From e87bfbef71090b7d2bf19e43534cd8f1260b02a7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 31 Dec 2020 18:01:48 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11832.json | 50 ++++++++++++++++++++++++++-- 2020/11xxx/CVE-2020-11833.json | 50 ++++++++++++++++++++++++++-- 2020/11xxx/CVE-2020-11834.json | 50 ++++++++++++++++++++++++++-- 2020/11xxx/CVE-2020-11835.json | 50 ++++++++++++++++++++++++++-- 2020/25xxx/CVE-2020-25797.json | 61 ++++++++++++++++++++++++++++++---- 2020/25xxx/CVE-2020-25799.json | 61 ++++++++++++++++++++++++++++++---- 6 files changed, 298 insertions(+), 24 deletions(-) diff --git a/2020/11xxx/CVE-2020-11832.json b/2020/11xxx/CVE-2020-11832.json index 16f60516dc4..3bd7045c622 100644 --- a/2020/11xxx/CVE-2020-11832.json +++ b/2020/11xxx/CVE-2020-11832.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11832", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OPPO Find X2", + "version": { + "version_data": [ + { + "version_value": "ColorOS V11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DOS Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability." } ] } diff --git a/2020/11xxx/CVE-2020-11833.json b/2020/11xxx/CVE-2020-11833.json index 93a26dd4342..2fafceab36f 100644 --- a/2020/11xxx/CVE-2020-11833.json +++ b/2020/11xxx/CVE-2020-11833.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11833", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OPPO Find X2", + "version": { + "version_data": [ + { + "version_value": "ColorOS V11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DOS Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability." } ] } diff --git a/2020/11xxx/CVE-2020-11834.json b/2020/11xxx/CVE-2020-11834.json index 7854cb2b267..606e771a1a5 100644 --- a/2020/11xxx/CVE-2020-11834.json +++ b/2020/11xxx/CVE-2020-11834.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11834", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OPPO Find X2", + "version": { + "version_data": [ + { + "version_value": "ColorOS V11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DOS Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerability." } ] } diff --git a/2020/11xxx/CVE-2020-11835.json b/2020/11xxx/CVE-2020-11835.json index 79b0c60cab0..7012df809e6 100644 --- a/2020/11xxx/CVE-2020-11835.json +++ b/2020/11xxx/CVE-2020-11835.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11835", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OPPO Find X2", + "version": { + "version_data": [ + { + "version_value": "ColorOS V11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DOS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336", + "url": "https://security.oppo.com/en/noticedetails.html?noticeId=NOTICE-1333235676610830336" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability." } ] } diff --git a/2020/25xxx/CVE-2020-25797.json b/2020/25xxx/CVE-2020-25797.json index 274cfbe754f..f459bf05b5f 100644 --- a/2020/25xxx/CVE-2020-25797.json +++ b/2020/25xxx/CVE-2020-25797.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25797", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25797", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add Participants Function (First and last name parameters). When the survey participant being edited, e.g. by an administrative user, the JavaScript code will be executed in the browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.limesurvey.org/view.php?id=15680", + "refsource": "MISC", + "name": "https://bugs.limesurvey.org/view.php?id=15680" + }, + { + "url": "https://github.com/LimeSurvey/LimeSurvey/commit/0a7bdfa1c166f734d11a1528c8d9a7d61b670ad7", + "refsource": "MISC", + "name": "https://github.com/LimeSurvey/LimeSurvey/commit/0a7bdfa1c166f734d11a1528c8d9a7d61b670ad7" } ] } diff --git a/2020/25xxx/CVE-2020-25799.json b/2020/25xxx/CVE-2020-25799.json index 98dad1c056b..79832580535 100644 --- a/2020/25xxx/CVE-2020-25799.json +++ b/2020/25xxx/CVE-2020-25799.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25799", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25799", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugs.limesurvey.org/view.php?id=15681", + "refsource": "MISC", + "name": "https://bugs.limesurvey.org/view.php?id=15681" + }, + { + "url": "https://github.com/LimeSurvey/LimeSurvey/commit/a5f317817da4577d9ff457fea9c96482b3d1df23", + "refsource": "MISC", + "name": "https://github.com/LimeSurvey/LimeSurvey/commit/a5f317817da4577d9ff457fea9c96482b3d1df23" } ] }