions(+), 14 deletions(-) diff --git a/2019/14xxx/CVE-2019-14815.json b/2019/14xxx/CVE-2019-14815.json index e81bf6df9c1..111b9a27016 100644 --- a/2019/14xxx/CVE-2019-14815.json +++ b/2019/14xxx/CVE-2019-14815.json @@ -44,6 +44,16 @@ }, "references": { "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a", + "url": "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a" + }, + { + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2019-14815", + "url": "https://access.redhat.com/security/cve/cve-2019-14815" + }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815", diff --git a/2019/14xxx/CVE-2019-14906.json b/2019/14xxx/CVE-2019-14906.json index 9e78e4407fe..3628e1d84e4 100644 --- a/2019/14xxx/CVE-2019-14906.json +++ b/2019/14xxx/CVE-2019-14906.json @@ -4,7 +4,8 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-14906", - "ASSIGNER": "gsuckevi@redhat.com" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2019/6xxx/CVE-2019-6529.json b/2019/6xxx/CVE-2019-6529.json index 10c4cad0641..984b27cf2f5 100644 --- a/2019/6xxx/CVE-2019-6529.json +++ b/2019/6xxx/CVE-2019-6529.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-6529", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-6529", + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "PR100088 Modbus gateway", + "version": { + "version_data": [ + { + "version_value": "All versions prior to Release R02 (or Software Version 1.1.13166)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior to release R02 (or Software Version 1.1.13166)." } ] } diff --git a/2020/5xxx/CVE-2020-5307.json b/2020/5xxx/CVE-2020-5307.json index 0431f7c7a6f..4d078b416e5 100644 --- a/2020/5xxx/CVE-2020-5307.json +++ b/2020/5xxx/CVE-2020-5307.json @@ -56,6 +56,11 @@ "refsource": "EXPLOIT-DB", "name": "47846", "url": "https://www.exploit-db.com/exploits/47846" + }, + { + "refsource": "MISC", + "name": "https://cinzinga.github.io/CVE-2020-5307-5308/", + "url": "https://cinzinga.github.io/CVE-2020-5307-5308/" } ] } diff --git a/2020/5xxx/CVE-2020-5841.json b/2020/5xxx/CVE-2020-5841.json index 4692d2eac5f..94d2bf9f6a7 100644 --- a/2020/5xxx/CVE-2020-5841.json +++ b/2020/5xxx/CVE-2020-5841.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-5841", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-5841", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in OpServices OpMon 9.3.1-1. Using password change parameters, an attacker could perform SQL injection without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@ph0rensic/sql-injection-opmon-9-3-1-1-770bd7e7ad1", + "url": "https://medium.com/@ph0rensic/sql-injection-opmon-9-3-1-1-770bd7e7ad1" } ] }