diff --git a/2019/15xxx/CVE-2019-15601.json b/2019/15xxx/CVE-2019-15601.json index c950fdbf956..11a54968bb5 100644 --- a/2019/15xxx/CVE-2019-15601.json +++ b/2019/15xxx/CVE-2019-15601.json @@ -4,78 +4,14 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-15601", - "ASSIGNER": "support@hackerone.com", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "n/a", - "product": { - "product_data": [ - { - "product_name": "https://github.com/curl/curl", - "version": { - "version_data": [ - { - "version_value": "Fixed in version 7.68.0" - } - ] - } - } - ] - } - } - ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Improper Input Validation (CWE-20)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://hackerone.com/reports/726117", - "url": "https://hackerone.com/reports/726117" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20200108 [SECURITY ADVISORY] curl: SMB access smuggling via FILE URL on Windows (CVE-2019-15601)", - "url": "http://www.openwall.com/lists/oss-security/2020/01/08/1" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200127-0002/", - "url": "https://security.netapp.com/advisory/ntap-20200127-0002/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", - "refsource": "MISC", - "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200416-0003/", - "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" - } - ] + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "CURL before 7.68.0 lacks proper input validation, which allows users to create a `FILE:` URL that can make the client access a remote file using SMB (Windows-only issue)." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2019/1xxx/CVE-2019-1547.json b/2019/1xxx/CVE-2019-1547.json index 669594d8255..38b7145b6e6 100644 --- a/2019/1xxx/CVE-2019-1547.json +++ b/2019/1xxx/CVE-2019-1547.json @@ -207,11 +207,6 @@ "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200416-0003/", - "url": "https://security.netapp.com/advisory/ntap-20200416-0003/" } ] } diff --git a/2019/20xxx/CVE-2019-20728.json b/2019/20xxx/CVE-2019-20728.json index c5f315a1291..82a9206ff68 100644 --- a/2019/20xxx/CVE-2019-20728.json +++ b/2019/20xxx/CVE-2019-20728.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20728", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20728", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500v2 before 1.0.3.26, R7800 before 1.0.2.44, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.96, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, WNR2000v5 before 1.0.0.64, and WNR3500Lv2 before 1.2.0.48." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315", + "url": "https://kb.netgear.com/000061199/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2017-315" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20729.json b/2019/20xxx/CVE-2019-20729.json index 437815be048..0aac40da66f 100644 --- a/2019/20xxx/CVE-2019-20729.json +++ b/2019/20xxx/CVE-2019-20729.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20729", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20729", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNDR3000 before 1.0.0.22, R6250 before 1.0.4.26, R6300v2 before 1.0.4.22, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R6900P before 1.3.1.26, R7000P before 1.3.1.26, R7300DST before 1.0.0.62, R7900 before 1.0.2.16, R8000 before 1.0.4.18, R7900P before 1.4.1.42, R8000P before 1.4.1.42, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WNDR3400v3 before 1.0.1.18, WNDR4500v2 before 1.0.0.68, and WNR3500Lv2 before 1.2.0.48." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120", + "url": "https://kb.netgear.com/000061198/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-3120" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:C/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20730.json b/2019/20xxx/CVE-2019-20730.json index f2c305034c4..7a03deb0f75 100644 --- a/2019/20xxx/CVE-2019-20730.json +++ b/2019/20xxx/CVE-2019-20730.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20730", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20730", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DC112A before 1.0.0.40, EX8000 before 1.0.0.118, JR6150 before 1.0.1.18, R6050 before 1.0.1.18, R6220 before 1.1.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900v2 before 1.2.0.16, R6900 before 1.0.1.44, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7500 before 1.0.0.118, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, R8900 before 1.0.3.6, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.98, WNDR4300v2 before 1.0.0.56, and WNDR4500v3 before 1.0.0.56." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056", + "url": "https://kb.netgear.com/000061197/Security-Advisory-for-SQL-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-3056" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:L/PR:N/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20731.json b/2019/20xxx/CVE-2019-20731.json index 609e4514335..ec65f334e43 100644 --- a/2019/20xxx/CVE-2019-20731.json +++ b/2019/20xxx/CVE-2019-20731.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20731", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20731", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.18, R6400v2 before 1.0.2.52, R6700 before 1.0.1.44, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.34, R7300DST before 1.0.0.62, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.116, R8500 before 1.0.2.116, WN2500RPv2 before 1.0.1.54, and WNDR3400v3 before 1.0.1.18." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254", + "url": "https://kb.netgear.com/000061196/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2254" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20732.json b/2019/20xxx/CVE-2019-20732.json index 4b2f63e8c44..f024a5b9ac2 100644 --- a/2019/20xxx/CVE-2019-20732.json +++ b/2019/20xxx/CVE-2019-20732.