diff --git a/2020/13xxx/CVE-2020-13493.json b/2020/13xxx/CVE-2020-13493.json index 64af8065a7a..3ba2e84dfcd 100644 --- a/2020/13xxx/CVE-2020-13493.json +++ b/2020/13xxx/CVE-2020-13493.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13494.json b/2020/13xxx/CVE-2020-13494.json index c99c1959e32..4de18393910 100644 --- a/2020/13xxx/CVE-2020-13494.json +++ b/2020/13xxx/CVE-2020-13494.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13496.json b/2020/13xxx/CVE-2020-13496.json index 28f77e654ba..5b839fa3a4a 100644 --- a/2020/13xxx/CVE-2020-13496.json +++ b/2020/13xxx/CVE-2020-13496.json @@ -58,5 +58,13 @@ "value": "An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13497.json b/2020/13xxx/CVE-2020-13497.json index 0d7faa20fc7..976569a9462 100644 --- a/2020/13xxx/CVE-2020-13497.json +++ b/2020/13xxx/CVE-2020-13497.json @@ -58,5 +58,13 @@ "value": "An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13498.json b/2020/13xxx/CVE-2020-13498.json index dca1cac8661..b05190db70b 100644 --- a/2020/13xxx/CVE-2020-13498.json +++ b/2020/13xxx/CVE-2020-13498.json @@ -58,5 +58,13 @@ "value": "An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in SdfPath Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13499.json b/2020/13xxx/CVE-2020-13499.json index bed6af2615d..c8aae9fc487 100644 --- a/2020/13xxx/CVE-2020-13499.json +++ b/2020/13xxx/CVE-2020-13499.json @@ -63,5 +63,13 @@ "value": "An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13500.json b/2020/13xxx/CVE-2020-13500.json index 8e6a5b640e2..73ec12ef462 100644 --- a/2020/13xxx/CVE-2020-13500.json +++ b/2020/13xxx/CVE-2020-13500.json @@ -63,5 +63,13 @@ "value": "SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13501.json b/2020/13xxx/CVE-2020-13501.json index d0f9b6fc5c7..bae676bc06a 100644 --- a/2020/13xxx/CVE-2020-13501.json +++ b/2020/13xxx/CVE-2020-13501.json @@ -63,5 +63,13 @@ "value": "An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13509.json b/2020/13xxx/CVE-2020-13509.json index ba8d7d6d5cc..4e42d37ffde 100644 --- a/2020/13xxx/CVE-2020-13509.json +++ b/2020/13xxx/CVE-2020-13509.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) Using the IRP 0x9c4060cc gives a low privilege user direct access to the IN instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability and this access could allow for information leakage of sensitive data." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13510.json b/2020/13xxx/CVE-2020-13510.json index 309b65c2f7e..5161f860292 100644 --- a/2020/13xxx/CVE-2020-13510.json +++ b/2020/13xxx/CVE-2020-13510.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) using the IRP 0x9c4060d0 gives a low privilege user direct access to the IN instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13511.json b/2020/13xxx/CVE-2020-13511.json index d56f864871e..daf775e527d 100644 --- a/2020/13xxx/CVE-2020-13511.json +++ b/2020/13xxx/CVE-2020-13511.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) using the IRP 0x9c4060d4 gives a low privilege user direct access to the IN instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13512.json b/2020/13xxx/CVE-2020-13512.json index f7e05bd110c..ea1fe531606 100644 --- a/2020/13xxx/CVE-2020-13512.json +++ b/2020/13xxx/CVE-2020-13512.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0d8 gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13513.json b/2020/13xxx/CVE-2020-13513.json index adc4583be8c..42474d7a8ed 100644 --- a/2020/13xxx/CVE-2020-13513.json +++ b/2020/13xxx/CVE-2020-13513.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0dc gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13514.json b/2020/13xxx/CVE-2020-13514.json index 01dae01b3c8..34e166de222 100644 --- a/2020/13xxx/CVE-2020-13514.json +++ b/2020/13xxx/CVE-2020-13514.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. Using the IRP 0x9c40a0e0 gives a low privilege user direct access to the OUT instruction that is completely unrestrained at an elevated privilege level. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13515.json b/2020/13xxx/CVE-2020-13515.json index d08498951c8..373f2ee39b6 100644 --- a/2020/13xxx/CVE-2020-13515.json +++ b/2020/13xxx/CVE-2020-13515.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13516.json b/2020/13xxx/CVE-2020-13516.json index 625d2af6192..32c6289158e 100644 --- a/2020/13xxx/CVE-2020-13516.json +++ b/2020/13xxx/CVE-2020-13516.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406144 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13517.json b/2020/13xxx/CVE-2020-13517.json index 96a3c73096f..5b3ab96b400 100644 --- a/2020/13xxx/CVE-2020-13517.json +++ b/2020/13xxx/CVE-2020-13517.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13518.json b/2020/13xxx/CVE-2020-13518.json index d0ba9d5752a..a7917af8835 100644 --- a/2020/13xxx/CVE-2020-13518.json +++ b/2020/13xxx/CVE-2020-13518.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c402084 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13519.json b/2020/13xxx/CVE-2020-13519.json index 4f12ec946e4..e65a31199a8 100644 --- a/2020/13xxx/CVE-2020-13519.json +++ b/2020/13xxx/CVE-2020-13519.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13520.json b/2020/13xxx/CVE-2020-13520.json index 242a41ed158..3c704baa6c5 100644 --- a/2020/13xxx/CVE-2020-13520.json +++ b/2020/13xxx/CVE-2020-13520.json @@ -63,5 +63,13 @@ "value": "An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13522.json b/2020/13xxx/CVE-2020-13522.json index 225aaf2b717..3db59da860a 100644 --- a/2020/13xxx/CVE-2020-13522.json +++ b/2020/13xxx/CVE-2020-13522.json @@ -58,5 +58,13 @@ "value": "An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13523.json b/2020/13xxx/CVE-2020-13523.json index 1be9e2e0b0a..7113ff266f7 100644 --- a/2020/13xxx/CVE-2020-13523.json +++ b/2020/13xxx/CVE-2020-13523.json @@ -58,5 +58,13 @@ "value": "An exploitable information disclosure vulnerability exists in SoftPerfect\u2019s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 3.8, + "baseSeverity": "Low", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13524.json b/2020/13xxx/CVE-2020-13524.json index de2a74e836e..4f5d60b6dee 100644 --- a/2020/13xxx/CVE-2020-13524.json +++ b/2020/13xxx/CVE-2020-13524.json @@ -73,5 +73,13 @@ "value": "An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.3, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13525.json b/2020/13xxx/CVE-2020-13525.json index 6f278182442..2ebe93885cd 100644 --- a/2020/13xxx/CVE-2020-13525.json +++ b/2020/13xxx/CVE-2020-13525.json @@ -58,5 +58,13 @@ "value": "The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13526.json b/2020/13xxx/CVE-2020-13526.json index ca89d9a35b0..79faedec1bd 100644 --- a/2020/13xxx/CVE-2020-13526.json +++ b/2020/13xxx/CVE-2020-13526.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. The reportTables_Ajax and clientSetupAjax pages are vulnerable to SQL injection in the sort parameter.An attacker can make an authenticated HTTP request to trigger these vulnerabilities." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13527.json b/2020/13xxx/CVE-2020-13527.json index f719723d93c..75423bfc16a 100644 --- a/2020/13xxx/CVE-2020-13527.json +++ b/2020/13xxx/CVE-2020-13527.json @@ -58,5 +58,13 @@ "value": "An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause increased privileges. