From e16383fac0cdefe4a2d491b27390dcc8cf46d6c3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 13 Jul 2020 21:01:24 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/5xxx/CVE-2012-5687.json | 5 +++ 2018/1000xxx/CVE-2018-1000667.json | 10 +++++ 2018/10xxx/CVE-2018-10016.json | 10 +++++ 2018/10xxx/CVE-2018-10254.json | 10 +++++ 2018/10xxx/CVE-2018-10316.json | 10 +++++ 2018/16xxx/CVE-2018-16382.json | 10 +++++ 2018/16xxx/CVE-2018-16517.json | 10 +++++ 2018/16xxx/CVE-2018-16999.json | 10 +++++ 2018/19xxx/CVE-2018-19214.json | 10 +++++ 2018/19xxx/CVE-2018-19215.json | 10 +++++ 2018/19xxx/CVE-2018-19216.json | 10 +++++ 2018/8xxx/CVE-2018-8881.json | 10 +++++ 2018/8xxx/CVE-2018-8882.json | 10 +++++ 2018/8xxx/CVE-2018-8883.json | 10 +++++ 2020/11xxx/CVE-2020-11724.json | 5 +++ 2020/12xxx/CVE-2020-12402.json | 5 +++ 2020/14xxx/CVE-2020-14298.json | 65 ++++++++++++++++++++++++++++-- 2020/14xxx/CVE-2020-14947.json | 5 +++ 2020/15xxx/CVE-2020-15050.json | 56 ++++++++++++++++++++++--- 2020/5xxx/CVE-2020-5902.json | 5 +++ 20 files changed, 267 insertions(+), 9 deletions(-) diff --git a/2012/5xxx/CVE-2012-5687.json b/2012/5xxx/CVE-2012-5687.json index 368f179f806..510d254acb1 100644 --- a/2012/5xxx/CVE-2012-5687.json +++ b/2012/5xxx/CVE-2012-5687.json @@ -66,6 +66,11 @@ "name": "tplink-url-file-include(79662)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662" + }, + { + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html" } ] } diff --git a/2018/1000xxx/CVE-2018-1000667.json b/2018/1000xxx/CVE-2018-1000667.json index 8f24c2bcaf5..7b8a3525810 100644 --- a/2018/1000xxx/CVE-2018-1000667.json +++ b/2018/1000xxx/CVE-2018-1000667.json @@ -64,6 +64,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392507", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392507" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/10xxx/CVE-2018-10016.json b/2018/10xxx/CVE-2018-10016.json index e5f19f00f61..06ef5cb57c7 100644 --- a/2018/10xxx/CVE-2018-10016.json +++ b/2018/10xxx/CVE-2018-10016.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392473", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392473" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/10xxx/CVE-2018-10254.json b/2018/10xxx/CVE-2018-10254.json index e5424fb98dd..4b22f8279ca 100644 --- a/2018/10xxx/CVE-2018-10254.json +++ b/2018/10xxx/CVE-2018-10254.json @@ -56,6 +56,16 @@ "name": "https://sourceforge.net/p/nasm/bugs/561/", "refsource": "MISC", "url": "https://sourceforge.net/p/nasm/bugs/561/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/10xxx/CVE-2018-10316.json b/2018/10xxx/CVE-2018-10316.json index 2fd5048fc0a..3ce479a8008 100644 --- a/2018/10xxx/CVE-2018-10316.json +++ b/2018/10xxx/CVE-2018-10316.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392474", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392474" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/16xxx/CVE-2018-16382.json b/2018/16xxx/CVE-2018-16382.json index 70c65e89f5c..4a9e6792c78 100644 --- a/2018/16xxx/CVE-2018-16382.json +++ b/2018/16xxx/CVE-2018-16382.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392503", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392503" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/16xxx/CVE-2018-16517.json b/2018/16xxx/CVE-2018-16517.json index c5420e5550f..e2d1142f7ec 100644 --- a/2018/16xxx/CVE-2018-16517.json +++ b/2018/16xxx/CVE-2018-16517.json @@ -71,6 +71,16 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html", "url": "http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/16xxx/CVE-2018-16999.json b/2018/16xxx/CVE-2018-16999.json index d0386a36f9a..644c9029d6b 100644 --- a/2018/16xxx/CVE-2018-16999.json +++ b/2018/16xxx/CVE-2018-16999.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392508", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392508" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/19xxx/CVE-2018-19214.json b/2018/19xxx/CVE-2018-19214.json index 2ffeab42e7f..55d18d6e734 100644 --- a/2018/19xxx/CVE-2018-19214.json +++ b/2018/19xxx/CVE-2018-19214.json @@ -61,6 +61,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392521", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392521" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/19xxx/CVE-2018-19215.json b/2018/19xxx/CVE-2018-19215.json index e5fb39ae072..2e59eec039a 100644 --- a/2018/19xxx/CVE-2018-19215.json +++ b/2018/19xxx/CVE-2018-19215.json @@ -61,6 +61,16 @@ "name": "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f", "refsource": "MISC", "url": "https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/19xxx/CVE-2018-19216.json b/2018/19xxx/CVE-2018-19216.json index 9704594aef4..dbba9fb2afc 100644 --- a/2018/19xxx/CVE-2018-19216.json +++ b/2018/19xxx/CVE-2018-19216.json @@ -61,6 +61,16 @@ "name": "https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9", "refsource": "MISC", "url": "https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/8xxx/CVE-2018-8881.json b/2018/8xxx/CVE-2018-8881.json index 4d43c51339f..42ce789582c 100644 --- a/2018/8xxx/CVE-2018-8881.json +++ b/2018/8xxx/CVE-2018-8881.json @@ -61,6 +61,16 @@ "name": "USN-3694-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3694-1/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/8xxx/CVE-2018-8882.json b/2018/8xxx/CVE-2018-8882.json index 5a6bcbd0aad..de3b595b107 100644 --- a/2018/8xxx/CVE-2018-8882.json +++ b/2018/8xxx/CVE-2018-8882.