admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 19:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-17 23:01:31 +00:00
parent e5969ecd6c
commit 1467375bb9
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
2019/5xxx/CVE-2019-5024.json
View File

@ -15,11 +15,11 @@
"product": {
"product_data": [
{
"product_name": "SmartLinx Neuron 2",
"product_name": "Capsule Technologies SmartLinx Neuron 2",
"version": {
"version_data": [
{
"version_value": "6.9.1"
"version_value": "9.0.3 or lower"
}
]
}
@ -45,14 +45,9 @@
"references": {
"reference_data": [
{
"refsource": "MISC",
"refsource": "CONFIRM",
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0785",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0785"
},
{
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-196-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-196-01"
}
]
},
@ -60,7 +55,7 @@
"description_data": [
{
"lang": "eng",
"value": "A restricted environment escape vulnerability exists in the \"kiosk mode\" function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running version 6.9.1. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability."
"value": "A restricted environment escape vulnerability exists in the \u201ckiosk mode\u201d function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full administrator access to the underlying operating system. An attacker can connect to the device via USB port with a keyboard or other HID device to trigger this vulnerability."
}
]
}

12
2020/16xxx/CVE-2020-16145.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Roundcube Webmail before 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document."
"value": "Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15."
}
]
},
@ -61,6 +61,16 @@
"refsource": "CONFIRM",
"name": "https://github.com/roundcube/roundcubemail/commit/a71bf2e8d4a64ff2c83fdabc1e8cb0c045a41ef4",
"url": "https://github.com/roundcube/roundcubemail/commit/a71bf2e8d4a64ff2c83fdabc1e8cb0c045a41ef4"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.15",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.15"
},
{
"refsource": "MISC",
"name": "https://github.com/roundcube/roundcubemail/commit/d44ca2308a96576b88d6bf27528964d4fe1a6b8b#diff-d3bb3391c79904494c60ee2ac2f33070",
"url": "https://github.com/roundcube/roundcubemail/commit/d44ca2308a96576b88d6bf27528964d4fe1a6b8b#diff-d3bb3391c79904494c60ee2ac2f33070"
}
]
}