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.8, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13528.json b/2020/13xxx/CVE-2020-13528.json index 6208c4f3829..2f25b3adc5f 100644 --- a/2020/13xxx/CVE-2020-13528.json +++ b/2020/13xxx/CVE-2020-13528.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 3.1, + "baseSeverity": "Low", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13529.json b/2020/13xxx/CVE-2020-13529.json index 70f721ddf8b..0d8b511ba45 100644 --- a/2020/13xxx/CVE-2020-13529.json +++ b/2020/13xxx/CVE-2020-13529.json @@ -88,5 +88,13 @@ "value": "An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.1, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13530.json b/2020/13xxx/CVE-2020-13530.json index 5edc79f36f3..fe8ddc35194 100644 --- a/2020/13xxx/CVE-2020-13530.json +++ b/2020/13xxx/CVE-2020-13530.json @@ -61,5 +61,13 @@ "value": "A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13531.json b/2020/13xxx/CVE-2020-13531.json index 1f0159e9337..b1835adc4f5 100644 --- a/2020/13xxx/CVE-2020-13531.json +++ b/2020/13xxx/CVE-2020-13531.json @@ -58,5 +58,13 @@ "value": "A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13532.json b/2020/13xxx/CVE-2020-13532.json index 2b97e8065c2..bb58c967cf7 100644 --- a/2020/13xxx/CVE-2020-13532.json +++ b/2020/13xxx/CVE-2020-13532.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13533.json b/2020/13xxx/CVE-2020-13533.json index fa6d22c4bf5..07173e50750 100644 --- a/2020/13xxx/CVE-2020-13533.json +++ b/2020/13xxx/CVE-2020-13533.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively \u2018backdoor\u2019 the installation files and escalate privileges when a new user logs in and uses the application." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13534.json b/2020/13xxx/CVE-2020-13534.json index 937eccc43ca..c929eb7d609 100644 --- a/2020/13xxx/CVE-2020-13534.json +++ b/2020/13xxx/CVE-2020-13534.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID), installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13535.json b/2020/13xxx/CVE-2020-13535.json index 895080cf6e5..9cad12afcb0 100644 --- a/2020/13xxx/CVE-2020-13535.json +++ b/2020/13xxx/CVE-2020-13535.json @@ -58,5 +58,13 @@ "value": "A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In its default configuration, an attacker can globally overwrite service configuration to execute arbitrary code with NT SYSTEM privileges." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13536.json b/2020/13xxx/CVE-2020-13536.json index 6f6ac1f04f1..4079754be1c 100644 --- a/2020/13xxx/CVE-2020-13536.json +++ b/2020/13xxx/CVE-2020-13536.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13537.json b/2020/13xxx/CVE-2020-13537.json index 90a41337713..01b83799586 100644 --- a/2020/13xxx/CVE-2020-13537.json +++ b/2020/13xxx/CVE-2020-13537.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority user executes a series of Node.Js scripts to start additional application functionality and among them the mosquitto executable is also run." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13539.json b/2020/13xxx/CVE-2020-13539.json index 72e9e3c4db0..eddd00a4b40 100644 --- a/2020/13xxx/CVE-2020-13539.json +++ b/2020/13xxx/CVE-2020-13539.json @@ -63,5 +63,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via \u201cWIN-911 Mobile Runtime\u201d service. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13540.json b/2020/13xxx/CVE-2020-13540.json index fa57cecb6a8..673845200ea 100644 --- a/2020/13xxx/CVE-2020-13540.json +++ b/2020/13xxx/CVE-2020-13540.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13541.json b/2020/13xxx/CVE-2020-13541.json index d63c4321b98..346e51adcc6 100644 --- a/2020/13xxx/CVE-2020-13541.json +++ b/2020/13xxx/CVE-2020-13541.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files within the installation folder that could lead to local privilege escalation." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.3, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13544.json b/2020/13xxx/CVE-2020-13544.json index c9591144dce..0879c73c36c 100644 --- a/2020/13xxx/CVE-2020-13544.json +++ b/2020/13xxx/CVE-2020-13544.json @@ -58,5 +58,13 @@ "value": "An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021\u2019s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop\u2019s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13545.json b/2020/13xxx/CVE-2020-13545.json index e37cc32389f..967af197e86 100644 --- a/2020/13xxx/CVE-2020-13545.json +++ b/2020/13xxx/CVE-2020-13545.json @@ -58,5 +58,13 @@ "value": "An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021\u2019s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13546.json b/2020/13xxx/CVE-2020-13546.json index f45fb36e58b..0ba00123817 100644 --- a/2020/13xxx/CVE-2020-13546.json +++ b/2020/13xxx/CVE-2020-13546.json @@ -58,5 +58,13 @@ "value": "In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13547.json b/2020/13xxx/CVE-2020-13547.json index 7957ceedc5f..0c5fe0b3a9a 100644 --- a/2020/13xxx/CVE-2020-13547.json +++ b/2020/13xxx/CVE-2020-13547.json @@ -58,5 +58,13 @@ "value": "A type confusion vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13548.json b/2020/13xxx/CVE-2020-13548.json index 2c9241453cb..b322ff6d208 100644 --- a/2020/13xxx/CVE-2020-13548.json +++ b/2020/13xxx/CVE-2020-13548.json @@ -58,5 +58,13 @@ "value": "In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.0, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13549.json b/2020/13xxx/CVE-2020-13549.json index 9830a1770c6..af9cea271a1 100644 --- a/2020/13xxx/CVE-2020-13549.json +++ b/2020/13xxx/CVE-2020-13549.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the service or replace other files within the installation folder, which would allow for local privilege escalation." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13550.json b/2020/13xxx/CVE-2020-13550.json index 327bed4b003..b563f3b5a28 100644 --- a/2020/13xxx/CVE-2020-13550.json +++ b/2020/13xxx/CVE-2020-13550.json @@ -58,5 +58,13 @@ "value": "A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.7, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13551.json b/2020/13xxx/CVE-2020-13551.json index 8c8241b6199..0d6e78e1746 100644 --- a/2020/13xxx/CVE-2020-13551.json +++ b/2020/13xxx/CVE-2020-13551.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13552.json b/2020/13xxx/CVE-2020-13552.json index 0f957b4fdec..67500d29879 100644 --- a/2020/13xxx/CVE-2020-13552.json +++ b/2020/13xxx/CVE-2020-13552.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13553.json b/2020/13xxx/CVE-2020-13553.json index a9c7e72c033..b1410c271b0 100644 --- a/2020/13xxx/CVE-2020-13553.json +++ b/2020/13xxx/CVE-2020-13553.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13554.json b/2020/13xxx/CVE-2020-13554.json index e4cae4ff9af..fd9a592e4f6 100644 --- a/2020/13xxx/CVE-2020-13554.json +++ b/2020/13xxx/CVE-2020-13554.