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20732", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20732", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 before 1.0.1.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.26, R6900P before 1.3.0.20, R7000P before 1.3.0.20, R7100LG before 1.0.0.40, R7300DST before 1.0.0.62, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.18, and WNR3500Lv2 before 1.2.0.48." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228", + "url": "https://kb.netgear.com/000061195/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2228" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20733.json b/2019/20xxx/CVE-2019-20733.json index 4063e413fd4..1bbb431804b 100644 --- a/2019/20xxx/CVE-2019-20733.json +++ b/2019/20xxx/CVE-2019-20733.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20733", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20733", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R6900P before 1.3.1.64, R7000P before 1.3.1.64, R7100LG before 1.0.0.46, R7300DST before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.12, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.22, and WNR3500Lv2 before 1.2.0.54." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017", + "url": "https://kb.netgear.com/000061193/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2017" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20734.json b/2019/20xxx/CVE-2019-20734.json index 5b70fb21ac1..4e8e78621ff 100644 --- a/2019/20xxx/CVE-2019-20734.json +++ b/2019/20xxx/CVE-2019-20734.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20734", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20734", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.40, D8500 before 1.0.3.39, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6300v2 before 1.0.4.18, R6400 before 1.0.1.24, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6700v3 before 1.0.2.32, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R6900P before 1.0.0.56, R7000P before 1.0.0.56, R7100LG before 1.0.0.42, R7300DST before 1.0.0.54, R7900 before 1.0.1.26, R8300 before 1.0.2.106, R8500 before 1.0.2.106, WN2500RPv2 before 1.0.1.54, and WNR3500Lv2 before 1.2.0.46." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791", + "url": "https://kb.netgear.com/000061192/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-0791" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:H/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20735.json b/2019/20xxx/CVE-2019-20735.json index 44af5fd3979..a2e79c3e340 100644 --- a/2019/20xxx/CVE-2019-20735.json +++ b/2019/20xxx/CVE-2019-20735.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20735", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20735", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before V1.0.0.75, D6100 before V1.0.0.63, R7800 before v1.0.2.52, R8900 before v1.0.4.2, R9000 before v1.0.4.2, RBK50 before v2.3.0.32, RBR50 before v2.3.0.32, RBS50 before v2.3.0.32, WNDR3700v4 before V1.0.2.102, WNDR4300v1 before V1.0.2.104, WNDR4300v2 before v1.0.0.58, WNDR4500v3 before v1.0.0.58, WNR2000v5 before v1.0.0.68, and XR500 before V2.3.2.32." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061191/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0138", + "url": "https://kb.netgear.com/000061191/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2018-0138" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20736.json b/2019/20xxx/CVE-2019-20736.json index 395460db531..64ec65fa7d3 100644 --- a/2019/20xxx/CVE-2019-20736.json +++ b/2019/20xxx/CVE-2019-20736.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20736", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20736", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061190/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0133", + "url": "https://kb.netgear.com/000061190/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0133" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20737.json b/2019/20xxx/CVE-2019-20737.json index 0fb8dd15529..9b07291aac5 100644 --- a/2019/20xxx/CVE-2019-20737.json +++ b/2019/20xxx/CVE-2019-20737.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20737", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20737", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.106, DGND2200Bv4 before 1.0.0.106, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6400 before 1.0.1.42, R6700 before 1.0.1.46, R6700v3 before 1.0.2.52, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7900P before 1.3.0.10, R8000P before 1.3.0.10, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN2500RPv2 before 1.0.1.54, WNDR3400v3 before 1.0.1.24, and WNR3500Lv2 before 1.2.0.54." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061188/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2016", + "url": "https://kb.netgear.com/000061188/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Gateways-and-Extenders-PSV-2017-2016" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:L/C:H/I:L/PR:H/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20738.json b/2019/20xxx/CVE-2019-20738.json index 95c94d5b2b9..1ba6a1860af 100644 --- a/2019/20xxx/CVE-2019-20738.json +++ b/2019/20xxx/CVE-2019-20738.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20738", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20738", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50, JWNR2010v5 before 1.1.0.50, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6100 before 1.0.1.16, R6120 before 1.0.0.40, R6700v2 before 1.2.0.14, R6800 before 1.2.0.14, R6900v2 before 1.2.0.14, R7500v2 before 1.0.3.26, R7800 before 1.0.2.46, R9000 before 1.0.4.2, WN3000RPv2 before 1.0.0.52, WN3000RPv3 before 1.0.2.78, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, WNR1000v4 before 1.1.0.50, WNR2000v5 before 1.0.0.64, WNR2020 before 1.1.0.50, and WNR2050 before 1.1.0.50." