diff --git a/2020/14xxx/CVE-2020-14444.json b/2020/14xxx/CVE-2020-14444.json index dc1f8dc28c4..c919440aa53 100644 --- a/2020/14xxx/CVE-2020-14444.json +++ b/2020/14xxx/CVE-2020-14444.json @@ -56,6 +56,11 @@ "refsource": "CONFIRM", "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0707", "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0707" + }, + { + "refsource": "MISC", + "name": "https://cybersecurityworks.com/zerodays/cve-2020-14444-wso2.html", + "url": "https://cybersecurityworks.com/zerodays/cve-2020-14444-wso2.html" } ] }, diff --git a/2020/14xxx/CVE-2020-14445.json b/2020/14xxx/CVE-2020-14445.json index c5a22b94e3e..e469f531b3b 100644 --- a/2020/14xxx/CVE-2020-14445.json +++ b/2020/14xxx/CVE-2020-14445.json @@ -56,6 +56,11 @@ "refsource": "CONFIRM", "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0711", "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0711" + }, + { + "refsource": "MISC", + "name": "https://cybersecurityworks.com/zerodays/cve-2020-14445-wso2.html", + "url": "https://cybersecurityworks.com/zerodays/cve-2020-14445-wso2.html" } ] }, diff --git a/2020/14xxx/CVE-2020-14446.json b/2020/14xxx/CVE-2020-14446.json index 462efde605e..9620bde0728 100644 --- a/2020/14xxx/CVE-2020-14446.json +++ b/2020/14xxx/CVE-2020-14446.json @@ -56,6 +56,11 @@ "refsource": "CONFIRM", "name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0713", "url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0713" + }, + { + "refsource": "MISC", + "name": "https://cybersecurityworks.com/zerodays/cve-2020-14446-wso2.html", + "url": "https://cybersecurityworks.com/zerodays/cve-2020-14446-wso2.html" } ] }, diff --git a/2020/24xxx/CVE-2020-24602.json b/2020/24xxx/CVE-2020-24602.json index c74ed2a4939..1759eb5fd03 100644 --- a/2020/24xxx/CVE-2020-24602.json +++ b/2020/24xxx/CVE-2020-24602.json @@ -56,6 +56,11 @@ "url": "https://issues.igniterealtime.org/browse/OF-1963", "refsource": "MISC", "name": "https://issues.igniterealtime.org/browse/OF-1963" + }, + { + "refsource": "MISC", + "name": "https://cybersecurityworks.com/zerodays/cve-2020-24602-ignite-realtime-openfire.html", + "url": "https://cybersecurityworks.com/zerodays/cve-2020-24602-ignite-realtime-openfire.html" } ] } diff --git a/2020/24xxx/CVE-2020-24604.json b/2020/24xxx/CVE-2020-24604.json index 3b279311887..f6e29aea634 100644 --- a/2020/24xxx/CVE-2020-24604.json +++ b/2020/24xxx/CVE-2020-24604.json @@ -56,6 +56,11 @@ "url": "https://issues.igniterealtime.org/browse/OF-1963", "refsource": "MISC", "name": "https://issues.igniterealtime.org/browse/OF-1963" + }, + { + "refsource": "MISC", + "name": "https://cybersecurityworks.com/zerodays/cve-2020-24604-ignite-realtime-openfire.html", + "url": "https://cybersecurityworks.com/zerodays/cve-2020-24604-ignite-realtime-openfire.html" } ] } diff --git a/2020/24xxx/CVE-2020-24707.json b/2020/24xxx/CVE-2020-24707.json index 2d5b1f8b8ba..cafc372f5ea 100644 --- a/2020/24xxx/CVE-2020-24707.json +++ b/2020/24xxx/CVE-2020-24707.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24707", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24707", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0052/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0052/" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/releases/tag/v0.11.0", + "url": "https://github.com/gophish/gophish/releases/tag/v0.11.0" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/commit/b25f5ac5e468f6730e377f43c7995e18f8fccc2b", + "url": "https://github.com/gophish/gophish/commit/b25f5ac5e468f6730e377f43c7995e18f8fccc2b" } ] } diff --git a/2020/24xxx/CVE-2020-24708.json b/2020/24xxx/CVE-2020-24708.json index 1a6263be522..f6cb45553b0 100644 --- a/2020/24xxx/CVE-2020-24708.json +++ b/2020/24xxx/CVE-2020-24708.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24708", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24708", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0048/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0048/" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/commit/90fed5a575628b89eaf941e1627b49e0f3693812", + "url": "https://github.com/gophish/gophish/commit/90fed5a575628b89eaf941e1627b49e0f3693812" } ] } diff --git a/2020/24xxx/CVE-2020-24709.json b/2020/24xxx/CVE-2020-24709.json index d3cf14b7e09..435a3de79dc 100644 --- a/2020/24xxx/CVE-2020-24709.json +++ b/2020/24xxx/CVE-2020-24709.