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13555.json b/2020/13xxx/CVE-2020-13555.json index c91361a16f5..f95998fcf28 100644 --- a/2020/13xxx/CVE-2020-13555.json +++ b/2020/13xxx/CVE-2020-13555.json @@ -58,5 +58,13 @@ "value": "An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13556.json b/2020/13xxx/CVE-2020-13556.json index 9e7220b5ea7..5e412c53388 100644 --- a/2020/13xxx/CVE-2020-13556.json +++ b/2020/13xxx/CVE-2020-13556.json @@ -61,5 +61,13 @@ "value": "An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13557.json b/2020/13xxx/CVE-2020-13557.json index 64cdb4a4c37..fcfc57c1e1a 100644 --- a/2020/13xxx/CVE-2020-13557.json +++ b/2020/13xxx/CVE-2020-13557.json @@ -58,5 +58,13 @@ "value": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13558.json b/2020/13xxx/CVE-2020-13558.json index 1d241ebb349..df739952247 100644 --- a/2020/13xxx/CVE-2020-13558.json +++ b/2020/13xxx/CVE-2020-13558.json @@ -63,5 +63,13 @@ "value": "A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13559.json b/2020/13xxx/CVE-2020-13559.json index b9f8a104c27..0dd7a8a1cf5 100644 --- a/2020/13xxx/CVE-2020-13559.json +++ b/2020/13xxx/CVE-2020-13559.json @@ -58,5 +58,13 @@ "value": "A denial-of-service vulnerability exists in the traffic-logging functionality of FreyrSCADA IEC-60879-5-104 Server Simulator 21.04.028. A specially crafted packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.9, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13560.json b/2020/13xxx/CVE-2020-13560.json index 06cbae10d4a..1f5cc619fd5 100644 --- a/2020/13xxx/CVE-2020-13560.json +++ b/2020/13xxx/CVE-2020-13560.json @@ -58,5 +58,13 @@ "value": "A use after free vulnerability exists in the JavaScript engine of Foxit Software\u2019s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13561.json b/2020/13xxx/CVE-2020-13561.json index c63abdf6e04..24455f527e4 100644 --- a/2020/13xxx/CVE-2020-13561.json +++ b/2020/13xxx/CVE-2020-13561.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13562.json b/2020/13xxx/CVE-2020-13562.json index d0aabeb3441..cbb610b48ee 100644 --- a/2020/13xxx/CVE-2020-13562.json +++ b/2020/13xxx/CVE-2020-13562.json @@ -58,5 +58,13 @@ "value": "A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnaerability in the phpGACL template action parameter." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.6, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13563.json b/2020/13xxx/CVE-2020-13563.json index 03fc1a081da..594a6dee5f9 100644 --- a/2020/13xxx/CVE-2020-13563.json +++ b/2020/13xxx/CVE-2020-13563.json @@ -58,5 +58,13 @@ "value": "A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template group_id parameter." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.6, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13564.json b/2020/13xxx/CVE-2020-13564.json index b89553af5ad..f71b11cc42d 100644 --- a/2020/13xxx/CVE-2020-13564.json +++ b/2020/13xxx/CVE-2020-13564.json @@ -58,5 +58,13 @@ "value": "A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template acl_id parameter." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.6, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13565.json b/2020/13xxx/CVE-2020-13565.json index 2fd2ae45832..aab97f754cd 100644 --- a/2020/13xxx/CVE-2020-13565.json +++ b/2020/13xxx/CVE-2020-13565.json @@ -58,5 +58,13 @@ "value": "An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.1, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13566.json b/2020/13xxx/CVE-2020-13566.json index 83dde939bdc..ab498953c80 100644 --- a/2020/13xxx/CVE-2020-13566.json +++ b/2020/13xxx/CVE-2020-13566.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/edit_group.php, when the POST parameter action is \u201cDelete\u201d, the POST parameter delete_group leads to a SQL injection." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13568.json b/2020/13xxx/CVE-2020-13568.json index 6277a01284b..c67816ca519 100644 --- a/2020/13xxx/CVE-2020-13568.json +++ b/2020/13xxx/CVE-2020-13568.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_group.php, when the POST parameter action is \u201cSubmit\u201d, the POST parameter parent_id leads to a SQL injection." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13569.json b/2020/13xxx/CVE-2020-13569.json index 2c4fc426407..5830ee31cde 100644 --- a/2020/13xxx/CVE-2020-13569.json +++ b/2020/13xxx/CVE-2020-13569.json @@ -58,5 +58,13 @@ "value": "A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13570.json b/2020/13xxx/CVE-2020-13570.json index 3ad229a8c09..177f2535b1c 100644 --- a/2020/13xxx/CVE-2020-13570.json +++ b/2020/13xxx/CVE-2020-13570.json @@ -58,5 +58,13 @@ "value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13571.json b/2020/13xxx/CVE-2020-13571.json index 1f577447205..90ea0f418a4 100644 --- a/2020/13xxx/CVE-2020-13571.json +++ b/2020/13xxx/CVE-2020-13571.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13572.json b/2020/13xxx/CVE-2020-13572.json index b1717423b80..8b94018c4da 100644 --- a/2020/13xxx/CVE-2020-13572.json +++ b/2020/13xxx/CVE-2020-13572.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13573.json b/2020/13xxx/CVE-2020-13573.json index 09ede6a28fa..1da25c9bdf8 100644 --- a/2020/13xxx/CVE-2020-13573.json +++ b/2020/13xxx/CVE-2020-13573.json @@ -58,5 +58,13 @@ "value": "A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13574.json b/2020/13xxx/CVE-2020-13574.json index 50479a25568..3688dc27d1b 100644 --- a/2020/13xxx/CVE-2020-13574.json +++ b/2020/13xxx/CVE-2020-13574.json @@ -68,5 +68,13 @@ "value": "A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13575.json b/2020/13xxx/CVE-2020-13575.json index 594b1c09a7d..c130325a3ed 100644 --- a/2020/13xxx/CVE-2020-13575.json +++ b/2020/13xxx/CVE-2020-13575.json @@ -68,5 +68,13 @@ "value": "A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13576.json b/2020/13xxx/CVE-2020-13576.json index f22792e2e05..f0b5a61c898 100644 --- a/2020/13xxx/CVE-2020-13576.json +++ b/2020/13xxx/CVE-2020-13576.json @@ -68,5 +68,13 @@ "value": "A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13577.json b/2020/13xxx/CVE-2020-13577.json index 82a07071baf..a6fc4932e83 100644 --- a/2020/13xxx/CVE-2020-13577.json +++ b/2020/13xxx/CVE-2020-13577.json @@ -68,5 +68,13 @@ "value": "A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13578.json b/2020/13xxx/CVE-2020-13578.json index 04fcc3b92e8..a943843f71e 100644 --- a/2020/13xxx/CVE-2020-13578.json +++ b/2020/13xxx/CVE-2020-13578.json @@ -68,5 +68,13 @@ "value": "A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13579.json b/2020/13xxx/CVE-2020-13579.json index f9484f5fe2a..75f5ad02621 100644 --- a/2020/13xxx/CVE-2020-13579.json +++ b/2020/13xxx/CVE-2020-13579.json @@ -58,5 +58,13 @@ "value": "An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021\u2019s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation. Later when copying data from the file into this allocation, a heap-based buffer overflow will occur which can corrupt memory. These types of memory corruptions can allow for code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13580.json b/2020/13xxx/CVE-2020-13580.json index c7841332c27..66ed1114c82 100644 --- a/2020/13xxx/CVE-2020-13580.json +++ b/2020/13xxx/CVE-2020-13580.json @@ -58,5 +58,13 @@ "value": "An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021\u2019s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to write a 16-bit null relative to a buffer allocated on the stack. Due to a lack of bounds-checking on this value, this can allow an attacker to write to memory outside of the buffer and controllably corrupt memory. This can allow an attacker to earn code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13581.json b/2020/13xxx/CVE-2020-13581.json index e9090a775bf..e1ccb70d2e5 100644 --- a/2020/13xxx/CVE-2020-13581.json +++ b/2020/13xxx/CVE-2020-13581.json @@ -58,5 +58,13 @@ "value": "In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13582.json b/2020/13xxx/CVE-2020-13582.json index e4cdf1fdb61..f6f43217f87 100644 --- a/2020/13xxx/CVE-2020-13582.json +++ b/2020/13xxx/CVE-2020-13582.json @@ -58,5 +58,13 @@ "value": "A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.6, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13583.json b/2020/13xxx/CVE-2020-13583.json index 843023308ae..c4973b3d835 100644 --- a/2020/13xxx/CVE-2020-13583.json +++ b/2020/13xxx/CVE-2020-13583.json @@ -58,5 +58,13 @@ "value": "A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.6, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13585.json b/2020/13xxx/CVE-2020-13585.json index 9ee6b934a5d..4bbf407d6c1 100644 --- a/2020/13xxx/CVE-2020-13585.json +++ b/2020/13xxx/CVE-2020-13585.