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100", + "url": "https://kb.netgear.com/000061187/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Gateways-and-WiFi-System-PSV-2016-0100" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20739.json b/2019/20xxx/CVE-2019-20739.json index e52e24b9502..8a640635c10 100644 --- a/2019/20xxx/CVE-2019-20739.json +++ b/2019/20xxx/CVE-2019-20739.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20739", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20739", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETGEAR R8500 devices before v1.0.2.128 are affected by a buffer overflow by an unauthenticated attacker." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000061179/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-R8500-PSV-2017-0636", + "url": "https://kb.netgear.com/000061179/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-R8500-PSV-2017-0636" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:L/C:N/I:N/PR:N/S:U/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20740.json b/2019/20xxx/CVE-2019-20740.json index 84f7d2a3550..bad85722ecf 100644 --- a/2019/20xxx/CVE-2019-20740.json +++ b/2019/20xxx/CVE-2019-20740.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20740", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20740", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.130." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000060976/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0258", + "url": "https://kb.netgear.com/000060976/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2018-0258" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:H/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:R", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20741.json b/2019/20xxx/CVE-2019-20741.json index 547fb78ab1a..0204860d6ca 100644 --- a/2019/20xxx/CVE-2019-20741.json +++ b/2019/20xxx/CVE-2019-20741.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20741", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20741", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of sensitive information." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000060982/Security-Advisory-for-Sensitive-Information-Disclosure-on-WAC510-PSV-2018-0635", + "url": "https://kb.netgear.com/000060982/Security-Advisory-for-Sensitive-Information-Disclosure-on-WAC510-PSV-2018-0635" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:L/A:N/C:H/I:H/PR:L/S:C/UI:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20742.json b/2019/20xxx/CVE-2019-20742.json index facca62245d..4e5015f0f4c 100644 --- a/2019/20xxx/CVE-2019-20742.json +++ b/2019/20xxx/CVE-2019-20742.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20742", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20742", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000060981/Security-Advisory-for-Stored-Cross-Site-Scripting-on-WAC510-PSV-2018-0627", + "url": "https://kb.netgear.com/000060981/Security-Advisory-for-Stored-Cross-Site-Scripting-on-WAC510-PSV-2018-0627" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20743.json b/2019/20xxx/CVE-2019-20743.json index d48cff7e76d..92d8d94b141 100644 --- a/2019/20xxx/CVE-2019-20743.json +++ b/2019/20xxx/CVE-2019-20743.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-20743", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-20743", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://kb.netgear.com/000060980/Security-Advisory-for-Stored-Cross-Site-Scripting-on-WAC510-PSV-2018-0626", + "url": "https://kb.netgear.com/000060980/Security-Advisory-for-Stored-Cross-Site-Scripting-on-WAC510-PSV-2018-0626" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/11xxx/CVE-2020-11811.json b/2020/11xxx/CVE-2020-11811.json index 05374678f19..3b7c4cf82ef 100644 --- a/2020/11xxx/CVE-2020-11811.json +++ b/2020/11xxx/CVE-2020-11811.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11811", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11811", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management.html", + "url": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management.html" } ] } diff --git a/2020/11xxx/CVE-2020-11812.json b/2020/11xxx/CVE-2020-11812.json index 9ea18a58d6c..8b0ca6ed26a 100644 --- a/2020/11xxx/CVE-2020-11812.json +++ b/2020/11xxx/CVE-2020-11812.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11812", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11812", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html", + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters0value.html" + }, + { + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html", + "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-filters1value.html" } ] } diff --git a/2020/11xxx/CVE-2020-11813.json b/2020/11xxx/CVE-2020-11813.json index f901e119ab1..04cee0f08a1 100644 --- a/2020/11xxx/CVE-2020-11813.json +++ b/2020/11xxx/CVE-2020-11813.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11813", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11813", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the configuration page via the copyright text input. Thus, an attacker can inject a malicious script to steal all users' valuable data. This copyright text is on every page so this attack vector can be very dangerous." