admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-10-29 16:01:54 +00:00
parent 1ec3484f8a
commit 01439d95b5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
31 changed files with 977 additions and 548 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/11xxx/CVE-2019-11556.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://pagure.io/pagure/c/31a0d2950ed409550074ca52ba492f9b87ec3318?branch=ab39e95ed4dc8367e5e146e6d9a9fa6925b75618",
"url": "https://pagure.io/pagure/c/31a0d2950ed409550074ca52ba492f9b87ec3318?branch=ab39e95ed4dc8367e5e146e6d9a9fa6925b75618"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1765",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00066.html"
}
]
}

172
2019/4xxx/CVE-2019-4547.json
View File

@ -1,90 +1,90 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6356607",
"name" : "https://www.ibm.com/support/pages/node/6356607",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6356607 (Security Directory Server)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/165949",
"name" : "ibm-sds-cve20194547-info-disc (165949)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
},
"product_name" : "Security Directory Server"
}
]
}
"value": "IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.",
"lang": "eng"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356607",
"name": "https://www.ibm.com/support/pages/node/6356607",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6356607 (Security Directory Server)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165949",
"name": "ibm-sds-cve20194547-info-disc (165949)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "6.4.0"
}
]
},
"product_name": "Security Directory Server"
}
]
}
}
]
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"PR" : "N",
"SCORE" : "5.300",
"AC" : "L",
"A" : "N",
"UI" : "N",
"S" : "U",
"I" : "N",
"AV" : "N",
"C" : "L"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-10-28T00:00:00",
"ID" : "CVE-2019-4547"
},
"data_type" : "CVE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"PR": "N",
"SCORE": "5.300",
"AC": "L",
"A": "N",
"UI": "N",
"S": "U",
"I": "N",
"AV": "N",
"C": "L"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-10-28T00:00:00",
"ID": "CVE-2019-4547"
},
"data_type": "CVE"
}

172
2019/4xxx/CVE-2019-4563.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6356607 (Security Directory Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6356607",
"name" : "https://www.ibm.com/support/pages/node/6356607"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sds-cve20194563-info-disc (166624)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/166624"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Directory Server",
"version" : {
"version_data" : [
{
"version_value" : "6.4.0"
}
]
}
}
]
}
"title": "IBM Security Bulletin 6356607 (Security Directory Server)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6356607",
"name": "https://www.ibm.com/support/pages/node/6356607"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-sds-cve20194563-info-disc (166624)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/166624"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 166624."
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"I" : "N",
"AV" : "N",
"C" : "L",
"A" : "N",
"UI" : "N",
"AC" : "H",
"S" : "U",
"PR" : "N",
"SCORE" : "3.700"
}
}
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-10-28T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2019-4563"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Directory Server",
"version": {
"version_data": [
{
"version_value": "6.4.0"
}
]
}
}
]
}
}
]
}
]
}
}
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 166624."
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"I": "N",
"AV": "N",
"C": "L",
"A": "N",
"UI": "N",
"AC": "H",
"S": "U",
"PR": "N",
"SCORE": "3.700"
}
}
},
"data_format": "MITRE",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2019-4563"
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

5
2020/15xxx/CVE-2020-15190.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/da8558533d925694483d2c136a9220d6d49d843c",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/da8558533d925694483d2c136a9220d6d49d843c"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15191.json
View File

@ -94,6 +94,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15192.json
View File

@ -86,6 +86,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15193.json
View File

@ -86,6 +86,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15194.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15195.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15202.json
View File

@ -108,6 +108,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15203.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15204.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/9a133d73ae4b4664d22bd1aa6d654fec13c52ee1",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/9a133d73ae4b4664d22bd1aa6d654fec13c52ee1"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15205.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/0462de5b544ed4731aa2fb23946ac22c01856b80",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/0462de5b544ed4731aa2fb23946ac22c01856b80"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15206.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/adf095206f25471e864a8e63a0f1caef53a0e3a6",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/adf095206f25471e864a8e63a0f1caef53a0e3a6"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15207.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/2d88f470dea2671b430884260f3626b1fe99830a",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/2d88f470dea2671b430884260f3626b1fe99830a"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15208.json
View File

@ -103,6 +103,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/8ee24e7949a203d234489f9da2c5bf45a7d5157d",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/8ee24e7949a203d234489f9da2c5bf45a7d5157d"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15209.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15210.json
View File

@ -95,6 +95,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/d58c96946b2880991d63d1dacacb32f0a4dfa453",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/d58c96946b2880991d63d1dacacb32f0a4dfa453"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

5
2020/15xxx/CVE-2020-15211.json
View File

@ -128,6 +128,11 @@
"name": "https://github.com/tensorflow/tensorflow/commit/fff2c8326280c07733828f990548979bdc893859",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/fff2c8326280c07733828f990548979bdc893859"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1766",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html"
}
]
},

62
2020/27xxx/CVE-2020-27993.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/exploits/48920",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/48920"
}
]
}
}

18
2020/27xxx/CVE-2020-27994.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27994",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

180
2020/4xxx/CVE-2020-4721.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-10-28T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4721"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"AC" : "L",
"UI" : "R",
"S" : "U",
"PR" : "N",
"SCORE" : "7.800",
"I" : "H",
"AV" : "L",
"C" : "H"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "i2 Analyst Notebook",
"version" : {
"version_data" : [
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6356497",
"name" : "https://www.ibm.com/support/pages/node/6356497",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6356497 (i2 Analyst Notebook)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-i2-cve20204721-bo (187868)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/187868"
}
]
}
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4721"
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "L",
"UI": "R",
"S": "U",
"PR": "N",
"SCORE": "7.800",
"I": "H",
"AV": "L",
"C": "H"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "i2 Analyst Notebook",
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-i2-cve20204721-bo (187868)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187868"
}
]
}
}