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13586.json b/2020/13xxx/CVE-2020-13586.json index ec6f50cd21a..d858072a220 100644 --- a/2020/13xxx/CVE-2020-13586.json +++ b/2020/13xxx/CVE-2020-13586.json @@ -58,5 +58,13 @@ "value": "A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13587.json b/2020/13xxx/CVE-2020-13587.json index 12340ea485f..e20334091c9 100644 --- a/2020/13xxx/CVE-2020-13587.json +++ b/2020/13xxx/CVE-2020-13587.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the \"forms_fields_rules/rules\" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13588.json b/2020/13xxx/CVE-2020-13588.json index 7382d5821e7..81858bfb30e 100644 --- a/2020/13xxx/CVE-2020-13588.json +++ b/2020/13xxx/CVE-2020-13588.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the \u2018entities/fields\u2019 page of the Rukovoditel Project Management App 2.7.2. The heading_field_id parameter in \u2018\u2018entities/fields\u2019 page is vulnerable to authenticated SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13589.json b/2020/13xxx/CVE-2020-13589.json index 6990251246d..57f0e7df41a 100644 --- a/2020/13xxx/CVE-2020-13589.json +++ b/2020/13xxx/CVE-2020-13589.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the \u2018entities/fields\u2019 page of the Rukovoditel Project Management App 2.7.2. The entities_id parameter in the 'entities/fields page (mulitple_edit or copy_selected or export function) is vulnerable to authenticated SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13591.json b/2020/13xxx/CVE-2020-13591.json index 39f48fa87c6..2906aea484f 100644 --- a/2020/13xxx/CVE-2020-13591.json +++ b/2020/13xxx/CVE-2020-13591.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the \"access_rules/rules_form\" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/13xxx/CVE-2020-13592.json b/2020/13xxx/CVE-2020-13592.json index c005a8db8bf..dd9979fab3c 100644 --- a/2020/13xxx/CVE-2020-13592.json +++ b/2020/13xxx/CVE-2020-13592.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \"global_lists/choices\" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery." } ] + }, + "impact": { + "cvss": { + "baseScore": 5.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27226.json b/2020/27xxx/CVE-2020-27226.json index 055102506e2..c888b0b14e3 100644 --- a/2020/27xxx/CVE-2020-27226.json +++ b/2020/27xxx/CVE-2020-27226.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018quickFile.jsp\u2019 page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27227.json b/2020/27xxx/CVE-2020-27227.json index 88efdf21442..8d0410b104a 100644 --- a/2020/27xxx/CVE-2020-27227.json +++ b/2020/27xxx/CVE-2020-27227.json @@ -58,5 +58,13 @@ "value": "An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and compromise underlying operating system." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27228.json b/2020/27xxx/CVE-2020-27228.json index 2d62ece5a2f..06c65c3e326 100644 --- a/2020/27xxx/CVE-2020-27228.json +++ b/2020/27xxx/CVE-2020-27228.json @@ -58,5 +58,13 @@ "value": "An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a file to exploit this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27229.json b/2020/27xxx/CVE-2020-27229.json index 21ed5190021..0264dd80b03 100644 --- a/2020/27xxx/CVE-2020-27229.json +++ b/2020/27xxx/CVE-2020-27229.json @@ -58,5 +58,13 @@ "value": "A number of exploitable SQL injection vulnerabilities exists in \u2018patientslist.do\u2019 page of OpenClinic GA 5.173.3 application. The findPersonID parameter in \u2018\u2018patientslist.do\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27230.json b/2020/27xxx/CVE-2020-27230.json index d32628db80c..1fe69cb7836 100644 --- a/2020/27xxx/CVE-2020-27230.json +++ b/2020/27xxx/CVE-2020-27230.json @@ -58,5 +58,13 @@ "value": "A number of exploitable SQL injection vulnerabilities exists in \u2018patientslist.do\u2019 page of OpenClinic GA 5.173.3 application. The findSector parameter in \u2018\u2018patientslist.do\u2019 page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27231.json b/2020/27xxx/CVE-2020-27231.json index a736df1f006..1775e732062 100644 --- a/2020/27xxx/CVE-2020-27231.json +++ b/2020/27xxx/CVE-2020-27231.json @@ -58,5 +58,13 @@ "value": "A number of exploitable SQL injection vulnerabilities exists in \u2018patientslist.do\u2019 page of OpenClinic GA 5.173.3 application. The findDistrict parameter in \u2018\u2018patientslist.do\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27232.json b/2020/27xxx/CVE-2020-27232.json index 9805dc26199..66ee3ad018e 100644 --- a/2020/27xxx/CVE-2020-27232.json +++ b/2020/27xxx/CVE-2020-27232.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018manageServiceStocks.jsp\u2019 page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27233.json b/2020/27xxx/CVE-2020-27233.json index 58bb5b2b426..65402c2f32d 100644 --- a/2020/27xxx/CVE-2020-27233.json +++ b/2020/27xxx/CVE-2020-27233.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3 in the supplierUID parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27234.json b/2020/27xxx/CVE-2020-27234.json index 9367ebab351..12771a22578 100644 --- a/2020/27xxx/CVE-2020-27234.json +++ b/2020/27xxx/CVE-2020-27234.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3 in the serviceUID parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27235.json b/2020/27xxx/CVE-2020-27235.json index 36e29c199a0..5d135c3ddc9 100644 --- a/2020/27xxx/CVE-2020-27235.json +++ b/2020/27xxx/CVE-2020-27235.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3 in the description parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27236.json b/2020/27xxx/CVE-2020-27236.json index f8862c4f9d9..31d48bb0144 100644 --- a/2020/27xxx/CVE-2020-27236.json +++ b/2020/27xxx/CVE-2020-27236.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3 in the compnomenclature parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27237.json b/2020/27xxx/CVE-2020-27237.json index 250952207d8..8cbe04686d7 100644 --- a/2020/27xxx/CVE-2020-27237.json +++ b/2020/27xxx/CVE-2020-27237.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27238.json b/2020/27xxx/CVE-2020-27238.json index fee29dc72fc..e769b3e063e 100644 --- a/2020/27xxx/CVE-2020-27238.json +++ b/2020/27xxx/CVE-2020-27238.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27239.json b/2020/27xxx/CVE-2020-27239.json index 0fc90fe3565..5640889b401 100644 --- a/2020/27xxx/CVE-2020-27239.json +++ b/2020/27xxx/CVE-2020-27239.