diff --git a/2020/10xxx/CVE-2020-10720.json b/2020/10xxx/CVE-2020-10720.json index 91c53e12f94..8af53d9ed9d 100644 --- a/2020/10xxx/CVE-2020-10720.json +++ b/2020/10xxx/CVE-2020-10720.json @@ -60,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "A flaw was found in the Linux kernel\u2019s implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system." + "value": "A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system." } ] } diff --git a/2020/15xxx/CVE-2020-15810.json b/2020/15xxx/CVE-2020-15810.json index 5057678c853..95ab72f69c8 100644 --- a/2020/15xxx/CVE-2020-15810.json +++ b/2020/15xxx/CVE-2020-15810.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-73af8655eb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-63f3bd656e", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/" } ] } diff --git a/2020/15xxx/CVE-2020-15811.json b/2020/15xxx/CVE-2020-15811.json index c6ecbf708d9..2c25c4a2890 100644 --- a/2020/15xxx/CVE-2020-15811.json +++ b/2020/15xxx/CVE-2020-15811.json @@ -71,6 +71,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-73af8655eb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-63f3bd656e", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/" } ] } diff --git a/2020/24xxx/CVE-2020-24606.json b/2020/24xxx/CVE-2020-24606.json index 1d55f789597..9d8507d8043 100644 --- a/2020/24xxx/CVE-2020-24606.json +++ b/2020/24xxx/CVE-2020-24606.json @@ -76,6 +76,11 @@ "refsource": "FEDORA", "name": "FEDORA-2020-73af8655eb", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-63f3bd656e", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/" } ] }, diff --git a/2020/24xxx/CVE-2020-24661.json b/2020/24xxx/CVE-2020-24661.json index dce82c62e54..3cf8593499d 100644 --- a/2020/24xxx/CVE-2020-24661.json +++ b/2020/24xxx/CVE-2020-24661.json @@ -56,6 +56,11 @@ "url": "https://gitlab.gnome.org/GNOME/geary/-/issues/866", "refsource": "MISC", "name": "https://gitlab.gnome.org/GNOME/geary/-/issues/866" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-d445fb484a", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS6CSTOBVO5HSAR3X5CT6DS6QDHXDB26/" } ] } diff --git a/2020/2xxx/CVE-2020-2875.json b/2020/2xxx/CVE-2020-2875.json index 15c3304bc51..0fc7b6a3ed9 100644 --- a/2020/2xxx/CVE-2020-2875.json +++ b/2020/2xxx/CVE-2020-2875.json @@ -78,6 +78,11 @@ "refsource": "DEBIAN", "name": "DSA-4703", "url": "https://www.debian.org/security/2020/dsa-4703" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-747ec39700", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" } ] } diff --git a/2020/2xxx/CVE-2020-2933.json b/2020/2xxx/CVE-2020-2933.json index 9e3cd1f86e3..5ef98f8fcfb 100644 --- a/2020/2xxx/CVE-2020-2933.json +++ b/2020/2xxx/CVE-2020-2933.json @@ -74,6 +74,11 @@ "refsource": "DEBIAN", "name": "DSA-4703", "url": "https://www.debian.org/security/2020/dsa-4703" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-747ec39700", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" } ] } diff --git a/2020/2xxx/CVE-2020-2934.json b/2020/2xxx/CVE-2020-2934.json index 01252b7c9e9..61e08b0c396 100644 --- a/2020/2xxx/CVE-2020-2934.json +++ b/2020/2xxx/CVE-2020-2934.json @@ -78,6 +78,11 @@ "refsource": "DEBIAN", "name": "DSA-4703", "url": "https://www.debian.org/security/2020/dsa-4703" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2020-747ec39700", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/" } ] } diff --git a/2020/7xxx/CVE-2020-7719.json b/2020/7xxx/CVE-2020-7719.json index 414f1092607..6e68bb7415b 100644 --- a/2020/7xxx/CVE-2020-7719.json +++ b/2020/7xxx/CVE-2020-7719.json @@ -51,6 +51,11 @@ "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-LOCUTUS-598675", "name": "https://snyk.io/vuln/SNYK-JS-LOCUTUS-598675" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/kvz/locutus/pull/418/", + "url": "https://github.com/kvz/locutus/pull/418/" } ] }, @@ -58,7 +63,7 @@ "description_data": [ { "lang": "eng", - "value": "All versions of package locutus are vulnerable to Prototype Pollution via the php.strings.parse_str function." + "value": "Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function." } ] }, diff --git a/2020/9xxx/CVE-2020-9083.json b/2020/9xxx/CVE-2020-9083.json index 84e6ea22eff..2bde54e5427 100644 --- a/2020/9xxx/CVE-2020-9083.json +++ b/2020/9xxx/CVE-2020-9083.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-9083", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HUAWEI Mate 20", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 10.1.0.163(C00E160R3P8)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-03-smartphone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. The attacker can enter a large amount of text on the phone. Due to insufficient verification of the parameter, successful exploitation can impact the service." } ] } diff --git a/2020/9xxx/CVE-2020-9235.json b/2020/9xxx/CVE-2020-9235.json index 82dc29cadcb..1d8405a4b5c 100644 --- a/2020/9xxx/CVE-2020-9235.json +++ b/2020/9xxx/CVE-2020-9235.json @@ -4,14 +4,85 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-9235", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@huawei.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HONOR 20 PRO;Honor View 20;OxfordS-AN00A;Princeton-AL10B;Princeton-AL10D;Princeton-TL10C;Tony-AL00B;Yale-AL00A;Yale-L21A;Yale-L61A", + "version": { + "version_data": [ + { + "version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1)" + }, + { + "version_value": "Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3)" + }, + { + "version_value": "Versions earlier than 10.1.0.212(C00E210R5P1)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C01E160R2P11)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R2P11)" + }, + { + "version_value": "Versions earlier than 10.1.0.160(C00E160R8P12)" + }, + { + "version_value": "Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1)" + }, + { + "version_value": "Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en", + "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak." } ] }