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392445", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392445" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2018/8xxx/CVE-2018-8883.json b/2018/8xxx/CVE-2018-8883.json index 747bb28943e..9b25a3c8944 100644 --- a/2018/8xxx/CVE-2018-8883.json +++ b/2018/8xxx/CVE-2018-8883.json @@ -56,6 +56,16 @@ "name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392447", "refsource": "MISC", "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392447" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0952", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0954", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html" } ] } diff --git a/2020/11xxx/CVE-2020-11724.json b/2020/11xxx/CVE-2020-11724.json index 4478824d1d7..1fd95b278a7 100644 --- a/2020/11xxx/CVE-2020-11724.json +++ b/2020/11xxx/CVE-2020-11724.json @@ -56,6 +56,11 @@ "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch", "refsource": "MISC", "name": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch" + }, + { + "refsource": "MISC", + "name": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa", + "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa" } ] } diff --git a/2020/12xxx/CVE-2020-12402.json b/2020/12xxx/CVE-2020-12402.json index 8e08fc4563c..1e2913defad 100644 --- a/2020/12xxx/CVE-2020-12402.json +++ b/2020/12xxx/CVE-2020-12402.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631597", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631597" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0953", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00016.html" } ] }, diff --git a/2020/14xxx/CVE-2020-14298.json b/2020/14xxx/CVE-2020-14298.json index 71b84fe0648..ccd83cb7aae 100644 --- a/2020/14xxx/CVE-2020-14298.json +++ b/2020/14xxx/CVE-2020-14298.json @@ -4,14 +4,73 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-14298", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Docker", + "version": { + "version_data": [ + { + "version_value": "Affected version is 1.13.1-108.git4ef4b30.el7 shipped in Red Hat Enterprise Linux 7 Extras" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Regression" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://access.redhat.com/security/cve/CVE-2020-14298", + "url": "https://access.redhat.com/security/cve/CVE-2020-14298" + }, + { + "refsource": "CONFIRM", + "name": "https://access.redhat.com/security/vulnerabilities/runcescape", + "url": "https://access.redhat.com/security/vulnerabilities/runcescape" + }, + { + "refsource": "CONFIRM", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-5736", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-5736" + }, + { + "refsource": "CONFIRM", + "name": "https://access.redhat.com/errata/RHBA-2020:0427", + "url": "https://access.redhat.com/errata/RHBA-2020:0427" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected." } ] } diff --git a/2020/14xxx/CVE-2020-14947.json b/2020/14xxx/CVE-2020-14947.json index a91e2484bd0..0d4af2c045c 100644 --- a/2020/14xxx/CVE-2020-14947.json +++ b/2020/14xxx/CVE-2020-14947.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/158293/OCS-Inventory-NG-2.7-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/158293/OCS-Inventory-NG-2.7-Remote-Code-Execution.html" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/OCSInventory-NG/OCSInventory-ocsreports/commit/da72e0fddaeceee44fbbd7241e07e5d53d1eee64", + "url": "https://github.com/OCSInventory-NG/OCSInventory-ocsreports/commit/da72e0fddaeceee44fbbd7241e07e5d53d1eee64" } ] } diff --git a/2020/15xxx/CVE-2020-15050.json b/2020/15xxx/CVE-2020-15050.json index 31d3a4d04cf..88de9f1373c 100644 --- a/2020/15xxx/CVE-2020-15050.json +++ b/2020/15xxx/CVE-2020-15050.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-15050", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-15050", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.supremainc.com/en/support/biostar-2-pakage.asp", + "url": "https://www.supremainc.com/en/support/biostar-2-pakage.asp" } ] } diff --git a/2020/5xxx/CVE-2020-5902.json b/2020/5xxx/CVE-2020-5902.json index 7df7fa41902..040a86cadd2 100644 --- a/2020/5xxx/CVE-2020-5902.json +++ b/2020/5xxx/CVE-2020-5902.json @@ -68,6 +68,11 @@ "refsource": "CERT-VN", "name": "VU#290915", "url": "https://www.kb.cert.org/vuls/id/290915" + }, + { + "refsource": "MISC", + "name": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/", + "url": "https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/" } ] },