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27240.json b/2020/27xxx/CVE-2020-27240.json index ba0466ca981..3c099461c19 100644 --- a/2020/27xxx/CVE-2020-27240.json +++ b/2020/27xxx/CVE-2020-27240.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3. The componentStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27241.json b/2020/27xxx/CVE-2020-27241.json index c3d1e9634a3..b72eb2c3757 100644 --- a/2020/27xxx/CVE-2020-27241.json +++ b/2020/27xxx/CVE-2020-27241.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018getAssets.jsp\u2019 page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27242.json b/2020/27xxx/CVE-2020-27242.json index 85e904ef3a2..3bfdec6a12c 100644 --- a/2020/27xxx/CVE-2020-27242.json +++ b/2020/27xxx/CVE-2020-27242.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018listImmoLabels.jsp\u2019 page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the \u2018listImmoLabels.jsp\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27243.json b/2020/27xxx/CVE-2020-27243.json index 3563b1fd8f4..0c6bf8e0050 100644 --- a/2020/27xxx/CVE-2020-27243.json +++ b/2020/27xxx/CVE-2020-27243.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018listImmoLabels.jsp\u2019 page of OpenClinic GA 5.173.3 application. The immoService parameter in the \u2018listImmoLabels.jsp\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27244.json b/2020/27xxx/CVE-2020-27244.json index d73bb90c9fe..23c7706ddb2 100644 --- a/2020/27xxx/CVE-2020-27244.json +++ b/2020/27xxx/CVE-2020-27244.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018listImmoLabels.jsp\u2019 page of OpenClinic GA 5.173.3 application. The immoCode parameter in the \u2018listImmoLabels.jsp\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27245.json b/2020/27xxx/CVE-2020-27245.json index 0cabdf7a3c3..4e3bc6b089e 100644 --- a/2020/27xxx/CVE-2020-27245.json +++ b/2020/27xxx/CVE-2020-27245.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018listImmoLabels.jsp\u2019 page of OpenClinic GA 5.173.3 application. The immoBuyer parameter in the \u2018listImmoLabels.jsp\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27246.json b/2020/27xxx/CVE-2020-27246.json index b5c2c41b570..8ec4ddefe38 100644 --- a/2020/27xxx/CVE-2020-27246.json +++ b/2020/27xxx/CVE-2020-27246.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in \u2018listImmoLabels.jsp\u2019 page of OpenClinic GA 5.173.3 application. The immoComment parameter in the \u2018listImmoLabels.jsp\u2019 page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27247.json b/2020/27xxx/CVE-2020-27247.json index 8e5c981bde8..51baef4002b 100644 --- a/2020/27xxx/CVE-2020-27247.json +++ b/2020/27xxx/CVE-2020-27247.json @@ -58,5 +58,13 @@ "value": "A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0002, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014)." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27248.json b/2020/27xxx/CVE-2020-27248.json index 9814f15b3eb..ce814cb6997 100644 --- a/2020/27xxx/CVE-2020-27248.json +++ b/2020/27xxx/CVE-2020-27248.json @@ -58,5 +58,13 @@ "value": "A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014)." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27249.json b/2020/27xxx/CVE-2020-27249.json index 8f0e20d28cb..8dd11df7faf 100644 --- a/2020/27xxx/CVE-2020-27249.json +++ b/2020/27xxx/CVE-2020-27249.json @@ -58,5 +58,13 @@ "value": "A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0004 and 0x0015, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014)." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27250.json b/2020/27xxx/CVE-2020-27250.json index c30c2345fe3..b47be71ff68 100644 --- a/2020/27xxx/CVE-2020-27250.json +++ b/2020/27xxx/CVE-2020-27250.json @@ -58,5 +58,13 @@ "value": "In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow at Version/Instance 0x0005 and 0x0016. An attacker can entice the victim to open a document to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28587.json b/2020/28xxx/CVE-2020-28587.json index d939304f1ab..efe004bb4b0 100644 --- a/2020/28xxx/CVE-2020-28587.json +++ b/2020/28xxx/CVE-2020-28587.json @@ -58,5 +58,13 @@ "value": "A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014)." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28588.json b/2020/28xxx/CVE-2020-28588.json index 67d6ddd7f43..8b29aa641a4 100644 --- a/2020/28xxx/CVE-2020-28588.json +++ b/2020/28xxx/CVE-2020-28588.json @@ -58,5 +58,13 @@ "value": "An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it\u2019s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.0, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28589.json b/2020/28xxx/CVE-2020-28589.json index 13097bcebad..d02e57ad015 100644 --- a/2020/28xxx/CVE-2020-28589.json +++ b/2020/28xxx/CVE-2020-28589.json @@ -58,5 +58,13 @@ "value": "An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.6, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28590.json b/2020/28xxx/CVE-2020-28590.json index f1d1113c3bb..7687265e6fb 100644 --- a/2020/28xxx/CVE-2020-28590.json +++ b/2020/28xxx/CVE-2020-28590.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.6, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28591.json b/2020/28xxx/CVE-2020-28591.json index c767809cf4d..eb1bf30a928 100644 --- a/2020/28xxx/CVE-2020-28591.json +++ b/2020/28xxx/CVE-2020-28591.json @@ -73,5 +73,13 @@ "value": "An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.6, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28592.json b/2020/28xxx/CVE-2020-28592.json index 521e58da2f0..e79467bc4f1 100644 --- a/2020/28xxx/CVE-2020-28592.json +++ b/2020/28xxx/CVE-2020-28592.json @@ -58,5 +58,13 @@ "value": "A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.1, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28593.json b/2020/28xxx/CVE-2020-28593.json index a5cbc7496da..a81cccdedef 100644 --- a/2020/28xxx/CVE-2020-28593.json +++ b/2020/28xxx/CVE-2020-28593.json @@ -58,5 +58,13 @@ "value": "A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.1, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28594.json b/2020/28xxx/CVE-2020-28594.json index c615c9a2ebf..1ab4036da11 100644 --- a/2020/28xxx/CVE-2020-28594.json +++ b/2020/28xxx/CVE-2020-28594.json @@ -58,5 +58,13 @@ "value": "A use-after-free vulnerability exists in the _3MF_Importer::_handle_end_model() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28595.json b/2020/28xxx/CVE-2020-28595.json index 650823d987e..c2a72802342 100644 --- a/2020/28xxx/CVE-2020-28595.json +++ b/2020/28xxx/CVE-2020-28595.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28597.json b/2020/28xxx/CVE-2020-28597.json index d46616a30ec..74f782f7eba 100644 --- a/2020/28xxx/CVE-2020-28597.json +++ b/2020/28xxx/CVE-2020-28597.json @@ -58,5 +58,13 @@ "value": "A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28598.json b/2020/28xxx/CVE-2020-28598.json index 4bff9ff80dd..5c216cb5b5d 100644 --- a/2020/28xxx/CVE-2020-28598.json +++ b/2020/28xxx/CVE-2020-28598.