182
2020/4xxx/CVE-2020-4722.json
View File

@ -1,93 +1,93 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"C" : "H",
"AV" : "L",
"I" : "H",
"SCORE" : "7.800",
"PR" : "N",
"S" : "U",
"UI" : "R",
"A" : "H",
"AC" : "L"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"CVE_data_meta" : {
"ID" : "CVE-2020-4722",
"DATE_PUBLIC" : "2020-10-28T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6356497",
"name" : "https://www.ibm.com/support/pages/node/6356497",
"title" : "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/187870",
"name" : "ibm-i2-cve20204722-bo (187870)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "i2 Analyst Notebook",
"version" : {
"version_data" : [
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.0"
}
]
}
}
]
}
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"C": "H",
"AV": "L",
"I": "H",
"SCORE": "7.800",
"PR": "N",
"S": "U",
"UI": "R",
"A": "H",
"AC": "L"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.",
"lang" : "eng"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"CVE_data_meta": {
"ID": "CVE-2020-4722",
"DATE_PUBLIC": "2020-10-28T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187870",
"name": "ibm-i2-cve20204722-bo (187870)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "i2 Analyst Notebook",
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.",
"lang": "eng"
}
]
}
}

178
2020/4xxx/CVE-2020-4723.json
View File

@ -1,93 +1,93 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.0"
}
]
},
"product_name" : "i2 Analyst Notebook"
}
]
}
"value": "IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.",
"lang": "eng"
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6356497",
"name" : "https://www.ibm.com/support/pages/node/6356497",
"title" : "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-i2-cve20204723-bo (187873)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/187873"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.0"
}
]
},
"product_name": "i2 Analyst Notebook"
}
]
}
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4723",
"DATE_PUBLIC" : "2020-10-28T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"PR" : "N",
"SCORE" : "7.800",
"AC" : "L",
"A" : "H",
"UI" : "R",
"S" : "U",
"I" : "H",
"C" : "H",
"AV" : "L"
}
}
},
"data_format" : "MITRE"
}
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6356497",
"name": "https://www.ibm.com/support/pages/node/6356497",
"title": "IBM Security Bulletin 6356497 (i2 Analyst Notebook)",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-i2-cve20204723-bo (187873)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187873"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"ID": "CVE-2020-4723",
"DATE_PUBLIC": "2020-10-28T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"PR": "N",
"SCORE": "7.800",
"AC": "L",
"A": "H",
"UI": "R",
"S": "U",
"I": "H",
"C": "H",
"AV": "L"
}
}
},
"data_format": "MITRE"
}

176
2020/4xxx/CVE-2020-4864.json
View File

@ -1,90 +1,90 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "A",
"C" : "N",
"I" : "L",
"S" : "U",
"A" : "N",
"AC" : "L",
"UI" : "N",
"SCORE" : "4.300",
"PR" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"CVE_data_meta" : {
"ID" : "CVE-2020-4864",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-10-28T00:00:00"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Bypass Security",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6356441 (Resilient OnPrem)",
"name" : "https://www.ibm.com/support/pages/node/6356441",
"url" : "https://www.ibm.com/support/pages/node/6356441"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-resilient-cve20204864-spoofing (190567)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/190567"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Resilient OnPrem",
"version" : {
"version_data" : [
{
"version_value" : "38"
}
]
}
}
]
},
"vendor_name" : "IBM"
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"AV": "A",
"C": "N",
"I": "L",
"S": "U",
"A": "N",
"AC": "L",
"UI": "N",
"SCORE": "4.300",
"PR": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.",
"lang" : "eng"
}
]
}
}
}
},
"CVE_data_meta": {
"ID": "CVE-2020-4864",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-10-28T00:00:00"
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Bypass Security",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6356441 (Resilient OnPrem)",
"name": "https://www.ibm.com/support/pages/node/6356441",
"url": "https://www.ibm.com/support/pages/node/6356441"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-resilient-cve20204864-spoofing (190567)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190567"
}
]
},
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Resilient OnPrem",
"version": {
"version_data": [
{
"version_value": "38"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.",
"lang": "eng"
}
]
}
}

50
2020/5xxx/CVE-2020-5931.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5931",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, 11.6.1-11.6.5.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K25400442",
"url": "https://support.f5.com/csp/article/K25400442"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, Virtual servers with a OneConnect profile may incorrectly handle WebSockets related HTTP response headers, causing TMM to restart."
}
]
}

50
2020/5xxx/CVE-2020-5932.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5932",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP ASM",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K12002065",
"url": "https://support.f5.com/csp/article/K12002065"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened."
}
]
}

50
2020/5xxx/CVE-2020-5933.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5933",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, 11.6.1-11.6.5.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K26244025",
"url": "https://support.f5.com/csp/article/K26244025"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system."
}
]
}

50
2020/5xxx/CVE-2020-5934.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5934",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP APM",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K44808538",
"url": "https://support.f5.com/csp/article/K44808538"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted."
}
]
}

50
2020/5xxx/CVE-2020-5935.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5935",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM)",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K62830532",
"url": "https://support.f5.com/csp/article/K62830532"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when handling MQTT traffic through a BIG-IP virtual server associated with an MQTT profile and an iRule performing manipulations on that traffic, TMM may produce a core file."
}
]
}

50
2020/5xxx/CVE-2020-5936.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5936",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP LTM",
"version": {
"version_data": [
{
"version_value": "15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K44020030",
"url": "https://support.f5.com/csp/article/K44020030"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile."
}
]
}