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24709", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24709", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0049/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0049/" } ] } diff --git a/2020/24xxx/CVE-2020-24710.json b/2020/24xxx/CVE-2020-24710.json index 209378d7317..37cb54072a9 100644 --- a/2020/24xxx/CVE-2020-24710.json +++ b/2020/24xxx/CVE-2020-24710.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24710", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24710", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gophish before 0.11.0 allows SSRF attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gophish/gophish/commit/e3352f481e94054ffe08494c9225d3878347b005", + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/commit/e3352f481e94054ffe08494c9225d3878347b005" + }, + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0054/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0054/" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/releases/tag/v0.11.0", + "url": "https://github.com/gophish/gophish/releases/tag/v0.11.0" } ] } diff --git a/2020/24xxx/CVE-2020-24711.json b/2020/24xxx/CVE-2020-24711.json index d284171e5cf..4013ba94015 100644 --- a/2020/24xxx/CVE-2020-24711.json +++ b/2020/24xxx/CVE-2020-24711.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24711", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24711", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gophish/gophish/commit/6df62e85fd60f0931d3c8bfdb13b436a961bc9b6", + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/commit/6df62e85fd60f0931d3c8bfdb13b436a961bc9b6" + }, + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0051/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0051/" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/releases/tag/v0.11.0", + "url": "https://github.com/gophish/gophish/releases/tag/v0.11.0" } ] } diff --git a/2020/24xxx/CVE-2020-24712.json b/2020/24xxx/CVE-2020-24712.json index 2849c3ef19d..2ba575c2bbe 100644 --- a/2020/24xxx/CVE-2020-24712.json +++ b/2020/24xxx/CVE-2020-24712.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24712", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24712", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the IMAP Host field on the account settings page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0050/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0050/" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/commit/4e9b94b641755f359542b246cc0c555fa3bc6715", + "url": "https://github.com/gophish/gophish/commit/4e9b94b641755f359542b246cc0c555fa3bc6715" + }, + { + "refsource": "MISC", + "name": "https://github.com/gophish/gophish/releases/tag/v0.11.0", + "url": "https://github.com/gophish/gophish/releases/tag/v0.11.0" } ] } diff --git a/2020/24xxx/CVE-2020-24713.json b/2020/24xxx/CVE-2020-24713.json index 5047e2ab9dd..5258174c690 100644 --- a/2020/24xxx/CVE-2020-24713.json +++ b/2020/24xxx/CVE-2020-24713.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24713", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24713", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gophish through 0.10.1 does not invalidate the gophish cookie upon logout." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://herolab.usd.de/security-advisories/usd-2020-0053/", + "url": "https://herolab.usd.de/security-advisories/usd-2020-0053/" } ] } diff --git a/2020/25xxx/CVE-2020-25374.json b/2020/25xxx/CVE-2020-25374.json index 4edfdde7b91..c078fa34e3e 100644 --- a/2020/25xxx/CVE-2020-25374.json +++ b/2020/25xxx/CVE-2020-25374.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25374", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25374", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20SysReq/System%20Requirements%20-%20PSM.htm", + "url": "https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20SysReq/System%20Requirements%20-%20PSM.htm" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@virajmota38/full-path-disclosure-8a9358e5a867", + "url": "https://medium.com/@virajmota38/full-path-disclosure-8a9358e5a867" } ] } diff --git a/2020/27xxx/CVE-2020-27981.json b/2020/27xxx/CVE-2020-27981.json new file mode 100644 index 00000000000..804b3170615 --- /dev/null +++ b/2020/27xxx/CVE-2020-27981.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27981", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file