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28599.json b/2020/28xxx/CVE-2020-28599.json index c1b48fad108..6347add03ce 100644 --- a/2020/28xxx/CVE-2020-28599.json +++ b/2020/28xxx/CVE-2020-28599.json @@ -78,5 +78,13 @@ "value": "A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28600.json b/2020/28xxx/CVE-2020-28600.json index 8ceb6b2b7b0..251d9e439c8 100644 --- a/2020/28xxx/CVE-2020-28600.json +++ b/2020/28xxx/CVE-2020-28600.json @@ -58,5 +58,13 @@ "value": "An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28601.json b/2020/28xxx/CVE-2020-28601.json index 0b222888299..c57054f2b76 100644 --- a/2020/28xxx/CVE-2020-28601.json +++ b/2020/28xxx/CVE-2020-28601.json @@ -73,5 +73,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/28xxx/CVE-2020-28636.json b/2020/28xxx/CVE-2020-28636.json index 51e0143ec60..63658de9dc6 100644 --- a/2020/28xxx/CVE-2020-28636.json +++ b/2020/28xxx/CVE-2020-28636.json @@ -73,5 +73,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/35xxx/CVE-2020-35628.json b/2020/35xxx/CVE-2020-35628.json index 9c2a8f9b147..a3163ae022f 100644 --- a/2020/35xxx/CVE-2020-35628.json +++ b/2020/35xxx/CVE-2020-35628.json @@ -73,5 +73,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/35xxx/CVE-2020-35633.json b/2020/35xxx/CVE-2020-35633.json index 7825c797fbe..fa043f31086 100644 --- a/2020/35xxx/CVE-2020-35633.json +++ b/2020/35xxx/CVE-2020-35633.json @@ -58,5 +58,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/35xxx/CVE-2020-35634.json b/2020/35xxx/CVE-2020-35634.json index 5655719c690..32a1fa6280e 100644 --- a/2020/35xxx/CVE-2020-35634.json +++ b/2020/35xxx/CVE-2020-35634.json @@ -58,5 +58,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/35xxx/CVE-2020-35635.json b/2020/35xxx/CVE-2020-35635.json index 38885f535a5..7562cb58c77 100644 --- a/2020/35xxx/CVE-2020-35635.json +++ b/2020/35xxx/CVE-2020-35635.json @@ -58,5 +58,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/35xxx/CVE-2020-35636.json b/2020/35xxx/CVE-2020-35636.json index 29be185cfac..03edc4e8c30 100644 --- a/2020/35xxx/CVE-2020-35636.json +++ b/2020/35xxx/CVE-2020-35636.json @@ -58,5 +58,13 @@ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6083.json b/2020/6xxx/CVE-2020-6083.json index aac750c2cee..eb5dcd06eb1 100644 --- a/2020/6xxx/CVE-2020-6083.json +++ b/2020/6xxx/CVE-2020-6083.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6084.json b/2020/6xxx/CVE-2020-6084.json index 2159e364782..808db1cd2cf 100644 --- a/2020/6xxx/CVE-2020-6084.json +++ b/2020/6xxx/CVE-2020-6084.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less bytes than required by the Key Format Table." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6085.json b/2020/6xxx/CVE-2020-6085.json index 7b94f8d5fce..dc3d2c9700e 100644 --- a/2020/6xxx/CVE-2020-6085.json +++ b/2020/6xxx/CVE-2020-6085.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability by sending an Electronic Key Segment with less than 0x18 bytes following the Key Format field." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6086.json b/2020/6xxx/CVE-2020-6086.json index 489acf4f646..a8e9c875c5d 100644 --- a/2020/6xxx/CVE-2020-6086.json +++ b/2020/6xxx/CVE-2020-6086.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.If the Simple Segment Sub-Type is supplied, the device treats the byte following as the Data Size in words. When this value represents a size greater than what remains in the packet data, the device enters a fault state where communication with the device is lost and a physical power cycle is required." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6087.json b/2020/6xxx/CVE-2020-6087.json index d525c6b45dd..9568df7d9f1 100644 --- a/2020/6xxx/CVE-2020-6087.json +++ b/2020/6xxx/CVE-2020-6087.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability If the ANSI Extended Symbol Segment Sub-Type is supplied, the device treats the byte following as the Data Size in words. When this value represents a size greater than what remains in the packet data, the device enters a fault state where communication with the device is lost and a physical power cycle is required." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6088.json b/2020/6xxx/CVE-2020-6088.json index eb7a88b1636..0db75a6e7d4 100644 --- a/2020/6xxx/CVE-2020-6088.json +++ b/2020/6xxx/CVE-2020-6088.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6089.json b/2020/6xxx/CVE-2020-6089.json index 49b7c9bdfaa..e4ab4d52f3e 100644 --- a/2020/6xxx/CVE-2020-6089.json +++ b/2020/6xxx/CVE-2020-6089.json @@ -58,5 +58,13 @@ "value": "An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6091.json b/2020/6xxx/CVE-2020-6091.json index 809c2c93c3f..d0f23f69a9d 100644 --- a/2020/6xxx/CVE-2020-6091.json +++ b/2020/6xxx/CVE-2020-6091.json @@ -63,5 +63,13 @@ "value": "An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6092.json b/2020/6xxx/CVE-2020-6092.json index cf8ae140495..a6b5a5e232b 100644 --- a/2020/6xxx/CVE-2020-6092.json +++ b/2020/6xxx/CVE-2020-6092.json @@ -58,5 +58,13 @@ "value": "An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6093.json b/2020/6xxx/CVE-2020-6093.json index 7a81a50fb76..940a8d84793 100644 --- a/2020/6xxx/CVE-2020-6093.json +++ b/2020/6xxx/CVE-2020-6093.json @@ -58,5 +58,13 @@ "value": "An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a malicious file." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.5, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6094.json b/2020/6xxx/CVE-2020-6094.json index 7c6f455e6f8..6b74d63ca1c 100644 --- a/2020/6xxx/CVE-2020-6094.json +++ b/2020/6xxx/CVE-2020-6094.json @@ -58,5 +58,13 @@ "value": "An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6095.json b/2020/6xxx/CVE-2020-6095.json index 03d4004a7da..0a6910dc012 100644 --- a/2020/6xxx/CVE-2020-6095.json +++ b/2020/6xxx/CVE-2020-6095.json @@ -73,5 +73,13 @@ "value": "An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6096.json b/2020/6xxx/CVE-2020-6096.json index d752ffcec84..422e7f9941f 100644 --- a/2020/6xxx/CVE-2020-6096.json +++ b/2020/6xxx/CVE-2020-6096.json @@ -83,5 +83,13 @@ "value": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.1, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6097.json b/2020/6xxx/CVE-2020-6097.json index 96c341c260e..f72a90d1146 100644 --- a/2020/6xxx/CVE-2020-6097.json +++ b/2020/6xxx/CVE-2020-6097.json @@ -68,5 +68,13 @@ "value": "An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert() call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6098.json b/2020/6xxx/CVE-2020-6098.json index e57a4e9b7ce..b7c5235b862 100644 --- a/2020/6xxx/CVE-2020-6098.json +++ b/2020/6xxx/CVE-2020-6098.json @@ -58,5 +58,13 @@ "value": "An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiameter 1.3.2. A specially crafted Diameter request can trigger a memory corruption resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6104.json b/2020/6xxx/CVE-2020-6104.json index 8d1f76b374c..d17a3098fe4 100644 --- a/2020/6xxx/CVE-2020-6104.json +++ b/2020/6xxx/CVE-2020-6104.json @@ -63,5 +63,13 @@ "value": "An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6105.json b/2020/6xxx/CVE-2020-6105.json index 946b4bce597..be11c9132f9 100644 --- a/2020/6xxx/CVE-2020-6105.json +++ b/2020/6xxx/CVE-2020-6105.json @@ -63,5 +63,13 @@ "value": "An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.2, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6106.json b/2020/6xxx/CVE-2020-6106.json index 187ecf268cc..acd4ef7d472 100644 --- a/2020/6xxx/CVE-2020-6106.json +++ b/2020/6xxx/CVE-2020-6106.json @@ -63,5 +63,13 @@ "value": "An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6107.json b/2020/6xxx/CVE-2020-6107.json index 380fbd7c3bb..1ab400f5e90 100644 --- a/2020/6xxx/CVE-2020-6107.json +++ b/2020/6xxx/CVE-2020-6107.json @@ -63,5 +63,13 @@ "value": "An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 4.