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-stored-xss.html", + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-stored-xss.html" } ] } diff --git a/2020/11xxx/CVE-2020-11814.json b/2020/11xxx/CVE-2020-11814.json index 328720d7712..fd04b02459a 100644 --- a/2020/11xxx/CVE-2020-11814.json +++ b/2020/11xxx/CVE-2020-11814.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11814", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11814", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management_11.html", + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management_11.html" } ] } diff --git a/2020/11xxx/CVE-2020-11816.json b/2020/11xxx/CVE-2020-11816.json index 4e3588c66d3..cd005661ed6 100644 --- a/2020/11xxx/CVE-2020-11816.json +++ b/2020/11xxx/CVE-2020-11816.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11816", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11816", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-reportsid-post.html", + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/01/rukovoditel-sql-injection-reportsid-post.html" } ] } diff --git a/2020/11xxx/CVE-2020-11823.json b/2020/11xxx/CVE-2020-11823.json index 260353a3c02..f45a0015244 100644 --- a/2020/11xxx/CVE-2020-11823.json +++ b/2020/11xxx/CVE-2020-11823.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11823", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11823", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html", + "url": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html" } ] } diff --git a/2020/11xxx/CVE-2020-11825.json b/2020/11xxx/CVE-2020-11825.json index 56eca745a99..b97cbbfce49 100644 --- a/2020/11xxx/CVE-2020-11825.json +++ b/2020/11xxx/CVE-2020-11825.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11825", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11825", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html", + "url": "https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html" } ] } diff --git a/2020/11xxx/CVE-2020-11826.json b/2020/11xxx/CVE-2020-11826.json index b17286503e8..82ace3bec72 100644 --- a/2020/11xxx/CVE-2020-11826.json +++ b/2020/11xxx/CVE-2020-11826.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11826", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11826", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY table in the memono.sqlite database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fatihhcelik.blogspot.com/2020/02/memono-insecure-data-storage-ios.html", + "refsource": "MISC", + "name": "https://fatihhcelik.blogspot.com/2020/02/memono-insecure-data-storage-ios.html" } ] } diff --git a/2020/3xxx/CVE-2020-3239.json b/2020/3xxx/CVE-2020-3239.json index d9dd3d20c8d..0f8b62c182f 100644 --- a/2020/3xxx/CVE-2020-3239.json +++ b/2020/3xxx/CVE-2020-3239.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-539/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-539/" } ] }, diff --git a/2020/3xxx/CVE-2020-3240.json b/2020/3xxx/CVE-2020-3240.json index 82aa539ae94..d9f550988f3 100644 --- a/2020/3xxx/CVE-2020-3240.json +++ b/2020/3xxx/CVE-2020-3240.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-542/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-542/" } ] }, diff --git a/2020/3xxx/CVE-2020-3243.json b/2020/3xxx/CVE-2020-3243.json index d751b7fa258..dda4853310f 100644 --- a/2020/3xxx/CVE-2020-3243.json +++ b/2020/3xxx/CVE-2020-3243.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-540/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-540/" } ] }, diff --git a/2020/3xxx/CVE-2020-3247.json b/2020/3xxx/CVE-2020-3247.json index a4834f5300e..fb89e6f97b7 100644 --- a/2020/3xxx/CVE-2020-3247.json +++ b/2020/3xxx/CVE-2020-3247.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-541/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-541/" } ] }, diff --git a/2020/3xxx/CVE-2020-3248.json b/2020/3xxx/CVE-2020-3248.json index 1a559699899..cd511e7b0c0 100644 --- a/2020/3xxx/CVE-2020-3248.json +++ b/2020/3xxx/CVE-2020-3248.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-543/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-543/" } ] }, diff --git a/2020/3xxx/CVE-2020-3249.json b/2020/3xxx/CVE-2020-3249.json index 77f1f77b6ba..3515bd7151b 100644 --- a/2020/3xxx/CVE-2020-3249.json +++ b/2020/3xxx/CVE-2020-3249.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-544/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-544/" } ] }, diff --git a/2020/3xxx/CVE-2020-3250.json b/2020/3xxx/CVE-2020-3250.json index 23d048a0684..e29105bd882 100644 --- a/2020/3xxx/CVE-2020-3250.json +++ b/2020/3xxx/CVE-2020-3250.json @@ -71,6 +71,11 @@ "name": "20200415 Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E" + }, + { + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-538/", + "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-538/" } ] }, diff --git a/2020/5xxx/CVE-2020-5260.json b/2020/5xxx/CVE-2020-5260.json index 14f93a1687c..2f997d54b61 100644 --- a/2020/5xxx/CVE-2020-5260.json +++ b/2020/5xxx/CVE-2020-5260.json @@ -135,6 +135,11 @@ "refsource": "MLIST", "name": "[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", "url": "http://www.openwall.com/lists/oss-security/2020/04/15/6" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2020:0524", + "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html" } ] }, diff --git a/2020/7xxx/CVE-2020-7224.json b/2020/7xxx/CVE-2020-7224.json index 95d5f9081c0..a2960042fae 100644 --- a/2020/7xxx/CVE-2020-7224.json +++ b/2020/7xxx/CVE-2020-7224.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://docs.aviatrix.com/#security-bulletin", "url": "https://docs.aviatrix.com/#security-bulletin" + }, + { + "refsource": "MISC", + "name": "https://docs.aviatrix.com/HowTos/security_bulletin_article.html#article-avxsb-00001", + "url": "https://docs.aviatrix.com/HowTos/security_bulletin_article.html#article-avxsb-00001" } ] }