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6108.json b/2020/6xxx/CVE-2020-6108.json index 880d05eb9c2..91c4231642e 100644 --- a/2020/6xxx/CVE-2020-6108.json +++ b/2020/6xxx/CVE-2020-6108.json @@ -63,5 +63,13 @@ "value": "An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.2, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6109.json b/2020/6xxx/CVE-2020-6109.json index 25cab73d5fd..51cb06a5820 100644 --- a/2020/6xxx/CVE-2020-6109.json +++ b/2020/6xxx/CVE-2020-6109.json @@ -58,5 +58,13 @@ "value": "An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to exploit this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6110.json b/2020/6xxx/CVE-2020-6110.json index c222d686e3f..5540a028d21 100644 --- a/2020/6xxx/CVE-2020-6110.json +++ b/2020/6xxx/CVE-2020-6110.json @@ -58,5 +58,13 @@ "value": "An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to trigger this vulnerability. For the most severe effect, target user interaction is required." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.0, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6111.json b/2020/6xxx/CVE-2020-6111.json index 9e326cfc999..a4a3f48c41d 100644 --- a/2020/6xxx/CVE-2020-6111.json +++ b/2020/6xxx/CVE-2020-6111.json @@ -63,5 +63,13 @@ "value": "An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 7.5, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6112.json b/2020/6xxx/CVE-2020-6112.json index 2d30daaf2c2..53a0ba03b80 100644 --- a/2020/6xxx/CVE-2020-6112.json +++ b/2020/6xxx/CVE-2020-6112.json @@ -58,5 +58,13 @@ "value": "An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.\u2019s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memory corruption. This can result in code execution. A specially crafted image can be embedded inside a PDF and loaded by a victim in order to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6113.json b/2020/6xxx/CVE-2020-6113.json index f55cba59355..ac7d53ec646 100644 --- a/2020/6xxx/CVE-2020-6113.json +++ b/2020/6xxx/CVE-2020-6113.json @@ -58,5 +58,13 @@ "value": "An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.\u2019s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calculating this size, an integer overflow may occur which can result in an undersized buffer being allocated. Later when initializing this buffer, the application can write outside its bounds which can cause a memory corruption that can lead to code execution. A specially crafted document can be delivered to a victim in order to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6114.json b/2020/6xxx/CVE-2020-6114.json index bc1a4fe13b3..8a6f0f45a9d 100644 --- a/2020/6xxx/CVE-2020-6114.json +++ b/2020/6xxx/CVE-2020-6114.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.6, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6115.json b/2020/6xxx/CVE-2020-6115.json index 020b24f7c62..f3361bb105d 100644 --- a/2020/6xxx/CVE-2020-6115.json +++ b/2020/6xxx/CVE-2020-6115.json @@ -58,5 +58,13 @@ "value": "An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.\u2019s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the object\u2019s cross-reference table entry inside a stack variable. If the referenced object identifier is not found, the application may resize the cross-reference table which can change the scope of its entry. Later when the application tries to reference cross-reference entry via the stack variable, the application will access memory belonging to the recently freed table causing a use-after-free condition. A specially crafted document can be delivered by an attacker and loaded by a victim in order to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6116.json b/2020/6xxx/CVE-2020-6116.json index 557de54a95c..1750a8d496f 100644 --- a/2020/6xxx/CVE-2020-6116.json +++ b/2020/6xxx/CVE-2020-6116.json @@ -58,5 +58,13 @@ "value": "An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.\u2019s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors. When using this allocated buffer, the application can write outside its bounds and cause memory corruption which can lead to code execution. A specially crafted document must be loaded by a victim in order to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6117.json b/2020/6xxx/CVE-2020-6117.json index c2188e23420..b770adc1360 100644 --- a/2020/6xxx/CVE-2020-6117.json +++ b/2020/6xxx/CVE-2020-6117.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bday parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6118.json b/2020/6xxx/CVE-2020-6118.json index 39860cb5226..7de7b30cb99 100644 --- a/2020/6xxx/CVE-2020-6118.json +++ b/2020/6xxx/CVE-2020-6118.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The bmonth parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6119.json b/2020/6xxx/CVE-2020-6119.json index 33854a1b82e..aed92c8e94d 100644 --- a/2020/6xxx/CVE-2020-6119.json +++ b/2020/6xxx/CVE-2020-6119.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6120.json b/2020/6xxx/CVE-2020-6120.json index cf897fb989f..7985b43fa21 100644 --- a/2020/6xxx/CVE-2020-6120.json +++ b/2020/6xxx/CVE-2020-6120.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The fn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6121.json b/2020/6xxx/CVE-2020-6121.json index d94add87619..0d251af167d 100644 --- a/2020/6xxx/CVE-2020-6121.json +++ b/2020/6xxx/CVE-2020-6121.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ln parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6122.json b/2020/6xxx/CVE-2020-6122.json index 96ab314b96f..c4476eda3e0 100644 --- a/2020/6xxx/CVE-2020-6122.json +++ b/2020/6xxx/CVE-2020-6122.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The mn parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6123.json b/2020/6xxx/CVE-2020-6123.json index bde7771ea22..00d3c236046 100644 --- a/2020/6xxx/CVE-2020-6123.json +++ b/2020/6xxx/CVE-2020-6123.json @@ -58,5 +58,13 @@ "value": "An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheck.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6124.json b/2020/6xxx/CVE-2020-6124.json index 859ad3e8c36..1e584e3ea7b 100644 --- a/2020/6xxx/CVE-2020-6124.json +++ b/2020/6xxx/CVE-2020-6124.json @@ -58,5 +58,13 @@ "value": "An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. The email parameter in the page EmailCheckOthers.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6125.json b/2020/6xxx/CVE-2020-6125.json index e270c6585e5..d04bccec3b0 100644 --- a/2020/6xxx/CVE-2020-6125.json +++ b/2020/6xxx/CVE-2020-6125.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6126.json b/2020/6xxx/CVE-2020-6126.json index 8453bfbe96f..803545b3c77 100644 --- a/2020/6xxx/CVE-2020-6126.json +++ b/2020/6xxx/CVE-2020-6126.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The course_period_id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6127.json b/2020/6xxx/CVE-2020-6127.json index 83e94ab688a..6c0a0cb32ee 100644 --- a/2020/6xxx/CVE-2020-6127.json +++ b/2020/6xxx/CVE-2020-6127.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6128.json b/2020/6xxx/CVE-2020-6128.json index 07b31f64429..73d64d9a67c 100644 --- a/2020/6xxx/CVE-2020-6128.json +++ b/2020/6xxx/CVE-2020-6128.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. The meet_date parameter in the page CoursePeriodModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6129.json b/2020/6xxx/CVE-2020-6129.json index 10338a9f84f..75dd3b73834 100644 --- a/2020/6xxx/CVE-2020-6129.json +++ b/2020/6xxx/CVE-2020-6129.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages. The course_period_id parameter in the page CpSessionSet.php is vulnerable to SQL injection.An attacker can make an authenticated HTTP request to trigger these vulnerabilities." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6130.json b/2020/6xxx/CVE-2020-6130.json index bee106520a4..0c43a3c68cb 100644 --- a/2020/6xxx/CVE-2020-6130.json +++ b/2020/6xxx/CVE-2020-6130.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages. The course_period_id parameter in the page MassDropSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6131.json b/2020/6xxx/CVE-2020-6131.json index aae8f3efca7..7be7995109d 100644 --- a/2020/6xxx/CVE-2020-6131.json +++ b/2020/6xxx/CVE-2020-6131.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages. The course_period_id parameter in the page MassScheduleSessionSet.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6132.json b/2020/6xxx/CVE-2020-6132.json index 7633c71e6cc..da73cb24b2d 100644 --- a/2020/6xxx/CVE-2020-6132.json +++ b/2020/6xxx/CVE-2020-6132.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page ChooseCP.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6133.json b/2020/6xxx/CVE-2020-6133.json index 381bb59403c..e5cc57f836f 100644 --- a/2020/6xxx/CVE-2020-6133.json +++ b/2020/6xxx/CVE-2020-6133.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page CourseMoreInfo.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6134.json b/2020/6xxx/CVE-2020-6134.json index 4f63027cdc3..2ed33c29484 100644 --- a/2020/6xxx/CVE-2020-6134.json +++ b/2020/6xxx/CVE-2020-6134.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter in the page MassDropModal.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6135.json b/2020/6xxx/CVE-2020-6135.json index 2fc931ca0b0..6233fb9ac7a 100644 --- a/2020/6xxx/CVE-2020-6135.json +++ b/2020/6xxx/CVE-2020-6135.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6136.json b/2020/6xxx/CVE-2020-6136.json index 8f94e5737ef..3dd44ccebe4 100644 --- a/2020/6xxx/CVE-2020-6136.json +++ b/2020/6xxx/CVE-2020-6136.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6137.json b/2020/6xxx/CVE-2020-6137.json index 36f7b4717cf..4dddc6afcee 100644 --- a/2020/6xxx/CVE-2020-6137.json +++ b/2020/6xxx/CVE-2020-6137.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6138.json b/2020/6xxx/CVE-2020-6138.json index c8d3358c11d..90bc242fe38 100644 --- a/2020/6xxx/CVE-2020-6138.json +++ b/2020/6xxx/CVE-2020-6138.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6139.json b/2020/6xxx/CVE-2020-6139.json index 7a3c356852b..fbff3bda209 100644 --- a/2020/6xxx/CVE-2020-6139.json +++ b/2020/6xxx/CVE-2020-6139.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6140.json b/2020/6xxx/CVE-2020-6140.json index bc431e9d16f..1d8c7ffd411 100644 --- a/2020/6xxx/CVE-2020-6140.json +++ b/2020/6xxx/CVE-2020-6140.json @@ -58,5 +58,13 @@ "value": "SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6141.json b/2020/6xxx/CVE-2020-6141.json index 5cebe396128..75e0bee6f84 100644 --- a/2020/6xxx/CVE-2020-6141.json +++ b/2020/6xxx/CVE-2020-6141.json @@ -58,5 +58,13 @@ "value": "An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6142.json b/2020/6xxx/CVE-2020-6142.json index 48826f74dac..269dde16e9d 100644 --- a/2020/6xxx/CVE-2020-6142.json +++ b/2020/6xxx/CVE-2020-6142.json @@ -58,5 +58,13 @@ "value": "A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.9, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6143.json b/2020/6xxx/CVE-2020-6143.json index 948c0d67045..2483a491135 100644 --- a/2020/6xxx/CVE-2020-6143.json +++ b/2020/6xxx/CVE-2020-6143.json @@ -58,5 +58,13 @@ "value": "A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6144.json b/2020/6xxx/CVE-2020-6144.json index f9fdfc0c3cb..885b8eb0127 100644 --- a/2020/6xxx/CVE-2020-6144.json +++ b/2020/6xxx/CVE-2020-6144.json @@ -58,5 +58,13 @@ "value": "A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 10.0, + "baseSeverity": null, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6145.json b/2020/6xxx/CVE-2020-6145.json index 44dfd94b2a1..f494f5d9b8d 100644 --- a/2020/6xxx/CVE-2020-6145.json +++ b/2020/6xxx/CVE-2020-6145.json @@ -58,5 +58,13 @@ "value": "An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 6.4, + "baseSeverity": "Medium", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6146.json b/2020/6xxx/CVE-2020-6146.json index 5c1f4de942a..2e16cfd9ecc 100644 --- a/2020/6xxx/CVE-2020-6146.json +++ b/2020/6xxx/CVE-2020-6146.json @@ -58,5 +58,13 @@ "value": "An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Due to the object member being a buffer of a static size allocated on the heap, this can result in a heap-based buffer overflow. A specially crafted document must be loaded by a victim in order to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6147.json b/2020/6xxx/CVE-2020-6147.json index 3014776538e..43766d5df39 100644 --- a/2020/6xxx/CVE-2020-6147.json +++ b/2020/6xxx/CVE-2020-6147.json @@ -63,5 +63,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6148.json b/2020/6xxx/CVE-2020-6148.json index cbf6c580a8c..d419278c6b8 100644 --- a/2020/6xxx/CVE-2020-6148.json +++ b/2020/6xxx/CVE-2020-6148.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6149.json b/2020/6xxx/CVE-2020-6149.json index 7b6929cfb75..8a31c653973 100644 --- a/2020/6xxx/CVE-2020-6149.json +++ b/2020/6xxx/CVE-2020-6149.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6150.json b/2020/6xxx/CVE-2020-6150.json index 7be3b83bcd6..ae23ec91fab 100644 --- a/2020/6xxx/CVE-2020-6150.json +++ b/2020/6xxx/CVE-2020-6150.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6151.json b/2020/6xxx/CVE-2020-6151.json index 1a990d592fb..124de9a38e2 100644 --- a/2020/6xxx/CVE-2020-6151.json +++ b/2020/6xxx/CVE-2020-6151.json @@ -58,5 +58,13 @@ "value": "A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.1, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6152.json b/2020/6xxx/CVE-2020-6152.json index f281072f574..9dc248b7476 100644 --- a/2020/6xxx/CVE-2020-6152.json +++ b/2020/6xxx/CVE-2020-6152.json @@ -58,5 +58,13 @@ "value": "A code execution vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause an out-of-bounds write. An attacker can trigger this vulnerability by providing a victim with a malicious DICOM file." } ] + }, + "impact": { + "cvss": { + "baseScore": 9.8, + "baseSeverity": "Critical", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6155.json b/2020/6xxx/CVE-2020-6155.json index 86fa3e5d104..56616c66b31 100644 --- a/2020/6xxx/CVE-2020-6155.json +++ b/2020/6xxx/CVE-2020-6155.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6156.json b/2020/6xxx/CVE-2020-6156.json index 295d50f8d29..d6bb43c0581 100644 --- a/2020/6xxx/CVE-2020-6156.json +++ b/2020/6xxx/CVE-2020-6156.json @@ -58,5 +58,13 @@ "value": "A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index." } ] + }, + "impact": { + "cvss": { + "baseScore": 8.8, + "baseSeverity": "High", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } } } \ No newline at end of file